Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
RedNote App Security Flaw Exposes User Files on iOS and Android Devices
Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app, RedNote, compromising the privacy and security of millions of users globally. Researchers revealed critical flaws allowing attackers to intercept sensitive user data, access device files, and…
New Malware Exploiting Outlook as a Communication Channel via the Microsoft Graph API
A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control (C2) communication channel through the Microsoft Graph API. This sophisticated malware was uncovered by Elastic Security Labs during an investigation targeting a foreign ministry. The…
Threat Actors Exploiting DeepSeek’s Popularity to Deploy Malware
The meteoric rise of DeepSeek, a Chinese AI startup, has not only disrupted the AI sector but also attracted the attention of cybercriminals. Following the release of its open-source model, DeepSeek-R1, on January 20, 2025, the platform experienced exponential growth,…
Winnti Hackers Attacking Japanese Organisations with New Malware
The China-based Advanced Persistent Threat (APT) group known as the Winnti Group, also referred to as APT41, has launched a new cyberattack campaign targeting Japanese organizations in the manufacturing, materials, and energy sectors. Dubbed “RevivalStone,” this campaign employs a novel…
Critical Vulnerability in Crowdstrike Falcon Sensor for Linux Enables TLS MiTM Exploits
CrowdStrike has disclosed a critical vulnerability (CVE-2025-1146) in its Falcon Sensor for Linux, its Falcon Kubernetes Admission Controller, and its Falcon Container Sensor. This flaw stems from a validation logic error in the handling of TLS (Transport Layer Security) connections,…
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems
In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows systems. This operation, active since…
APT43 Hackers Targeting Academic Institutions Using Exposed Credentials
APT43, also known by aliases such as Black Banshee, Emerald Sleet, and Kimsuky, is a North Korean state-sponsored cyber threat actor linked to the Reconnaissance General Bureau (RGB). This group is primarily motivated by espionage and has recently expanded its…
Amazon Machine Image Vulnerability Allows Hackers to Publish Fake Resources
A new security vulnerability targeting Amazon Machine Images (AMIs) has emerged, exposing organizations and users to potential exploitation. Dubbed the “whoAMI name confusion attack,” this flaw allows attackers to publish malicious virtual machine images under misleading names, tricking unsuspecting users…
Critical Chrome Flaw Allows Attackers to Remotely Execute Code
Google has released an urgent update for its Chrome browser to address a critical security vulnerability that could allow attackers to remotely execute malicious code on vulnerable systems. The flaw, identified as CVE-2025-0995, is categorized as a “Use-After-Free” vulnerability in…
Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide
A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials, device information, and user details, raising global concerns over IoT (Internet of Things) security. Cybersecurity researcher Jeremiah Fowler uncovered this unprotected database, linked to Mars Hydro,…
Palo Alto PAN-OS Zero-Day Flaw Allows Attackers to Bypass Web Interface Authentication
Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS software (CVE-2025-0108), allowing attackers to bypass authentication on the management web interface. With a CVSS score of 7.8 (HIGH), the flaw has been flagged as a significant security issue…
SonicWall Firewalls Exploit Hijack SSL VPN Sessions to Gain Networks Access
SonicWall firewalls running specific versions of SonicOS are vulnerable to a critical authentication bypass flaw, tracked as CVE-2024-53704, which allows attackers to hijack active SSL VPN sessions. This vulnerability has been classified as high-risk, with a CVSS score of 8.2.…
Cl0p Ransomware Hide Itself on Compromised Networks After Exfiltrate the Data
The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has intensified its operations by employing advanced techniques to remain undetected within compromised networks. Known for its association with the TA505 threat group, Cl0p has shifted its…
ZeroLogon Ransomware Exploits Windows AD to Hijack Domain Controller Access
A newly intensified wave of ransomware attacks has surfaced, leveraging the infamous ZeroLogon vulnerability (CVE-2020-1472) to compromise Windows Active Directory (AD) domain controllers. This exploit, first identified in 2020, has become a key weapon for ransomware groups like Ryuk and…
Hackers Exploit Ivanti Connect Secure Vulnerability to Inject SPAWNCHIMERA malware
In a concerning development, cybersecurity experts have identified active exploitation of a critical vulnerability in Ivanti Connect Secure (ICS) appliances, tracked as CVE-2025-0282. This zero-day vulnerability, a stack-based buffer overflow with a CVSS score of 9.0, has been leveraged by…
Enhancing Threat Detection With Improved Metadata & MITRE ATT&CK tags
The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to combat emerging threats. In response, Proofpoint’s Emerging Threats (ET) team has implemented significant updates to its ruleset, enhancing metadata coverage and integrating MITRE ATT&CK tags. These…
Researchers Breach Software Supply Chain and Secure $50K Bug Bounty
A duo of cybersecurity researchers uncovered a critical vulnerability in a software supply chain, landing them an extraordinary $50,500 bug bounty. The exploit, described as an “Exceptional Vulnerability,” not only exposed systemic flaws in software supply chain security but also…
Windows Driver Zero-Day Vulnerability Let Hackers Remotely Gain System Access
Microsoft has confirmed the discovery of a significant zero-day vulnerability, tracked as CVE-2025-21418, in the Windows Ancillary Function Driver for WinSock. This flaw, categorized as an Elevation of Privilege (EoP) vulnerability, has been exploited in the wild, allowing attackers to remotely gain control…
Hackers Manipulate Users Into Running PowerShell as Admin to Exploit Windows
Microsoft Threat Intelligence has exposed a novel cyberattack method employed by the North Korean state-sponsored hacking group, Emerald Sleet (also known as Kimsuky or VELVET CHOLLIMA). The group is exploiting social engineering tactics to deceive individuals into running PowerShell commands…