The Cybersecurity and Infrastructure Security Agency (CISA) released four significant Industrial Control Systems (ICS) advisories, drawing attention to potential security risks and vulnerabilities affecting various industrial control equipment. These advisories underscore the imperative for prompt action to mitigate these threats,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Windows Zero-Day Vulnerability Exposes NTLM Credentials – Unofficial Patch Available
A new zero-day vulnerability has been discovered in Windows, impacting all versions from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2025. This vulnerability allows attackers to obtain NTLM credentials by tricking users into…
Malicious AI Tools See 200% Surge as ChatGPT Jailbreaking Talks Increase by 52%
The cybersecurity landscape in 2024 witnessed a significant escalation in AI-related threats, with malicious actors increasingly targeting and exploiting large language models (LLMs). According to KELA’s annual “State of Cybercrime” report, discussions about exploiting popular LLMs such as ChatGPT, Copilot,…
Cybercriminals Bypass Security Using Legitimate Tools & Browser Extensions to Deliver Malware
In the second half of 2024, cybercriminals have increasingly leveraged legitimate Microsoft tools and browser extensions to bypass security measures and deliver malware, according to Ontinue’s latest Threat Intelligence Report. Threat actors are exploiting built-in Microsoft features like Quick Assist…
New Phishing Campaign Targets Mac Users to Steal Login Credentials
A sophisticated phishing campaign, recently identified by LayerX Labs, has shifted its focus from Windows users to Mac users in response to enhanced security measures implemented by major browsers. Initially, this campaign targeted Windows users by masquerading as Microsoft security…
IDT Corporation Partners with AccuKnox for Zero Trust Runtime IoT/Edge Security
Menlo Park, United States, March 25th, 2025, CyberNewsWire FinTech and Communications Leader, IDT Corporation partners with AccuKnox to deploy runtime security-powered CNAPP (Cloud Native Application Protection Platform) for IoT/Edge Security. AccuKnox, Inc., announced that Telecom and FinTech Leader IDT Corporation has partnered with AccuKnox…
ARACNE: LLM-Powered Pentesting Agent Executes Commands on Real Linux Shell Systems
Researchers have introduced ARACNE, a fully autonomous Large Language Model (LLM)-based pentesting agent designed to interact with SSH services on real Linux shell systems. ARACNE is engineered to execute commands autonomously, marking a significant advancement in the automation of cybersecurity…
Researchers Compare Malware Development in Rust vs C and C++
Security researcher Nick Cerne from Bishop Fox has published findings comparing malware development in Rust versus traditional C/C++ languages. The research demonstrates how Rust provides inherent anti-analysis features that make malware more difficult to reverse engineer. According to Cerne’s analysis,…
Banking Malware Infects 248,000 Mobile Users Through Social Engineering Techniques
In 2024, the number of users affected by mobile banking malware skyrocketed to nearly 248,000, a staggering 3.6-fold increase from the previous year’s 69,000 affected users. This dramatic rise in malicious activity was particularly pronounced in the latter half of…
Active Roles Secures 2025 Cybersecurity Excellence Award for Hybrid AD Protection
Alisa Viejo, United States, March 25th, 2025, CyberNewsWire One Identity, a leader in unified identity security, today announced that One Identity Active Roles has been named a winner in the Hybrid Active Directory Protection category of the 2025 Cybersecurity Excellence Awards. This…
Gartner Names CYREBRO in Emerging Tech Report for Detection & Response Startups
Ramat Gan, Israel, March 25th, 2025, CyberNewsWire CYREBRO, the AI-native Managed Detection and Response (MDR), today announced its recognition as a leading detection and response startup in the Gartner report, Emerging Tech: Techscape for Detection and Response Startups. This acknowledgment…
ARMO Unveils First Cloud App Detection & Response Solution for Seamless Code-to-Cloud Security
Tel Aviv, Israel, March 25th, 2025, CyberNewsWire ARMO CADR minimizes the cloud attack surface, detects and responds to unknown and known cyberattacks while ensuring business continuity, combining the power of CDR and ADR solutions ARMO, the leading Cloud Runtime Security company…
New Phishing Attack Uses Browser-in-the-Browser Technique to Target Gamers
A sophisticated phishing campaign has been uncovered by Silent Push threat analysts, employing the browser-in-the-browser (BitB) technique to target gamers, particularly those playing Counter-Strike 2 on the Steam platform. This campaign involves creating fake but realistic browser pop-up windows that…
Malicious VS Code Extensions Target Developers with ShibaCoin Ransomware
Researchers from Reversing Labs have identified two malicious Visual Studio Code (VS Code) extensions that are distributing ransomware to unsuspecting developers. The extensions, named “ahban.shiba” and “ahban.cychelloworld,” are currently under development and pose a significant threat to users who install…
New Specter Insight C2 Tool Fuels ClickFix-Based Hacking Campaigns
A recent cybersecurity investigation has uncovered a previously unidentified Command and Control (C2) framework, dubbed Specter Insight C2. This discovery was made by a team of researchers who have been analyzing recent hacking campaigns, including those utilizing ClickFix tactics, as per a report…
Security Onion 24.10 Released: Everything You Need to Know
Security Onion, a widely used open-source platform for network security monitoring, has recently released Security Onion 2.4.140. This latest update focuses on enhancing key components such as Suricata and Zeek, offering improved security and functionality to its users. Below is…
Microsoft Introduces Security Copilot Agents with Enhanced AI Protections
Microsoft has launched an expanded version of its Security Copilot platform, now equipped with advanced AI agents. These agents are designed to autonomously handle critical security tasks such as phishing detection, data security, and identity management, revolutionizing how organizations protect…
NIST Facing Challenges in Managing CVE Backlog in National Database
The National Institute of Standards and Technology (NIST) recently issued an update on its efforts to manage the backlog of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD). While NIST has regained its pre-summer 2024 processing speed…
Beware Developers – Fake Coding Challenges Will Deploy FogDoor on Your System
A sophisticated malware campaign has been uncovered by Cyble, targeting Polish-speaking developers with fake coding challenges. This campaign, known as “FizzBuzz to FogDoor,” exploits job seekers by disguising malware as legitimate recruitment tests on GitHub. The attackers use a GitHub…
Rilide Malware Poses as Browser Extension to Steal Login Credentials from Chrome and Edge Users
Rilide, a sophisticated malware, has been masquerading as a legitimate browser extension to steal sensitive information from users of Chromium-based browsers like Google Chrome and Microsoft Edge. First identified in April 2023, this malware is designed to capture screenshots, log…