India’s Central Bureau of Investigation (CBI), the nation’s federal law enforcement agency, launched a sweeping operation targeting cyber-enabled financial fraud networks. Raids at 19 locations across India dismantled a sophisticated tech support scam operation impersonating Microsoft, primarily victimizing older adults…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Issues Alert on Erlang/OTP SSH Server RCE Vulnerability Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH server implementations that allows attackers to execute arbitrary commands without authentication. The vulnerability, designated as CVE-2025-32433, has been added to CISA…
Malicious Actors Exploit SoraAI’s Popularity & GitHub to Distribute Malware
Threat actors are leveraging the growing popularity of OpenAI’s Sora, a cutting-edge video generation model, to distribute malicious software. Disguised as a legitimate shortcut file named “SoraAI.lnk,” this information-stealing malware mimics the branding of Sora to trick users into initiating…
SAP Security Patch Day: 14 Vulnerabilities Resolved Across Various Products
SAP’s June 10, 2025 Security Patch Day delivered critical security updates addressing 14 distinct vulnerabilities across the enterprise software portfolio. The security notes span severity levels from Critical (CVSS 9.6) to Low (CVSS 3.0), encompassing core platform components, business applications,…
Malware Deployment Campaigns: ‘Librarian Ghouls’ APT Group Targets Organizations
The Advanced Persistent Threat (APT) group known as “Librarian Ghouls,” also tracked as “Rare Werewolf” and “Rezet,” has been actively targeting organizations across Russia and the Commonwealth of Independent States (CIS) with highly sophisticated malware deployment campaigns. Active through May…
Exploitation of Critical Wazuh Server RCE Vulnerability Leads to Mirai Variant Deployment
The Akamai Security Intelligence and Response Team (SIRT) has uncovered active exploitation of a critical remote code execution (RCE) vulnerability in Wazuh servers, identified as CVE-2025-24016 with a CVSS score of 9.9. Disclosed in February 2025, this vulnerability affects Wazuh…
Vulnerability in DanaBot Malware C2 Server Leaks Threat Actor Usernames and Crypto Keys
A severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys…
Sensata Technologies Faces Disruption Due to Ransomware Attack
Sensata Technologies, Inc., a major technology company based in Attleboro, Massachusetts, has disclosed a significant cybersecurity incident that compromised personal information of hundreds of individuals. The external system breach, discovered in late May, affected at least 362 Maine residents and…
Over 84,000 Roundcube Webmail Installations Exposed to Remote Code Vulnerabilities
Security researchers have identified a critical vulnerability in Roundcube Webmail that affects over 84,000 unpatched installations worldwide, according to data from The Shadowserver Foundation. The vulnerability, designated CVE-2025-49113, enables authenticated attackers to execute arbitrary code remotely and has already been…
ManageEngine Exchange Reporter Plus Vulnerability Enables Remote Code Execution
A critical security vulnerability has been discovered in ManageEngine Exchange Reporter Plus, a popular email monitoring and reporting solution, that could allow attackers to execute arbitrary commands on target servers. The vulnerability, assigned CVE-2025-3835, affects all builds up to version…
Google Vulnerability Allowed Hackers to Access User Phone Numbers
A security researcher has disclosed a critical vulnerability in Google’s account recovery system that allowed attackers to brute-force and obtain the phone numbers of any Google user. The vulnerability , discovered in 2025, exploited Google’s username recovery form that continued…
New Report Reveals Chinese Hackers Attempted to Breach SentinelOne Servers
SentinelLABS, a sophisticated reconnaissance operation targeting SentinelOne, a leading cybersecurity vendor, has been detailed as part of a broader espionage campaign linked to China-nexus threat actors. Tracked under the activity clusters PurpleHaze and ShadowPad, these operations spanned from July 2024…
Bitter Malware Employs Custom-Built Tools to Evade Detection in Advanced Attacks
In a recent research by Proofpoint and Threatray has unveiled the intricate and evolving malware arsenal of the Bitter group, also known as TA397, believed to be a state-backed actor aligned with the interests of the Indian government. Active since…
Skitnet Malware Actively Adopted by Ransomware Gangs to Enhance Operational Efficiency
Skitnet malware, also referred to as Bossnet, has emerged as a critical tool for ransomware gangs in 2025, showcasing a marked increase in operational efficiency for cybercriminals. First advertised on underground forums like RAMP on April 19, 2024, by a…
U.S. Targets $7.7M in Crypto Tied to North Korean IT Worker Scam
On June 5, 2025, the United States Department of Justice (DOJ) filed a verified civil forfeiture complaint in the US District Court for the District of Columbia, seeking to permanently seize over $7.7 million in cryptocurrency, non-fungible tokens (NFTs), and…
Meta Bypassed Privacy Protections to Track Android Users
A recent investigation by cybersecurity researchers has revealed that tech giants Meta (formerly Facebook) and Yandex have been exploiting a fundamental design feature of the Android operating system—the ability for apps to listen on localhost ports—to covertly track users’ web…
Google Warns of Surge in Cyberattacks Targeting US Users to Steal Login Credentials
Google has highlighted a significant uptick in cyberattacks and scams targeting US consumers, with a particular focus on stealing login credentials. The FBI reports that online scams generated a staggering $16.6 billion in losses last year, reflecting a 33% increase…
New Blitz Malware Targets Windows Servers to Deploy Monero Miner
A new Windows-based malware named Blitz has been identified in 2024, with an updated version detected in early 2025. This malware, actively developed and distributed through deceptive game cheats, poses a significant threat by deploying a Monero cryptocurrency miner alongside…
APT41 Hackers Leverage Google Calendar for Malware C2 in Attacks on Government Entities
The Chinese state-sponsored threat actor APT41, also known as BARIUM, Wicked Panda, and Brass Typhoon, has been reported to exploit Google Calendar as a command-and-control (C2) mechanism in a recent campaign targeting a Taiwanese government website. This sophisticated group, active…
Hackers Deploy FormBook Malware via Weaponized Excel Files to Target Windows Systems
A critical phishing campaign targeting Windows users has been uncovered by FortiGuard Labs, leveraging malicious Excel attachments to exploit a long-standing vulnerability in older versions of Microsoft Office. This sophisticated attack distributes FormBook, a notorious information-stealing malware designed to harvest…