A recent investigation by Unit 42 of Palo Alto Networks has uncovered a sophisticated, state-sponsored cyberespionage operation, tracked as CL-STA-0048. The campaign targeted high-value organizations in South Asia, particularly a telecommunications company. Employing rare tactics and tools, the attackers leveraged…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Impersonate Top Tax Firm with 40,000 Phishing Messages to Steal Credentials
Proofpoint researchers have identified a marked increase in phishing campaigns and malicious domain registrations designed to exploit tax filing season. These operations, targeting countries such as the UK, US, Switzerland, and Australia, leverage tax-related themes to dupe victims into divulging…
Arcus Media Ransomware Strikes: Files Locked, Backups Erased, and Remote Access Disabled
The cybersecurity landscape faces increasing challenges as Arcus Media ransomware emerges as a highly sophisticated threat. This Ransomware-as-a-Service (RaaS) operation, first observed in May 2024, has rapidly evolved, executing coordinated attacks that disrupt critical processes, encrypt data, and hinder recovery…
500 Million Proton VPN & Pass Users at Risk Due to Memory Protection Vulnerability
Proton, the globally recognized provider of privacy-focused services such as Proton VPN and Proton Pass, is facing scrutiny after the discovery of severe memory protection vulnerabilities in its products. Despite having established itself as a trusted name for safeguarding user…
Microsoft Enhances Windows 11 Security with Admin Protection to Prevent Crowdstrike-Like Incident
Microsoft has introduced “Administrator Protection” (AP), a sophisticated security feature aimed at elevating Windows operating system security by redefining how administrative privileges are managed and reducing the risk of privilege escalation attacks. Detailed in its latest technical blog post, this…
CISA Releases Seven ICS Advisories to Strengthen Cybersecurity Posture
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued seven Industrial Control Systems (ICS) advisories, highlighting critical vulnerabilities in systems vital to industrial and operational processes. These advisories aim to enhance awareness and encourage mitigation strategies to maintain the…
Lazarus Group Drop Malicious NPM Packages in Developers Systems Remotely
In a recent discovery by Socket researchers, a malicious npm package named postcss-optimizer has been identified as an operation spearheaded by the North Korean state-sponsored group, Lazarus Advanced Persistent Threat (APT). Tied to past campaigns and employing code-level similarities, the…
TeamViewer Clients Vulnerability Leads to Privilege Escalation
TeamViewer, a widely used remote access software, has announced a critical vulnerability in its Windows clients. The company disclosed on January 28, 2025, that its software is affected by a security flaw that could allow local attackers to escalate privileges.…
Lazarus Hackers Tamper with Software Packages to Gain Backdoor Access to the Victims Device
A recent investigation conducted by STRIKE, a division of SecurityScorecard, has unveiled the intricate and far-reaching operation of the Lazarus Group, a North Korean advanced persistent threat (APT) group. Dubbed “Operation Phantom Circuit,” the campaign highlights a deliberate and sophisticated…
Tria Stealer Malware Exploits Android Devices to Harvest SMS Data
Cybersecurity researchers have uncovered a sophisticated Android malware campaign known as “Tria Stealer,” which is targeting users in Malaysia and Brunei to collect sensitive information such as SMS data, call logs, WhatsApp messages, and emails. The malware campaign, which has…
Hackers Sell Compromised Emails and Google Ads Accounts on Dark Web
A new wave of cybercrime is surfacing as hackers exploit compromised emails and digital advertising platforms to create a thriving underground economy. This illegal marketplace, primarily hosted on the dark web, trades in aged and pre-verified accounts, offering tech-savvy criminals…
Hackers Can Exploit AI Platform to Achieve Root Access via RCE Vulnerability
In a critical development within the AI industry, researchers at Noma Security have disclosed the discovery of a high-severity Remote Code Execution (RCE) vulnerability in Lightning AI Studio, a widely adopted AI development platform. The vulnerability, assigned a CVSS score…
Cybercriminals Hijack Government Sites to Lauch Phishing Attacks
Cybersecurity researchers have identified a persistent trend in which threat actors exploit vulnerabilities in government websites to further phishing campaigns. Based on data spanning November 2022 through November 2024, malicious actors have misused numerous .gov top-level domains (TLDs) across more…
10,000 WordPress Websites Hacked to Distributing MacOS and Microsoft Malware
Over 10,000 WordPress websites have been hijacked to deliver malicious software targeting both macOS and Windows users. Researchers revealed this week how attackers leveraged vulnerabilities in outdated WordPress software and plugins to distribute malware via fake browser update pages presented…
New RDP Exploit Allows Attackers to Take Over Windows and Browser Sessions
Cybersecurity experts have uncovered a new exploit leveraging the widely used Remote Desktop Protocol (RDP). This vulnerability enables attackers to gain unauthorized control over Windows systems and hijack browser activity, posing a significant threat to individual and enterprise data security.…
DeepSeek Database Publicly Exposed Sensitive Information, Secret Keys & Logs
Experts at Wiz Research have identified a publicly exposed ClickHouse database belonging to DeepSeek, a Chinese AI startup renowned for its innovative models. The vulnerability granted full control over database operations, exposing sensitive information such as chat history, secret keys,…
New SMS-Based Phishing Tool ‘DevilTraff’ Enables Mass Cyber Attacks
Cybersecurity experts are sounding the alarm about a new SMS-based phishing tool, Devil-Traff, that is enabling large-scale cyberattacks worldwide. By exploiting trust and leveraging advanced automation, this malicious platform empowers attackers to conduct high-volume phishing campaigns with devastating results. How…
OPNsense 25.1 Released, What’s New!
The highly anticipated release of OPNsense 25.1 has officially arrived! Nicknamed “Ultimate Unicorn,” this update marks a significant milestone for the open-source firewall platform, celebrating its decade-long journey of innovation, security, and reliable performance. Packed with exciting features, new integrations,…
DeepSeek is Now Available With Microsoft Azure AI Foundry
Microsoft has officially added DeepSeek R1, an advanced AI model, to its Azure AI Foundry and GitHub Model Catalog. This move places DeepSeek R1 among a curated selection of over 1,800 AI models, spanning open-source, task-specific, and industry-focused solutions. Businesses…
Lynx Ransomware Architecture to Attack Windows, Linux, ESXi Uncovered
The emergence of the Lynx Ransomware-as-a-Service (RaaS) platform has drawn significant attention in cybersecurity circles, owing to its advanced technical capabilities, structured affiliate workflow, and expansive ransomware arsenal. Lynx has proven to be a highly organized and efficient cybercriminal operation,…