Cybersecurity enthusiasts and IT administrators worldwide are voicing concerns over a newly discovered vulnerability in AnyDesk that could lead to local privilege escalation (LPE). The vulnerability, identified as CVE-2024-12754 and coordinated by Trend Micro’s Zero Day Initiative, allows attackers to weaponize Windows…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
DeepSeek’s New Jailbreak Method Reveals Full System Prompt
The Wallarm Security Research Team unveiled a new jailbreak method targeting DeepSeek, a cutting-edge AI model making waves in the global market. This breakthrough has exposed DeepSeek’s full system prompt—sparking debates about the security vulnerabilities of modern AI systems and…
Ubuntu Officially Available on the Updated Windows Subsystem for Linux
Ubuntu has announced its availability on Microsoft’s new tar-based Windows Subsystem for Linux (WSL) distribution architecture. This enhancement simplifies deployment and improves scalability, making Ubuntu on WSL more accessible and optimized for enterprise environments. Ubuntu has long been a popular…
Cybercriminals Leveraging AI to Verify Stolen Credit Card Data
Cybercriminals are increasingly leveraging artificial intelligence (AI) agents to validate stolen credit card data, posing a significant threat to financial institutions and consumers. These AI-powered systems, originally designed for legitimate automation tasks, are being repurposed to execute card testing attacks…
Malicious Android & iOS Apps Downloaded Over 242,000 Times, Stealing Crypto Recovery Keys
A sophisticated malware campaign, dubbed SparkCat, has infiltrated Google Play and Apple’s App Store, marking the first known instance of an optical character recognition (OCR)-based cryptocurrency stealer on iOS. According to cybersecurity firm Kaspersky, the malware has been downloaded over…
BADBOX Botnet Surges: Over 190,000 Android Devices Infected, Including LED TVs
The BADBOX botnet, a sophisticated malware operation targeting Android-based devices, has now infected over 192,000 systems globally. Originally confined to low-cost and off-brand devices, the malware has expanded its reach to include well-known brands such as Yandex 4K QLED TVs…
Threat Actors Exploiting Free Email Services to Target Government and Educational Institutions
Threat actors are increasingly leveraging free email services to infiltrate government and educational institutions, exploiting these platforms’ accessibility and widespread use. Increasing Sophistication in Cyber Threats Recent investigations reveal that advanced persistent threat (APT) groups, such as GreenSpot, have employed…
Zero-Day Vulnerabilities in Microsoft Sysinternals Tools Enable DLL Injection Attacks on Windows
A significant zero-day vulnerability has been uncovered in Microsoft Sysinternals tools, posing a severe risk to Windows systems. These widely-used utilities, essential for IT administrators and developers, are now susceptible to DLL injection attacks due to flaws in their dynamic…
Hackers Using AI Agents to Validate Stolen Credit Cards
Cybercriminals are increasingly leveraging artificial intelligence (AI) agents to validate stolen credit card data, posing a significant threat to financial institutions and consumers. These AI-powered systems, originally designed for legitimate automation tasks, are being repurposed to execute card testing attacks…
IBM Cloud Pak Security Vulnerabilities Expose Sensitive Data to Attackers
IBM recently disclosed a series of significant security vulnerabilities in its Cloud Pak for Business Automation platform, raising alarms about the potential exposure of sensitive data to malicious actors. The security issues, detailed in an official bulletin published on February…
Apple’s macOS Kernel Vulnerability (CVE-2025-24118) Exposes Users to Privilege Escalation Attacks – PoC Released
A critical privilege escalation vulnerability in Apple’s macOS kernel has been revealed, posing a significant risk to users. The flaw, identified as CVE-2025-24118, affects multiple versions of macOS, iPadOS, and macOS Sequoia. Security researcher Joseph Ravichandran (@0xjprx) from MIT CSAIL brought this issue…
Critical Netgear Vulnerabilities Allow Hackers to Execute Remote Code
Netgear has addressed critical security vulnerabilities in several of its popular router models that could allow hackers to execute remote code without authentication. If not resolved promptly, these vulnerabilities pose a significant risk to affected devices, potentially enabling malicious actors…
CISA Adds Actively Exploited Apache and Microsoft Vulnerabilities to its Database
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with several critical security flaws, prompting heightened vigilance among organizations using affected software platforms. Among these newly added vulnerabilities are severe flaws in Apache OFBiz, Microsoft…
Threat Actors Exploiting DeepSeek’s Rise to Fuel Cyber Attacks
Amid the surging popularity of DeepSeek, a cutting-edge AI reasoning model from an emerging Chinese startup, cybercriminals have wasted no time leveraging the widespread attention to launch fraudulent schemes. While the innovative AI tool has captivated global audiences, its meteoric…
Hackers Can Exploit GPU Flaws to Gain Full Control of Your Device
Several critical vulnerabilities affecting Mali Graphics Processing Units (GPUs) have surfaced, allowing hackers to exploit flaws in GPU drivers to gain full control of devices. The vulnerabilities tracked as CVE-2022-22706 and CVE-2021-39793, expose millions of devices to privilege escalation attacks, enabling attackers to…
Chinese Hackers Attacking Linux Devices With New SSH Backdoor
A sophisticated cyber espionage campaign attributed to the Chinese hacking group DaggerFly has been identified, targeting Linux systems through an advanced Secure Shell (SSH) backdoor known as ELF/Sshdinjector.A!tr. This malware, part of a broader attack framework, compromises Linux-based network appliances…
Hackers Exploit ADFS to Bypass MFA and Access Critical Systems
Hackers are targeting organizations using Microsoft’s Active Directory Federation Services (ADFS) to bypass multi-factor authentication (MFA) and infiltrate critical systems. Leveraging phishing techniques, these attackers deceive users with spoofed login pages, harvest credentials, and manipulate ADFS integrations to gain unauthorized…
CISA Releases Nine Security Advisories on ICS Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released nine advisories targeting security vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities pose significant risks, including denial of service (DoS), information disclosure, and even remote code execution. Organizations using ICS technologies…
Hackers Exploiting a Six-year-old IIS Vulnerability to Gain Remote Access
In a concerning revelation, cybersecurity firm eSentire’s Threat Response Unit (TRU) has detected active exploitation of a six-year-old vulnerability, CVE-2019-18935, in Progress Telerik UI for ASP.NET AJAX. This flaw, which affects Internet Information Services (IIS) servers, enables malicious actors to…
Veeam Backup Vulnerability Allows Attackers to Execute Arbitrary Code
A critical vulnerability, CVE-2025-23114, has been discovered within the Veeam Updater component that poses a serious risk to organizations utilizing Veeam’s backup solutions. The flaw allows attackers to leverage a Man-in-the-Middle (MitM) attack to inject and execute arbitrary code with…