Alabama man has been sentenced to 14 months in prison for orchestrating a sophisticated SIM swap attack that allowed him to hijack the U.S. Securities and Exchange Commission’s (SEC) social media account on X, formerly known as Twitter. The unauthorized…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Active Exploitation of Ivanti EPMM Zero-Day Vulnerability in the Wild
Security researchers at The Shadowserver Foundation have identified active exploitation attempts targeting a critical zero-day vulnerability in Ivanti’s Enterprise Mobility Management (EPMM) platform. The vulnerability, tracked as CVE-2025-4427, can be chained with CVE-2025-4428 to achieve remote code execution (RCE), posing…
Auth0-PHP Vulnerability Enables Unauthorized Access for Attackers
Critical security vulnerability has been discovered in the Auth0-PHP SDK that could potentially allow unauthorized access to applications through brute force attacks on session cookie authentication tags. The vulnerability specifically affects versions 8.0.0-BETA1 and newer of the SDK when configured…
Skitnet Malware Employs Stealth Techniques to Execute Payload and Maintain Persistence Techniques
A new and highly sophisticated multi-stage malware, known as Skitnet (or Bossnet), has been uncovered, showcasing advanced stealth techniques to execute its malicious payload and maintain persistent access on infected systems. Developed by the threat group LARVA-306, Skitnet has been…
Google Reveals Hackers Targeting US Following UK Retailer Attacks
The Google Threat Intelligence Group (GTIG) recently revealed that the well-known hacker collective UNC3944, which also overlaps with the widely publicized Scattered Spider, is a persistent and dynamic cyberthreat. Initially focused on telecommunications for SIM swap operations, UNC3944 has since…
New ModiLoader Malware Campaign Targets Windows PCs, Harvesting User Credentials
AhnLab Security Intelligence Center (ASEC) has recently uncovered a malicious campaign distributing ModiLoader (also known as DBatLoader) malware through phishing emails. These emails, crafted in Turkish and impersonating a Turkish bank, urge recipients to open a malicious attachment under the…
Confluence Servers Under Attack: Hackers Leverage Vulnerability for RDP Access and Remote Code Execution
Threat actors exploited a known vulnerability, CVE-2023-22527, a template injection flaw in Atlassian Confluence servers exposed to the internet. This exploit facilitated remote code execution (RCE), enabling attackers to gain initial access and establish a foothold within targeted networks. The…
Hackers Exploit RVTools to Deploy Bumblebee Malware on Windows Systems
A reliable VMware environment reporting tool, RVTools, was momentarily infiltrated earlier this week on May 13, 2025, to disseminate the sneaky Bumblebee loader virus, serving as a sobering reminder of the vulnerabilities present in software supply chains. This incident, detected…
CISA to Stop Publishing Cybersecurity Alerts and Advisories on Webpages
Cybersecurity and Infrastructure Security Agency (CISA) has announced significant changes to how it communicates cybersecurity updates and guidance to stakeholders. In a recent announcement, CISA revealed plans to shift away from listing advisories on its webpage to focus on more…
Critical Firefox 0-Day Flaws Allow Remote Code Execution
Mozilla has urgently patched two critical 0-day vulnerabilities in its popular web browser Firefox, both of which could allow remote attackers to execute malicious code on user systems. The flaws, tracked as CVE-2025-4918 and CVE-2025-4919, were disclosed on May 17,…
Health Care Data Breach Costs BreachForums Admin $700,000 Fine
Conor Brian Fitzpatrick, the 22-year-old former administrator of cybercrime forum Breachforums, will forfeit approximately $700,000 to settle a civil lawsuit stemming from a healthcare data breach. The settlement marks a rare instance where a cybercriminal’s assets will directly compensate victims…
Pwn2Own Day 3: Zero-Day Exploits Windows 11, VMware ESXi, and Firefox
The Pwn2Own Berlin 2025 last day ended with impressive technological accomplishments, bringing the total prize money over one million dollars. Security researchers demonstrated sophisticated exploitation techniques against high-profile targets including Windows 11, VMware ESXi, and Mozilla Firefox, revealing critical zero-day…
Exploiting dMSA for Advanced Active Directory Persistence
Security researchers have identified new methods for achieving persistence in Active Directory environments by exploiting Delegated Managed Service Accounts (dMSAs), a new security feature introduced in Windows Server 2025. Despite being designed to enhance security through automated credential management, dMSAs…
GNU C(glibc) Vulnerability Let Attackers Execute Arbitrary Code on Millions of Linux Systems
Security researchers have disclosed a significant vulnerability in the GNU C Library (glibc), potentially affecting millions of Linux systems worldwide. The flaw, identified as CVE-2025-4802, involves statically linked setuid binaries that incorrectly search library paths, potentially allowing attackers to execute…
VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2
Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical vulnerabilities across major enterprise platforms and earning $435,000 in bounties. The competition, now in its second day at the OffensiveCon conference in Berlin, has awarded…
Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication
A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package os-info-checker-es6. First published on March 19, 2025, with initial versions appearing benign, the package rapidly evolved into a complex threat.…
Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack
A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver Jackson, a member of the Patchstack Alliance community. This vulnerability in the plugin, which boasts over 10,000 active installations, allowed…
Chinese Agent Impersonate as Stanford Student For Intelligence Gathering
Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation into suspicious approaches made to students conducting China-related research. The agent, using the alias “Charles Chen,” targeted several students over an extended period, primarily women…
Printer Company Distributes Malicious Drivers Infected with XRed Malware
Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code, including the notorious XRed backdoor malware. The issue came to light when Cameron Coward, a YouTuber behind the channel Serial Hobbyism, attempted to review a…
New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads
A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack. Cybersecurity researchers have uncovered a multi-stage infection chain that begins with a deceptive PDF document titled “Pay Adjustment.” This document lures…