Security researchers have disclosed critical details about CVE-2025-20029, a command injection vulnerability in F5’s BIG-IP Traffic Management Shell (TMSH) command-line interface. The flaw enables authenticated attackers with low privileges to bypass security restrictions, execute arbitrary commands, and gain root-level access to vulnerable systems.…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Google Introduces Quantum-Safe Digital Signatures in Cloud KMS
Google Cloud has unveiled a critical cybersecurity upgrade: quantum-safe digital signatures via its Key Management Service (Cloud KMS), now available in preview. This move aligns with the National Institute of Standards and Technology’s (NIST) 2024 post-quantum cryptography (PQC) standards, offering developers tools…
New Zhong Stealer Malware Exploit Zendesk to Attack Fintech and Cryptocurrency
A newly identified malware, dubbed Zhong Stealer, has emerged as a significant threat to the fintech and cryptocurrency sectors. Any.run researchers discovered zhong malware during a phishing campaign between December 20 and 24, 2024, the malware exploits customer support platforms…
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect Secure, as confirmed by JPCERT/CC. This vulnerability, disclosed in January 2025, had already been actively exploited since late December 2024,…
ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has seen a significant increase in its distribution since the beginning of 2025. Initially distributed in limited volumes in mid-2024, this malware has now gained traction,…
NSA Allegedly Hacked Northwestern Polytechnical University, China Claims
Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a cyberattack on Northwestern Polytechnical University, a prominent Chinese institution specializing in aerospace and defense research. The allegations, published by organizations such as Qihoo 360 and the…
Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key
A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing attackers to extract private keys used for signing SAML authentication requests. The flaw, tracked as CVE-2022-35202, stems from the use of a Java keystore accessible via…
Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities in its UniFi Protect camera ecosystem, including a high-severity remote code execution (RCE) flaw that could allow attackers to hijack devices and infiltrate network infrastructure.…
Nagios XI Flaw Exposes User Details and Emails to Unauthenticated Attackers”
A security vulnerability in Nagios XI 2024R1.2.2, tracked as CVE-2024-54961, has been disclosed, allowing unauthenticated attackers to retrieve sensitive user information, including usernames and email addresses, from the network monitoring platform. This high-severity flaw (CVSSv3 score: 6.5) exposes organizations to…
Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks
A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF), has exposed enterprise cloud infrastructures to denial-of-service (DoS) attacks. Designated as CVE-2024-50608 and CVE-2024-50609, these vulnerabilities—scoring…
New Darcula 3.0 Tool Generates Phishing Kits to Mimic Global Brands
The cybercriminal group behind the notorious “darcula-suite” platform has unveiled its latest iteration, darcula 3.0, which introduces groundbreaking capabilities for creating phishing kits targeting any brand globally. This “Phishing-as-a-Service” (PhaaS) platform lowers the technical barrier for bad actors by automating…
Adversary-in-the-Middle Hackers Exploit Vulnerabilities to Deploy Advanced Malware
Cybercriminals are increasingly leveraging sophisticated Adversary-in-the-Middle (AiTM) phishing techniques, enabled by the rise of Phishing-as-a-Service (PhaaS) ecosystems. These operations target financial institutions globally, bypassing multi-factor authentication (MFA) by intercepting live authentication sessions. Threat actors use reverse proxy servers to relay…
CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
The notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics, the group has exploited zero-day vulnerabilities to infiltrate systems, steal sensitive data, and extort victims.…
Salt Typhoon Hackers Exploit Cisco Vulnerability to Gain Device Access on US.Telecom Networks
A highly advanced threat actor, dubbed “Salt Typhoon,” has been implicated in a series of cyberattacks targeting major U.S. telecommunications networks, according to a report by Cisco Talos. The campaign, which began in late 2024 and was confirmed by the…
CISA Issues Seven ICS Advisories Highlighting Critical Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released seven Industrial Control Systems (ICS) advisories on February 20, 2025, addressing critical vulnerabilities in products from ABB, Siemens, Mitsubishi Electric, and other industrial technology providers. These advisories underscore escalating risks to…
Pegasus Spyware Now Targeting Business Executives and Financial Sector Professionals
The once-shadowy realm of Pegasus spyware has breached new frontiers, with forensic analyses revealing a stark pivot from targeting journalists and activists to infiltrating the private sector. In December 2024, mobile security firm iVerify detected 11 new Pegasus infections among…
New Bookworm Malware Using SLL Sideloading Technique To Windows
Cybersecurity researchers from Palo Alto Networks’ Unit 42 disclosed the resurgence of the Bookworm malware, which has been linked to the Stately Taurus threat actor group. This malware employs a sophisticated DLL sideloading technique that enables it to infiltrate Windows…
Hackers Delivering Malware Bundled with Fake Job Interview Challenges
ESET researchers have uncovered a series of malicious activities orchestrated by a North Korea-aligned group known as DeceptiveDevelopment, active since early 20241. The cybercriminals pose as company recruiters, enticing freelance software developers with fake employment offers. As part of the…
Ransomware Trends 2025 – What’s new
As of February 2025, ransomware remains a formidable cyber threat, evolving in complexity and scale. The ransomware ecosystem has adapted to previous law enforcement disruptions, showcasing a resilient business model that continues to attract financially motivated cybercriminals. The proliferation of…
PoC Exploit Released for Ivanti EPM Vulnerabilities
A recent investigation into Ivanti Endpoint Manager (EPM) has uncovered four critical vulnerabilities that could allow unauthenticated attackers to exploit machine account credentials for relay attacks, potentially leading to server compromise. These vulnerabilities, identified in the C:\Program Files\LANDesk\ManagementSuite\WSVulnerabilityCore.dll, were patched…