A recent malware distribution scheme has been uncovered on SourceForge, the popular software hosting and distribution platform. Cybercriminals have leveraged SourceForge’s subdomain feature to deceive users with fake downloads of software applications, embedding malicious files into the infection chain. This…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Shopware Security Plugin Vulnerability Enables SQL Injection Attacks
A recently disclosed SQL injection vulnerability in older versions of the Shopware platform has raised concerns among online shop operators. Although Shopware has addressed the issue in its latest release (version 6.5.8.13), it has been revealed that the fix provided…
Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
In a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet. Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology…
Vidar Stealer Uses New Deception Technique to Hijack Browser Cookies and Stored Credentials
Vidar Stealer a notorious information-stealing malware has adopted a deceptive method to disguise itself as Microsoft’s BGInfo application. By exploiting a legitimate tool widely used by IT professionals to display system details, attackers have demonstrated advanced techniques to evade detection…
Zoom Workplace Apps Vulnerability Enables Malicious Script Injection Through XSS Flaws
A newly disclosed vulnerability in Zoom Workplace Apps (tracked as CVE-2025-27441 and CVE-2025-27442) allows attackers to inject malicious scripts via cross-site scripting (XSS) flaws, posing risks to millions of users globally. The medium-severity vulnerability, with a CVSS score of 4.6,…
Fortinet Warns of Multiple Vulnerabilities in FortiAnalyzer, FortiManager, & Other Products
Fortinet has revealed and resolved several vulnerabilities within its range of products, such as FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiVoice, FortiWeb, and FortiSwitch. These weaknesses vary from inadequate filtering of log outputs to unconfirmed password modifications and poorly secured credentials. The…
Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities
Ivanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products. The updates for EPM 2024 SU1 and EPM 2022 SU7 resolve six critical and medium-severity flaws that could…
CISA Alerts on Actively Exploited CrushFTP Authentication Bypass Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited vulnerability in CrushFTP, a popular file transfer server solution. Identified as CVE-2025-31161, the vulnerability allows attackers to bypass authentication, posing significant risks to organizations relying…
Over 5,000 Ivanti Connect Secure Devices Exposed to RCE Vulnerabilities
Over 5,000 Ivanti Connect Secure devices remain vulnerable to a critical remote code execution (RCE) flaw, according to data from the Shadowserver Foundation. The vulnerability, tracked as CVE-2025-22457, stems from a stack-based buffer overflow issue, enabling unauthenticated attackers to execute arbitrary…
Threat Actors Exploit CI/CD Environments to Gain Unauthorized Access to Restricted Resources
Recent research by Unit 42 highlights critical vulnerabilities in the use of OpenID Connect (OIDC) within continuous integration and continuous deployment (CI/CD) environments. OIDC, an extension of the OAuth protocol, is widely adopted for secure authentication and authorization, playing a…
Malicious VS Code Extensions with Millions of Installs Put Developers at Risk
A sophisticated cryptomining campaign has been uncovered, targeting developers through malicious Visual Studio Code (VS Code) extensions. These extensions, masquerading as legitimate tools, have collectively accumulated over one million installations, exposing the scale of the attack. Researchers at ExtensionTotal detected…
Over 26,000 Dark Web Discussions Focused on Hacking Financial Organizations
Radware’s comprehensive research into the cybersecurity landscape has uncovered significant trends shaping the financial services industry’s vulnerabilities in 2024. The analysis, conducted across 46 deep-web hacker forums, identified over 26,000 threat actors’ discussions that revealed increasingly sophisticated cyberattack methods. The…
NIST Declares Pre-2018 CVEs Will Be Labeled as ‘Deferred’
The National Institute of Standards and Technology (NIST) has announced that all Common Vulnerabilities and Exposures (CVEs) with a publication date before January 1, 2018, will now be marked with a “Deferred” status within the National Vulnerability Database (NVD). This…
Google to Patch 23-Year-Old Chrome Bug That Leaked Browsing History
Google has announced a groundbreaking update to its Chrome browser that addresses a vulnerability in the web browser’s code, which has been leaking users’ browsing history for over two decades. This long-standing issue stems from the CSS :visited selector—a web design feature…
SAP April 2025 Update Fixes Critical Code Injection Vulnerabilities
SAP Security Patch Day has introduced a critical update to address vulnerabilities in SAP products, including high-severity code injection weaknesses. A total of 18 new Security Notes, along with 2 updates to existing notes, were released to tackle serious risks such as unauthorized…
Oracle Confirms Breach: Hackers Stole Client Login Credentials
Oracle Corporation has officially confirmed a cybersecurity breach in which hackers infiltrated its systems and stole client login credentials. This marks the second security incident disclosed by the software giant in less than a month, raising alarm among customers and…
Linux 6.15-rc1 Released: Better Drivers, Faster Performance
The Linux kernel community has witnessed another milestone with the release of Linux 6.15-rc1, the first release candidate for the forthcoming Linux 6.15 stable release. Announced by Linus Torvalds on April 6, 2025, in Phoronix blog, this marks the conclusion…
Hackers Abuse Windows .RDP Files to Launch Unauthorized Remote Desktop Sessions
The Google Threat Intelligence Group (GTIG) has unearthed a novel phishing campaign leveraging Windows Remote Desktop Protocol (.RDP) files to facilitate unauthorized remote access. Dubbed “Rogue RDP,” this campaign specifically targeted European government and military organizations in late 2024. The…
Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages
Originally discovered in 2020 as a Phishing-as-a-Service (PhaaS) platform, Morphing Meerkat has since evolved into a sophisticated cybercriminal tool. Initially capable of mimicking login pages for only five email services, the platform has expanded its capabilities, now encompassing over 100…
Threat Actor Leaks Data from Major Bulletproof Hosting Provider Medialand
A threat actor disclosed internal data from Medialand, a prominent bulletproof hosting (BPH) provider long associated with Yalishanda, a cybercriminal organization tracked as LARVA-34. The breach has exposed the backend systems and operational infrastructure of Medialand, which has historically facilitated…