Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The emergence of the Lynx Ransomware-as-a-Service (RaaS) platform has drawn significant attention in cybersecurity circles, owing to its advanced technical capabilities, structured affiliate workflow, and expansive ransomware arsenal. Lynx has proven to be a highly organized and efficient cybercriminal operation,…

Read more →

A detailed analysis from Maverits, a leading cybersecurity firm, reveals a significant evolution in the strategies and objectives of APT28, a cyber-espionage group linked to Russia’s GRU military intelligence unit. Covering activities from 2022 to 2024, the report highlights APT28’s…

Read more →

Security enthusiasts and professionals are turning their focus towards a new angle on phishing attacks in the identity and access management space. During the “Offensive Entra ID (Azure AD) and Hybrid AD Security” training, a clever demonstration showcased how a…

Read more →

Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via Load Address Prediction) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions). These…

Read more →

Privacy is the cornerstone of digital communication in today’s world, and platforms like WhatsApp consistently introduce features to enhance user security. One such feature is WhatsApp’s “View Once” option, which ensures that sensitive photos and videos disappear after being viewed…

Read more →

Privacy is the cornerstone of digital communication in today’s world, and platforms like WhatsApp consistently introduce features to enhance user security. One such feature is WhatsApp’s “View Once” option, which ensures that sensitive photos and videos disappear after being viewed…

Read more →

 A recently disclosed Windows kernel-level vulnerability, identified as CVE-2024-49138, has raised significant security concerns in the cybersecurity community. Leveraging a buffer overflow vulnerability within the Windows Common Log File System (CLFS), researchers have released a proof-of-concept (PoC) exploit, showcasing the critical risks…

Read more →

Researchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular…

Read more →

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered a novel variant of the Mirai-based botnet malware, dubbed Aquabotv3, actively targeting Mitel SIP phones via a critical vulnerability. This marks the third observed iteration of Aquabot, which now showcases unique…

Read more →

A new ransomware gang, Hellcat, emerged on dark web forums in 2024, targeting critical infrastructure, government organizations, educational institutions, and the energy sector. Operating on a ransomware-as-a-service (RaaS) model, Hellcat offers ransomware tools and infrastructure to affiliates in exchange for…

Read more →

Researchers have successfully jailbroken DeepSeek R1, a cutting-edge reasoning model originating from China. Dubbed a potential challenger to tech giants like OpenAI, DeepSeek R1 has garnered international attention for its impressive problem-solving abilities in mathematics, logic, and coding. However, the…

Read more →

Google’s Threat Intelligence Group (GTIG) in collaboration with Mandiant has revealed critical insights into ScatterBrain, a sophisticated obfuscation tool utilized by China-nexus cyber espionage groups, specifically APT41, to deploy the advanced backdoor family POISONPLUG.SHADOW. This analysis underscores the significant evolution…

Read more →

Security researchers have raised alarms about active exploitation attempts targeting a newly discovered zero-day command injection vulnerability in Zyxel CPE Series devices, tracked as CVE-2024-40891. This critical vulnerability, which remains unpatched and undisclosed by the vendor, has left over 1,500 devices…

Read more →

A newly identified strain of information-stealing malware, FleshStealer, is making headlines in 2025 due to its advanced evasion techniques and targeted data extraction capabilities. Flashpoint analysts have shed light on its operation, revealing a sophisticated tool that poses significant risk…

Read more →

Windows 11 KB5050009 for version 24H2 has sparked widespread frustrations among users due to a slew of compatibility and functionality issues. Reports indicate that the update, which aims to introduce improvements and security fixes, has instead caused disruptions in Bluetooth…

Read more →

A recent security vulnerability in a widely used airline integration service has exposed millions of users to account takeovers, raising concerns over the safety of online travel services. Security researchers from Salt Labs discovered the flaw, which enabled hackers to…

Read more →

A recently discovered Cross-site Scripting (XSS) vulnerability, CVE-2024-57514, affecting the TP-Link Archer A20 v3 Router has raised security concerns among users. The flaw CVE-2024-57514, identified in firmware version 1.0.6 Build 20231011 rel.85717(5553), allows attackers to execute arbitrary JavaScript code through the…

Read more →

A critical vulnerability in the Cacti performance monitoring framework, tracked as CVE-2025-22604, has been disclosed, with a proof-of-concept (PoC) exploit now publicly available. This vulnerability allows authenticated users with device management permissions to execute arbitrary code on the server by…

Read more →

In a groundbreaking cybersecurity investigation, researchers identified several critical vulnerabilities in a target system, eventually gaining control over 3,000 subsidiary companies managed by a parent organization. The exploration leveraged flaws in API configurations, bypassed key security protocols, and exposed sensitive…

Read more →

A groundbreaking technique for exploiting Windows systems has emerged, combining the “Bring Your Own Vulnerable Driver” (BYOVD) approach with the manipulation of symbolic links. Security researchers have uncovered how this method can bypass Endpoint Detection and Response (EDR) mechanisms and…

Read more →