Security researchers have discovered a sophisticated attack technique that exploits Microsoft’s OneDrive application to execute malicious code without detection. The method, known as DLL sideloading, leverages the way Windows loads library files to trick legitimate applications into running attacker-controlled software.…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Attackers Exploit Microsoft Teams Flaws to Manipulate Messages and Fake Notifications
Check Point Research uncovered four critical vulnerabilities in Microsoft Teams that could allow attackers to impersonate executives, manipulate messages, alter notifications, and forge identities during video and audio calls. The research team discovered that both external guest users and malicious…
DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code
Acronis Threat Research Unit has analyzed recent activity linked to the DragonForce ransomware group and identified a new malware variant in the wild. The latest sample uses vulnerable drivers such as truesight.sys and rentdrv2.sys to disable security software, terminate protected…
Critical RCE Bug in Leading React Native NPM Module Could Allow Full System Compromise
A severe security vulnerability has been discovered in a widely used React Native development package, potentially exposing millions of developers to remote attacks. Security researchers from JFrog recently uncovered CVE-2025-11953, a critical remote code execution flaw affecting the @react-native-community/cli NPM…
Critical WordPress Post SMTP Plugin Vulnerability Puts 400,000 Sites at Risk of Account Takeover
A critical vulnerability has been discovered in the Post SMTP WordPress plugin, affecting over 400,000 active installations across the web. The vulnerability, identified as CVE-2025-11833 with a CVSS score of 9.8, allows unauthenticated attackers to access sensitive email logs and…
Android Hit by 0-Click RCE Vulnerability in Core System Component
Google has released an urgent security alert addressing a critical remote code execution vulnerability affecting Android devices worldwide. The vulnerability, tracked as CVE-2025-48593, exists in Android’s System component and requires no user interaction for exploitation, making it an exceptionally dangerous…
XLoader Malware Analyzed Using ChatGPT’s AI, Breaks RC4 Encryption Layers in Hours
Cybersecurity researchers have successfully demonstrated how artificial intelligence can dramatically accelerate malware analysis, decrypting complex XLoader samples in a fraction of the time previously required. XLoader, a sophisticated malware loader with information-stealing capabilities dating back to 2020, has long been…
Zscaler Acquires SPLX to Strengthen AI-Powered Zero Trust Security
Zscaler, a leading cloud security company, has acquired SPLX, an innovative AI security pioneer, to enhance its Zero Trust Exchange platform with advanced AI protection capabilities. The acquisition will integrate shift-left AI asset discovery, automated red teaming, and governance features…
Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform, which emerged in August 2023, has become a formidable adversary against organizational security, employing advanced evasion techniques and adversary-in-the-middle (AiTM)…
Microsoft Plans to Remove Entra Accounts from Authenticator on Jailbroken Devices
Microsoft is rolling out a significant security enhancement for its Authenticator app starting February 2026, introducing jailbreak and root detection capabilities that will automatically wipe Microsoft Entra credentials from compromised devices. This move represents a strategic shift toward strengthening enterprise…
RondoDox Botnet Swells Its Arsenal — 650% Jump in Enterprise-Focused Exploits
The cybersecurity threat landscape shifted dramatically on October 30, 2025, when security researchers monitoring honeypot infrastructure detected a significantly evolved variant of the RondoDox botnet. The updated malware now features 75 distinct exploitation vectors, a fundamental expansion that transforms the…
‘SleepyDuck’ Malware in Open VSX Lets Attackers Remotely Control Windows PCs
Security researchers have identified a dangerous remote access trojan called SleepyDuck lurking in the Open VSX IDE extension marketplace, targeting developers who use code editors like Cursor and Windsurf. The malicious extension masqueraded as a legitimate Solidity programming language helper,…
Balancer DeFi Platform Hit by Major Exploit Resulting in $100M+ in Losses
The decentralised finance (DeFi) ecosystem was rocked by a significant exploit targeting Balancer, one of the leading DeFi platforms. The breach specifically impacted Balancer’s V2 Composable Stable Pools, resulting in losses that reportedly exceed $100 million. This major incident highlights…
Malicious PuTTY Ads Deliver OysterLoader, Allowing Attackers Full Device and Network Access
The Rhysida ransomware gang has been running a sophisticated malvertising campaign that delivers OysterLoader malware through deceptive search engine advertisements, giving attackers complete access to compromised devices and networks. The Rhysida gang, formerly known as Vice Society before rebranding in…
Microsoft’s WSUS Patch Causes Hotpatching Failures on Windows Server 2025
Microsoft has acknowledged a critical issue affecting Windows Server 2025 systems enrolled in the Hotpatch program. A recent Windows Server Update Services (WSUS) patch was inadvertently distributed to machines configured to receive Hotpatch updates, causing disruptions to the seamless patching…
SesameOp: Using the OpenAI Assistants API for Covert C2 Communication
Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel. Named SesameOp, this threat demonstrates how adversaries are rapidly adapting to leverage legitimate cloud services for malicious…
Apple Releases Security Update Addressing Critical Flaws in iOS 26.1 and iPadOS 26.1
Apple has rolled out new security updates for iOS 26.1 and iPadOS 26.1, released on November 3, 2025, introducing important fixes for a wide range of vulnerabilities. The update is available for iPhone 11 and later models, along with several…
Cybercriminals Exploit RMM Tools to Target Trucking Firms and Hijack Freight
Cybercriminals are orchestrating sophisticated attacks against trucking and freight companies in elaborate schemes designed to steal cargo shipments worth millions. These threat actors are exploiting the digital transformation of the logistics industry, compromising transportation companies to fraudulently bid on legitimate…
Hackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP ports 8530 and 8531, which correspond to unencrypted…
Critical UniFi OS Flaw Enables Remote Code Execution
Security researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devices without requiring…