A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks. According to security experts at Trend Micro, BPFDoor is a state-sponsored backdoor attributed to the advanced persistent…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Morocco Investigation Major Data Breach Allegedly Claimed by Algerian Hackers
The National Social Security Fund (CNSS) of Morocco has confirmed that initial checks on leaked documents circulating on social media have revealed that much of the information is false, inaccurate, or incomplete. Officials state these documents originated from a cyber…
EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data
As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR), enacted in 2018, remains a cornerstone of data privacy and security. A recent safety report highlighting the rapid advancement of artificial intelligence (AI) has renewed focus…
Smishing Campaign Hits Toll Road Users with $5 Payment Scam
Cybersecurity researchers at Cisco Talos have uncovered a large-scale smishing campaign targeting toll road users across the United States. The campaign, which has been active since October 2024, impersonates toll road payment services, luring unsuspecting victims into revealing their personal…
IBM Aspera Faspex Flaw Allows Injection of Malicious JavaScript in Web UI
A significant security vulnerability has been identified in IBM Aspera Faspex 5, a popular file exchange solution. The flaw, designated as CVE-2025-3423, allows attackers to inject malicious JavaScript into the web interface, potentially compromising sensitive user data. Vulnerability Details The…
VMware ESXi 8.0 Update 3e Is Now Free — Here’s What’s New
VMware has announced that ESXi 8.0 Update 3e, the latest version of its industry-leading hypervisor, is now available for download at no cost. Released on April 10, 2025, this update is packed with enhancements, critical fixes, and new features, solidifying VMware’s dominance…
Chinese APT Group Targets Ivanti VPN Vulnerabilities to Breach Networks
In a concerning report from cybersecurity firm TeamT5, it has been revealed that a Chinese Advanced Persistent Threat (APT) group leveraged critical vulnerabilities in Ivanti Connect Secure VPN appliances to launch a global cyberattack. The breach affected nearly 20 industries…
DoJ Launches Critical National Security Program to Protect Americans’ Sensitive Data
The U.S. Department of Justice has launched a landmark initiative to block foreign adversaries—including China, Russia, and Iran—from exploiting commercial channels to access sensitive American data. The Data Security Program (DSP), enacted under Executive Order 14117, establishes stringent controls over…
Slow Pisces Group Targets Developers Using Coding Challenges Laced with Python Malware
A North Korean state-sponsored threat group known as “Slow Pisces” has been orchestrating sophisticated cyberattacks targeting developers in the cryptocurrency sector using malware-laced coding challenges. This campaign employs deceptive tactics and advanced malware techniques designed to infiltrate systems, steal critical…
FortiGate 0-Day Exploit Allegedly Up for Sale on Dark Web
A chilling new development in the cybersecurity landscape has emerged, as a threat actor has reportedly advertised an alleged zero-day exploit targeting Fortinet’s FortiGate firewalls on a prominent dark web forum. This exploit purportedly enables unauthenticated remote code execution (RCE)…
Alleged FUD Malware ‘GYware’ Advertised on Hacker Forum for $35/Month
A new Remote Access Trojan (RAT) known as “GYware” is being marketed on a popular hacker forum at an affordable price of $35 per month. The malware, which is described by its creator as the “best of 2025,” reportedly boasts…
Kaspersky Shares 12 Essential Tips for Messaging App Security and Privacy
In an era where instant messaging apps like WhatsApp, Telegram, Signal, iMessage, Viber, and WeChat dominate personal and professional communication, digital privacy and security have never been more critical. To help users keep their accounts secure and private, cybersecurity experts…
Dangling DNS Attack Allows Hackers to Take Over Organization’s Subdomain
Hackers are exploiting what’s known as “Dangling DNS” records to take over corporate subdomains, posing significant threats to organizations’ security frameworks. This attack vector has been increasingly noted by security teams, highlighting the need for constant vigilance in DNS configuration…
Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the Google Play Store to distribute Android malware. These websites, hosted on newly registered domains, create a façade of credible application installation pages, enticing victims with…
Threat Actors Manipulate Search Results to Lure Users to Malicious Websites
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search engine results, pushing malicious websites to the top where unsuspecting users are likely to click. In recent years, this tactic, often known as SEO poisoning…
RansomHub Ransomware Group Hits 84 Organizations as New Threat Actors Emerge
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of industries across the globe. In March 2025, this group alone managed to compromise 84 organizations, while new groups like Arkana and CrazyHunter have introduced sophisticated…
HelloKitty Ransomware Returns, Launching Attacks on Windows, Linux, and ESXi Environments
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware, signaling its resurgence with attacks targeting Windows, Linux, and ESXi environments. HelloKitty ransomware, initially appearing in October 2020 as a fork of DeathRansom, has evolved…
Tycoon 2FA Phishing Kit Uses Advanced Evasion Techniques to Bypass Endpoint Detection Systems
The notorious Tycoon 2FA phishing kit continues its evolution with new strategies designed to slip past endpoint detection systems. This development was highlighted in a recent analysis, showcasing several sophisticated techniques aimed at thwarting detection and analysis. Obfuscation with Invisible…
Threat Actors Exploit Legitimate Crypto Packages to Deliver Malicious Code
Threat actors are using open-source software (OSS) repositories to install malicious code into trusted applications, particularly targeting cryptocurrency software. The ReversingLabs (RL) research team has identified a pattern where attackers upload seemingly legitimate packages to repositories like npm, which then…
Hackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks
Enterprises are facing heightened cyber threats as attackers increasingly target network infrastructure, particularly routers, following a trend noted in Forescout Research Vedere Labs’ 2025 report on the riskiest connected devices. The Forescout report reveals a significant shift in the cybersecurity…