Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability affecting its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Tracked as CVE-2025-20161 (CVSSv3 score: 5.1), the flaw enables authenticated attackers with administrative privileges…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Wi-Fi Jamming Attack Can Disable Specific Devices
A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks with surgical precision, raising alarms across cybersecurity and telecommunications industries. Researchers from Northeastern University and the University of Chicago uncovered this vulnerability in IEEE 802.11…
GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass security mechanisms, execute malicious scripts, and access sensitive data. The patches, included in versions 17.9.1, 17.8.4, and 17.7.6 for both…
LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows
A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers discovered it could allow attackers to execute malicious files on Windows systems by exploiting hyperlink handling mechanisms. The flaw, which impacts versions…
Cisco Nexus Switch Vulnerability Allows Attackers to Cause DoS
Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. The vulnerability enables unauthenticated attackers to trigger denial of service (DoS) conditions through crafted Ethernet frames. Rated 7.4 on…
Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications
Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection during malware distribution. Attackers are leveraging ephemeral port 60102, typically reserved for temporary communications, as a service port for covert malware transmission. This approach bypasses…
LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager
The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial appearance in November 2024. Known for encrypting files with the .lcryx extension and demanding $500 in Bitcoin for decryption, this ransomware has evolved with advanced…
Ghostwriter Malware Targets Government Organizations with Weaponized XLS File
A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has been detected, targeting government and military entities in Ukraine and opposition groups in Belarus. The campaign, active since late 2024, employs weaponized Excel (XLS) files…
Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox, has been uncovered, targeting healthcare services in North America. The attackers exploited Philips DICOM Viewer software to deploy malicious payloads, including a backdoor remote access…
Windows Virtualization-Based Security Exploited to Develop Highly Evasive Malware
In a groundbreaking development, researchers have uncovered how attackers are exploiting Windows Virtualization-Based Security (VBS) enclaves to create malware that is highly evasive and difficult to detect. VBS enclaves, designed as isolated and secure regions of memory within a process,…
Poseidon Mac Malware Hiding Within PKG Files to Evade Detections
A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan, is leveraging PKG files with preinstall scripts to infiltrate systems. This malware, weighing only 207 bytes, is currently undetected by VirusTotal and represents a significant…
App with Over 100,000 Downloads from Google Play Steals User Data and Blackmails
A financial management app named Finance Simplified has been revealed as a malicious tool for stealing sensitive user data and engaging in blackmail. Despite its fraudulent nature, the app managed to accumulate over 100,000 downloads from the Google Play Store…
Threat Actors Exploit DeepSeek Craze to Distribute Vidar Stealer Malware
In a concerning new development, cybercriminals are exploiting the widespread popularity of the recently launched DeepSeek AI chatbot to distribute the Vidar Stealer malware. According to research by Zscaler ThreatLabz, attackers are using brand impersonation tactics to lure unsuspecting users…
Ransomware Group Data-Leak Sites Increasing as Six New Groups Emerge
The cybersecurity landscape has witnessed a significant uptick in ransomware activity, with six new data-leak sites (DLSs) linked to emerging ransomware groups identified in early 2025. According to Cyjax, these groups include Kraken, Morpheus, GD LockerSec, Babuk2, Linkc, and the…
Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group
In a significant breakthrough, cybersecurity firm Silent Push has uncovered sensitive infrastructure tied to the Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT). This discovery sheds light on the group’s involvement in the historic $1.4 billion cryptocurrency heist…
MITRE Releases OCCULT Framework to Address AI Security Challenges
MITRE has unveiled the Offensive Cyber Capability Unified LLM Testing (OCCULT) framework, a groundbreaking methodology designed to evaluate risks posed by large language models (LLMs) in autonomous cyberattacks. Announced on February 26, 2025, the initiative responds to growing concerns that…
Genea IVF Clinic Cyberattack Threatens Thousands of Patient Records
A significant cybersecurity breach at Genea, one of Australia’s largest in vitro fertilization (IVF) providers, has raised alarms among thousands of patients amid concerns that sensitive medical data and treatment schedules may be compromised. The clinic confirmed on Wednesday that…
GRUB2 Flaws Expose Millions of Linux Devices to Exploitation
A critical set of 20 security vulnerabilities in GRUB2, the widely used bootloader for Linux systems, has been revealed, exposing millions of devices to potential secure boot bypass and remote code execution attacks. Discovered during a proactive hardening initiative, these…
Orange Communication Breached – Hackers Allegedly Claim 380,000 Email Records Exposed
Telecommunications provider Orange Communication faces a potential data breach after a threat actor using the pseudonym “Rey” claimed responsibility for leaking 380,000 email records and sensitive corporate data on a dark web forum. The alleged breach, disclosed earlier this week, includes source code, internal invoices,…
RSync Vulnerabilities Allow Hackers to Take Full Control of Servers – PoC Released
A series of critical security vulnerabilities in the widely-used Rsync file synchronization tool have been uncovered, exposing millions of servers to potential takeover by anonymous attackers. The flaws, discovered in Rsync version 3.2.7 and earlier, enable remote code execution, sensitive…