Socket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major escalation within the npm supply chain. These packages, initially flagged in two instances for hidden functionality…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Chinese ‘Salt Typhoon’ Hackers Infiltrated US National Guard Network for Almost a Year
The Department of Defense (DoD) revealed that an advanced persistent threat (APT) group, known as Salt Typhoon and publicly identified as Chinese state-sponsored actors, had successfully penetrated a U.S. state’s Army National Guard network in a major increase in cyberthreats.…
Samsung WLAN AP Flaws Let Remote Attackers Run Commands as Root
Security researchers have uncovered a critical chain of vulnerabilities in Samsung’s WEA453e wireless access point that allows unauthenticated remote attackers to execute commands with full administrative privileges. The flaws, discovered in August 2020, demonstrate how seemingly minor web interface oversights…
Lenovo Vantage Flaws Enable Attackers to Gain SYSTEM-Level Privileges
Security researchers at Atredis have uncovered multiple privilege escalation vulnerabilities in Lenovo Vantage, a pre-installed management platform on Lenovo laptops that handles device updates, configurations, and system health monitoring. These flaws, tracked under CVEs 2025-6230, 2025-6231, and 2025-6232, allow unprivileged…
Google’s AI ‘Big Sleep’ Detects Critical SQLite 0-Day, Halts Ongoing Attacks
Google’s artificial intelligence agent “Big Sleep” has made cybersecurity history by discovering and stopping the exploitation of a critical zero-day vulnerability in SQLite, marking the first time an AI system has directly foiled real-world cyberattacks. The AI agent, developed by…
Windows Secure Boot Certificate Expired in June, Microsoft Issues Warning
Microsoft has issued an urgent warning to Windows users about an impending security certificate expiration that could significantly impact device functionality. The tech giant announced that Secure Boot certificates used by most Windows devices are scheduled to expire starting in…
Gmail Message Exploit Triggers Code Execution in Claude, Bypassing Protections
A cybersecurity researcher has demonstrated how a carefully crafted Gmail message can trigger code execution through Claude Desktop, Anthropic’s AI assistant application, highlighting a new class of vulnerabilities in AI-powered systems that don’t require traditional software flaws. The exploit leverages…
Dark Partners Hacker Group Drains Crypto Wallets Using Fake AI Tools and VPN Services
The financially driven organization known as Dark Partners has been planning massive cryptocurrency theft since at least May 2025, using a complex network of more than 250 malicious domains that pose as AI tools, VPN services, cryptocurrency wallets, and well-known…
NimDoor MacOS Malware Abuses Zoom SDK Updates to Steal Keychain Credentials
SentinelOne researchers have discovered NimDoor, a sophisticated MacOS malware campaign ascribed to North Korean-affiliated attackers, most likely the Stardust Chollima gang, in a notable increase in cyber threats targeting the bitcoin industry. Active since at least April 2025, NimDoor exploits…
Oracle Issues Critical Update Fixing 309 Vulnerabilities Across Products
Oracle Corporation released its July 2025 Critical Patch Update, addressing a substantial 309 security vulnerabilities across its extensive product portfolio. This quarterly security release represents one of the most comprehensive patches in recent years, affecting dozens of Oracle’s enterprise software…
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This…
Email Filters Defeated by Polyglot File Trick Used in Malware Campaigns
Attackers are increasingly using advanced disguising techniques, such polyglot files, to get around email filters and successfully send phishing payloads in the constantly changing world of cyber threats. These polyglot files, which can be interpreted as multiple file formats simultaneously,…
Hackers Exploit Ivanti and Fortinet VPN Vulnerabilities in Attacks on Japanese Companies
Cyber espionage campaigns against Japanese companies have increased in fiscal year 2024, which runs from April 2024 to March 2025, according to a thorough analysis published by Macnica’s Security Research Center. The main objective of these campaigns is to exfiltrate…
Command-Line Editor Vim Hit by Vulnerability Allowing File Overwrites
A critical security vulnerability has been discovered in Vim, the popular open-source command-line text editor, that could allow attackers to overwrite arbitrary files on users’ systems. The vulnerability, designated CVE-2025-53906, was published on July 15, 2025, and affects all versions of…
Massive DDoS Attack Slams Internet with 7.3 Tbps and 4.8 Billion Packets Per Second
Cloudflare’s latest DDoS Threat Report for the second quarter of 2025 reveals that the company autonomously mitigated the largest-ever recorded distributed denial-of-service (DDoS) attacks, peaking at an unprecedented 7.3 terabits per second (Tbps) and 4.8 billion packets per second (Bpps).…
Abacus Dark Web Market Suspected of Exit Scam with Held Bitcoin Funds
The largest Bitcoin-enabled Western darknet marketplace, Abacus Market, has gone offline amid widespread suspicions of an exit scam that may have cost users millions of dollars in held cryptocurrency funds. TRM Labs, a blockchain analytics firm, assesses that the marketplace’s…
Authorities Take Down ‘Diskstation’ Ransomware Gang Targeting Synology NAS Globally
Italian State Police, working alongside French and Romanian authorities, have successfully dismantled a sophisticated ransomware operation known as “Diskstation” that specifically targeted Synology Network Attached Storage (NAS) systems worldwide. The international investigation, coordinated by EUROPOL and led by Milan’s Cybersecurity…
Curl 8.15.0 Officially Released: 233 Bugs Fixed in Major Update
Curl, the ubiquitous command-line tool and library for transferring data with URLs, has reached version 8.15.0 with a landmark release that addresses more than 230 bugs and streamlines its internal architecture. Officially launched today at 10:00 CEST (08:00 UTC) in…
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case
A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted telecommunications companies through hacking, data theft, and extortion schemes. Cameron John Wagenius, who was stationed in Texas during his military service, admitted…
Node.js Vulnerabilities Leave Windows Apps Vulnerable to Path Traversal and HashDoS
The Node.js project has released critical security updates across multiple release lines to address two high-severity vulnerabilities that pose significant risks to Windows applications and could enable denial-of-service attacks. The vulnerabilities, identified as CVE-2025-27210 and CVE-2025-27209, affect active Node.js release…