Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious endeavors. Email bombing, known also as a “spam bomb,” involves flooding a target’s email inbox with a massive volume of emails, overwhelming the recipient and…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hands-On Labs: The Key to Accelerating CMMC 2.0 Compliance
INE Security Highlights How Practical, immersive training environments help defense contractors meet DoD cybersecurity requirements Defense contractors are facing increased pressure to meet the Department of Defense’s stringent Cybersecurity Maturity Model Certification (CMMC) 2.0 requirements ahead of 2025 compliance deadlines. INE Security,…
Sensata Technologies Breached: Ransomware Attack Key Systems
Sensata Technologies Holding PLC, a global leader in sensor solutions and electrical protection, is currently grappling with the fallout of a ransomware attack that has disrupted its operations and compromised sensitive files. The breach, first reported on April 6, 2025,…
CISA Issues 10 ICS Advisories Addressing Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has issued ten new Industrial Control Systems (ICS) advisories to address critical vulnerabilities and exploits that could impact key industrial systems. Released on April 10, 2025, these advisories provide crucial insights into ongoing…
TROX Stealer Harvests Sensitive Data Including Stored Credit Cards and Browser Credentials
Cybersecurity experts at Sublime have uncovered a complex malware campaign revolving around TROX Stealer, an information stealer that employs urgency to deceive victims. This malware, first detected in December 2024, highlights an intricate attack chain designed to extract sensitive data…
Microsoft Boosts Exchange and SharePoint Security with Updated Antimalware Scan
Microsoft has fortified its Exchange Server and SharePoint Server security by integrating advanced Antimalware Scan Interface (AMSI) capabilities. This measure, aimed at countering sophisticated attack vectors, represents a crucial step to safeguard on-premises infrastructure that serves as the backbone of…
Calix Devices Vulnerable to Pre-Auth RCE on Port 6998, Root Access Possible
A severe security flaw enabling unauthenticated remote code execution (RCE) with root privileges has been uncovered in select Calix networking devices, raising alarms for organizations using legacy hardware. The vulnerability resides in TCP port 6998 and impacts end-of-life (EOL) devices…
Chinese eCrime Group Targets Users in 120+ Countries to Steal Banking Credentials
Smishing Triad, a Chinese eCrime group, has launched an extensive operation targeting users across more than 121 countries. This campaign, primarily focused on stealing banking credentials, has evolved to include diverse industries, from postal and logistics to finance and retail…
AMD CPU Signature Verification Vulnerability Enables Unauthorized Microcode Execution
A vulnerability in AMD CPUs has been uncovered, enabling attackers with administrative privileges to bypass microcode signature verification and execute malicious code. Designated as CVE-2024-36347 (CVSS score: 6.4, Medium), the flaw impacts multiple generations of AMD EPYC™ server processors and select consumer…
Ivanti 0-Day RCE Flaw Exploitation Details Revealed
A critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-22457, has been disclosed by Ivanti, sparking concerns across the cybersecurity industry. The flaw, which affects several Ivanti products, allows attackers to execute arbitrary code remotely, potentially compromising sensitive enterprise environments. Researchers, including the Rapid7…
Researchers Exploit Windows Defender with XOR and System Calls
A recent cybersecurity revelation has demonstrated how researchers successfully bypassed Windows Defender antivirus mechanisms using advanced techniques involving XOR encryption and direct system calls. This breakthrough has sparked discussions about the effectiveness of traditional antivirus measures against increasingly sophisticated attack…
Jenkins Docker Vulnerability Allows Hackers to Hijack Network Traffic
A newly disclosed vulnerability affecting Jenkins Docker images has raised serious concerns about network security. The vulnerability, stemming from the reuse of SSH host keys, could allow attackers to impersonate Jenkins build agents and hijack sensitive network traffic. Vulnerability Details…
Microsoft Issues Urgent Patch to Fix Office Update Crash
Microsoft has released an urgent patch for Office 2016 to address a critical issue causing key applications like Word, Excel, and Outlook to crash unexpectedly. The new update, KB5002623, was issued on April 10, 2025, following widespread reports of performance…
Shuckworm Group Leverages GammaSteel Malware in Targeted PowerShell Attacks
The Russia-linked cyber-espionage group known as Shuckworm (also identified as Gamaredon or Armageddon) has been observed targeting a Western country’s military mission located within Ukraine, employing an updated, PowerShell-based version of its GammaSteel infostealer malware. This campaign, which began in…
ViperSoftX Malware Spreads Through Cracked Software, Targeting Unsuspecting Users
AhnLab Security Intelligence Center (ASEC) has unearthed a complex cyber campaign in which attackers, suspected to be Arabic speakers, have been distributing ViperSoftX malware to unsuspecting Korean users. This operation has employed cracked software and torrents as vectors for spreading…
RansomHub RaaS in Disarray After Affiliate Chat Access Suddenly Revoked
RansomHub, a leading Ransomware-as-a-Service (RaaS) group that emerged in early 2024, has found itself grappling with internal turmoil. The instability came to light on April 1st, 2025, when several of its client chat portals, critical for ransomware negotiations, went offline,…
A Seven‑Year‑Old Cisco Flaw Now Lets Hackers Execute Code Remotely on Network Gear
A Cisco’s Smart Install protocol (CVE-2018-0171), first patched in 2018, remains a pervasive threat to global network infrastructure due to widespread misconfigurations and exploitation by state-sponsored threat actors. The flaw allows unauthenticated attackers to execute arbitrary code on Cisco switches…
GOFFEE Deploys PowerModul in Coordinated Strikes on Government and Energy Networks
The threat actor known as GOFFEE has launched a series of targeted attacks against critical sectors within the Russian Federation, utilizing advanced malware and phishing techniques. The group’s latest campaign involves the deployment of PowerModul, a PowerShell-based implant, to escalate…
Rogue Account‑Creation Flaw Leaves 100 K WordPress Sites Exposed
A severe vulnerability has been uncovered in the SureTriggers WordPress plugin, which could leave over 100,000 websites at risk. The issue, discovered by security researcher mikemyers, allows attackers to create rogue administrative users on sites where the plugin is not…
The State of AI Malware and Defenses Against It
AI has recently been added to the list of things that keep cybersecurity leaders awake. The increasing popularity of and easy access to large language models (LLMs), such as ChatGPT, DeepSeek, and Gemini, have enabled threat actors to scale and…