Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The state-sponsored hackers from North Korea, Iran, and Russia have begunp deploying the ClickFix social engineering technique, traditionally associated with cybercriminal activities, into their espionage operations. This shift was first documented by Proofpoint researchers over a three-month period from late…

Read more →

Microsoft has reported significant strides in thwarting financial fraud across its ecosystem. From April 2024 to April 2025, the tech giant managed to prevent approximately $4 billion in fraudulent transactions, a testament to its robust anti-fraud measures and AI-driven defenses.…

Read more →

Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed a significant cybersecurity breach that has compromised the personal information of an undisclosed number of customers and associates. The incident was first identified on November 9,…

Read more →

Cisco Talos has uncovered significant advancements in the XorDDoS malware ecosystem, revealing a multi-layered infrastructure enabling sophisticated distributed denial-of-service (DDoS) attacks through a new “VIP version” of its controller and a centralized command system.  Between November 2023 and February 2025,…

Read more →

Cybersecurity experts have recently shed light on the sophisticated operations of StrelaStealer, also known by its alias Strela, revealing a suite of stealthy tactics employed in its information theft campaigns.  This malware, spotlighted by IBM Security X-Force for its association…

Read more →

A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel’s ipset component. This flaw enables out-of-bounds (OOB) write on the kernel heap, which threat actors can exploit to execute arbitrary code with elevated privileges. Security researchers…

Read more →

Threat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of Android spyware, cleverly disguised as the official application of the Chinese Prosecutor’s Office (检察院).  This malicious software was targeting Chinese-speaking users in mainland China and Hong…

Read more →

Cybersecurity researchers have stumbled upon a treasure trove of operational tools and scripts linked to the KeyPlug malware, associated with the threat group RedGolf, also known as APT41.  The server, which was inadvertently exposed for less than 24 hours, provided…

Read more →

In today’s interconnected digital landscape, APIs serve as the critical building blocks of modern web applications, enabling seamless data exchange and functionality. However, as their usage has exploded in recent years, attackers have increasingly adapted their tactics to target these…

Read more →

The evolving cybersecurity landscape demands advanced strategies to counter sophisticated threats that outpace traditional security measures. The MITRE ATT&CK framework emerges as a critical tool for Security Operations Centers (SOCs), offering a structured, knowledge-driven approach to understanding adversary behavior. By…

Read more →

Security researchers have uncovered a network of over 35 Google Chrome extensions—collectively installed on more than 6 million browsers—secretly executing remote commands and potentially spying on users for years. The alarming discovery began during a routine security review at an…

Read more →

Millions of users worldwide experienced a sudden disruption of Zoom services on April 16, as the popular video conferencing platform suffered a global outage traced back to a server block imposed by GoDaddy Registry. The incident, which rendered the core…

Read more →

A vulnerability in Bubble.io, a leading no-code development platform, has exposed thousands of applications to data breaches. The flaw allows attackers to bypass security controls and execute arbitrary queries on Elasticsearch databases, potentially compromising sensitive user information. Security researchers reverse-engineered…

Read more →

Security teams across industries are urgently patching systems following the public release of a proof-of-concept (PoC) exploit for a newly disclosed critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation. The flaw, tracked as CVE-2025-32433 and assigned a maximum CVSS score…

Read more →

According to cybersecurity nonprofit Shadowserver, a major cyberattack has compromised more than 17,000 Fortinet devices globally, exploiting a sophisticated symbolic link persistence technique. The incident marks a rapid escalation from early reports, which initially identified approximately 14,000 affected devices just…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority warning regarding two critical zero-day vulnerabilities impacting a wide range of Apple devices. The flaws, which impact the latest versions of iOS, iPadOS, macOS, and other Apple products, are…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) alerted organizations to active exploitation of a newly disclosed Microsoft Windows vulnerability tracked as CVE-2025-24054. The flaw affects Windows’ NTLM authentication protocol, creating an opportunity for unauthorized attackers to infiltrate systems via…

Read more →

A relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations. The group, which started its operations in the healthcare, education, and industrial sectors of Taiwan, leverages sophisticated cyber techniques to disrupt essential…

Read more →

The cybersecurity landscape witnessed a dramatic escalation in ransomware attacks, marking a concerning trend for global businesses. According to a recent analysis by Check Point Research, ransomware incidents surged by an alarming 126% compared to the same period in 2024.…

Read more →

The Cybereason Global Security Operations Center (GSOC) has shed light on the sophisticated tactics used by the LummaStealer malware to evade detection and execute malicious code. Originally spotted in 2022, this Russian-developed malware-as-a-service (MaaS) has continuously evolved its evasion techniques…

Read more →