Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a prominent online securities company in Japan formed through the merger of Monex, Inc. and Nikko Beans, Inc. The company provides individual investors with a range…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
SonicWall Firewall Vulnerability Enables Unauthorized Access
Researchers from Bishop Fox have successfully exploited CVE-2024-53704, an authentication bypass vulnerability that affects SonicWall firewalls. This critical flaw allows remote attackers to hijack active SSL VPN sessions, enabling unauthorized network access without requiring user credentials. If left unpatched, the vulnerability…
DarkCloud Stealer Uses Weaponized .TAR Archives to Target Organizations and Steal Passwords
A recent cyberattack campaign leveraging the DarkCloud stealer has been identified, targeting Spanish companies and local offices of international organizations across various industries. The attackers are spoofing a legitimate Spanish company specializing in mountain and skiing equipment to deliver malicious…
New Trinda Malware Targets Android Devices by Replacing Phone Numbers During Calls
Kaspersky Lab has uncovered a new version of the Triada Trojan, a sophisticated malware targeting Android devices. This variant has been found pre-installed in the firmware of counterfeit smartphones mimicking popular models, often sold at discounted prices through unauthorized online…
Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
Cisco has disclosed a significant vulnerability in its AnyConnect VPN Server for Meraki MX and Z Series devices, allowing authenticated attackers to trigger denial-of-service (DoS) conditions. The flaw (CVE-2025-20212) stems from an uninitialized variable during SSL VPN session establishment and affects over 20 hardware…
Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
A newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hours of discovery, employ encrypted payloads…
New Web Skimming Attack Exploits Legacy Stripe API to Validate Stolen Card Data
A sophisticated web-skimming campaign has been discovered, leveraging a deprecated Stripe API to validate stolen credit card data before exfiltration. This novel strategy ensures that only valid and usable card details are exfiltrated, making the operation highly efficient and harder…
AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hours
Web applications are facing a growing challenge from “gray bots,” a category of automated programs that exploit generative AI to scrape vast amounts of data. Unlike traditional malicious bots, gray bots occupy a middle ground, engaging in activities that, while…
EvilCorp and RansomHub Collaborate to Launch Worldwide Attacks on Organizations
EvilCorp, a sanctioned Russia-based cybercriminal enterprise, has been observed collaborating with RansomHub, one of the most active ransomware-as-a-service (RaaS) operations. This partnership has heightened the threat landscape, as both entities leverage advanced tools and techniques to target organizations across the…
Russian Seashell Blizzard Targets Organizations Using Custom-Built Hacking Tools
Seashell Blizzard, also known as APT44, Sandworm, and Voodoo Bear, has emerged as a sophisticated adversary targeting critical sectors worldwide. Associated with Russia’s Military Intelligence Unit 74455 (GRU), this group has been active since at least 2009, focusing on sectors…
Multiple Jenkins Plugin Vulnerabilities Expose Sensitive Information to Attackers
Jenkins, the widely used open-source automation server, faces heightened security risks after researchers disclosed 11 critical vulnerabilities across its core software and eight plugins. These flaws expose sensitive data, enable code execution, and allow unauthorized configuration changes. Key Vulnerabilities and Risks Affected…
Google’s Quick Share for Windows Vulnerability Allows Remote Code Execution
Cybersecurity researchers from SafeBreach Labs have revealed new vulnerabilities in Google’s Quick Share file-transfer utility for Windows, including a critical flaw that allows attackers to execute code on targeted devices. The findings, disclosed this week, highlight risks in the widely…
Hackers Selling SnowDog RAT Malware With Remote Control Capabilities Online
A sophisticated remote access trojan (RAT) dubbed SnowDog has surfaced on underground cybercrime forums, prompting alarms among cybersecurity experts. Advertised as a tool for “corporate espionage and advanced intrusions,” the malware is being sold by an unidentified threat actor with claims of…
Authorities Shut Down Kidflix Child Abuse Platform in Major Takedown
In one of the most significant operations against child sexual exploitation in recent history, authorities have announced the shutdown of “Kidflix,” one of the world’s largest platforms for the distribution of child sexual abuse material (CSAM). The meticulously planned international…
Massive GitHub Leak: 39M API Keys & Credentials Exposed – How to Strengthen Security
Over 39 million API keys, credentials, and other sensitive secrets were exposed on GitHub in 2024, raising considerable alarm within the developer community and enterprises globally. The scale and impact of this leak have underscored the growing risks tied to…
GoResolver: A Powerful New Tool for Analyzing Golang Malware
Analyzing malware has become increasingly challenging, especially with the growing popularity of programming languages like Golang. Golang, or Go, has captivated developers for its extensive features but has also proven to be an attractive choice for malware authors, thanks to…
Verizon Call Filter App Vulnerability Exposed Call Log Data of Customers
A vulnerability in Verizon’s Call Filter app for iOS has been discovered, allowing unauthorized access to customer call logs. This flaw allowed any individual with the requisite technical knowledge to retrieve incoming call data—complete with timestamps—for any Verizon phone number,…
Cisco Smart Licensing Utility Flaws Allowed Attackers to Gain Admin Access
Cisco has disclosed critical vulnerabilities in its Smart Licensing Utility software, identified as CVE-2024-20439 and CVE-2024-20440, which could allow unauthenticated, remote attackers to gain administrative access or collect sensitive information from compromised systems. These flaws, rated with a severity score…
Over 1,500 PostgreSQL Servers Hit by Fileless Malware Attack
A sophisticated malware campaign has compromised over 1,500 PostgreSQL servers, leveraging fileless techniques to deploy cryptomining payloads. The attack, identified by Wiz Threat Research and attributed to the threat actor group JINX-0126, exploits publicly exposed PostgreSQL instances configured with weak…
Hackers Exploit Cloudflare for Advanced Phishing Attacks
A sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes. Researchers at Hunt.io have identified this new wave of attacks, which employs Cloudflare-branded phishing pages and…