Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times, compromised development environments and potentially backdoored production systems and resulted in financial losses. They are utilizing Ethereum smart contracts, such…

Read more →

Tenable Holdings, Inc. has confirmed the passing of its esteemed Chairman and Chief Executive Officer, Amit Yoran, who succumbed to cancer on January 3, 2025. Yoran, aged 54, was a distinguished figure in the cybersecurity realm, known for his visionary…

Read more →

Researchers have released a proof of concept (PoC) exploit for a critical privilege escalation vulnerability affecting Microsoft Windows. This vulnerability, CVE-2024-43452, allows attackers to gain elevated privileges on a compromised system, potentially leading to unchecked access to sensitive data and…

Read more →

Within today’s fast-changing global society, effective training is vital for personal and professional success. However, traditional methods often do not provide enough flexibility or personalization options. In light of this, learning experience platforms (LXPs) have revolutionized how organizations and individuals…

Read more →

Tenable Holdings, Inc. has announced with profound sadness the unexpected passing of its Chairman and Chief Executive Officer, Amit Yoran, who succumbed to a battle with cancer on January 5, 2025. A visionary leader, Yoran was a pioneer in the…

Read more →

Cybersecurity experts have uncovered a new wave of cyberattacks linked to North Korean threat actors targeting cryptocurrency wallets in an operation dubbed the “Contagious Interview” campaign. The attackers employ sophisticated phishing tactics under the guise of job interviews, exploiting platforms…

Read more →

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome extensions, which can manipulate emails, track browsing, and even transform infected browsers into proxies for attackers, enabling them to browse the web with the victim’s credentials.…

Read more →

Security researchers have observed consistent activity from a threat actor dubbed “EC2 Grouper,” which is responsible for numerous cloud compromises and exhibits a distinct modus operandi.  EC2 Grouper consistently employs specific user agents and adheres to a unique security group…

Read more →

In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several of its router models.  These flaws, tracked as CVE-2024-12912 and CVE-2024-13062, pose severe risks by allowing attackers to execute arbitrary commands on compromised devices. ASUS has advised users to…

Read more →

Apple Inc. has agreed to pay $95 million to settle a proposed class-action lawsuit alleging that its Siri voice assistant infringed on users’ privacy by recording private conversations without their consent. The preliminary settlement, filed in federal court in Oakland,…

Read more →

NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive disruption on January 2, 2025, after a Distributed Denial of Service (DDoS) attack targeted its network infrastructure. The attack resulted in widespread service irregularities affecting customers…

Read more →

 A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among cybersecurity experts and software users. The flaw, which could allow malicious attackers to access sensitive user data, underscores the importance of timely updates and vigilant…

Read more →

PLAYFULGHOST, a Gh0st RAT variant, leverages distinct traffic patterns and encryption, which spread via phishing emails and SEO poisoning of bundled applications, enabling keylogging, screen capture, and other malicious remote access capabilities. A phishing campaign employed a .jpg file as…

Read more →

The CVE-2024-49112 vulnerability in Windows LDAP allows remote code execution on unpatched Domain Controllers, as a zero-click exploit leverages this by crafting malicious LDAP requests, which, sent without any user interaction, exploit a memory corruption vulnerability within the LDAP service. …

Read more →

A cybersecurity researcher has demonstrated a method to bypass BitLocker encryption on Windows 11 (version 24H2) by extracting full volume encryption keys (FVEK) from memory. Using a custom-built tool named Memory-Dump-UEFI, the researcher was able to retrieve sensitive cryptographic keys to…

Read more →

The Tycoon 2FA platform is a Phishing-as-a-Service (PhaaS) tool that enables cybercriminals to easily launch sophisticated phishing attacks targeting two-factor authentication (2FA).  It provides a service that simplifies the process for attackers. and offers an intuitive interface, allowing for the…

Read more →

SmuggleShield, a recently launched browser extension, is gaining attention in the cybersecurity space for its innovative approach to mitigating HTML smuggling attacks. With its stable version (2.0) now available, SmuggleShield provides an additional layer of protection for everyday internet users,…

Read more →

Cloud security researchers have uncovered alarming trends in identity compromises within Amazon Web Services (AWS) environments. Among the most prolific threat actors is a group dubbed “EC2 Grouper,” known for exploiting compromised credentials to carry out sophisticated attacks using AWS…

Read more →

Trend Micro has addressed six high-severity vulnerabilities in its Apex One and Apex One as a Service product, which could allow attackers to escalate privileges on affected Windows systems. These vulnerabilities were disclosed under the Common Vulnerabilities and Exposures (CVE) system and have been…

Read more →

A 20-year-old U.S. Army soldier, Cameron John Wagenius, has been arrested and indicted by federal authorities for allegedly selling confidential customer call records stolen from major telecommunications companies AT&T and Verizon. Known online as “Kiberphant0m,” Wagenius was apprehended near an…

Read more →