The Shadowserver Foundation has issued an urgent update regarding the critical “React2Shell” vulnerability, identifying a massive attack surface that remains exposed to potential exploitation. Following targeted improvements to their scanning infrastructure on December 8, 2025, researchers discovered that over 644,000…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly
A sophisticated phishing toolkit dubbed “Spiderman” has emerged as a significant threat to European banking customers, enabling cybercriminals to create convincing fake login pages for dozens of financial institutions with just a few clicks. This development marks a dangerous evolution…
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in…
Threat Actors Exploit ChatGPT and Grok Conversations to Deliver AMOS Stealer
The cybersecurity landscape has reached a troubling inflection point. On December 5, 2025, Huntress identified a sophisticated campaign deploying the Atomic macOS Stealer (AMOS) through a deceptively simple vector. AI conversations on OpenAI’s ChatGPT and xAI’s Grok platforms, surfaced via…
Parrot 7.0 Beta Introduces Debian 13 and a Fully Redesigned Desktop
Parrot Security OS has unveiled its highly anticipated 7.0 beta release, marking a significant milestone with the integration of Debian 13 and a complete desktop environment overhaul. The new version brings substantial stability improvements and modernized infrastructure designed to enhance…
AI-Powered Analysis Exposes Massive 5,000-Domain Chinese Malware Operation
DomainTools Investigations has released critical findings detailing the expansion of a massive malware-delivery network targeting Chinese-speaking users worldwide. The long-running cluster, active since June 2023, has swelled to approximately 5,000 domains, with researchers identifying over 1,900 new domains between May…
Windows Defender Firewall Flaw Allows Attackers to Access Sensitive Data
Microsoft has officially addressed a new security vulnerability affecting the Windows Defender Firewall Service that could allow threat actors to access sensitive information on compromised systems. The flaw, identified as CVE-2025-62468, was disclosed as part of the company’s December 2025…
Microsoft Releases New Guidance to Combat the Shai-Hulud 2.0 Supply Chain Threat
Microsoft has published comprehensive guidance addressing the Shai-Hulud 2.0 supply chain attack, one of the most significant cloud-native ecosystem compromises observed in recent months. The campaign represents a sophisticated threat that exploits the trust inherent in modern software development workflows…
Gemini Zero-Click Flaw Let Attackers Access Gmail, Calendar, and Google Docs
A critical vulnerability in Google Gemini Enterprise and Vertex AI Search, dubbed GeminiJack, that allows attackers to exfiltrate sensitive corporate data without any user interaction or security alerts. The flaw exploits an architectural weakness in how enterprise AI systems process and…
Cybercriminals Use Fake Game Updates on Itch.io and Patreon to Push Lumma Stealer
The indie gaming community faces a new and sophisticated threat. Malicious actors are exploiting itch.io and Patreon to distribute the Lumma Stealer malware disguised as legitimate game updates, targeting unsuspecting gamers through a systematic spam campaign across the platform. Newly…
High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions by injecting malicious JavaScript into the management dashboard. The vulnerability, identified as CVE-2025-10573 with a CVSS score of 9.6, affects all…
GOLD BLADE: Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment
Between February 2024 and August 2025, security researchers uncovered a significant campaign orchestrated by the GOLD BLADE threat group, previously known as RedCurl, RedWolf, and Earth Kapre. The investigation of nearly 40 intrusions linked to STAC6565 reveals a sophisticated threat…
Threat Actors Poison SEO to Spread Fake Microsoft Teams Installer
The Chinese advanced persistent threat (APT) group Silver Fox (also known as Void Arachne) has launched a sophisticated search engine optimization (SEO) poisoning campaign targeting Chinese-speaking employees at organizations worldwide. The campaign distributes a counterfeit Microsoft Teams installer laced with…
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability,…
Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits
Makop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP) systems and integrating new attack components, including antivirus-killer modules and advanced privilege-escalation exploits. Recent investigations by Acronis TRU researchers reveal…
Microsoft December 2025 Patch Tuesday Fixes 56 Vulnerabilities Fixed and 3 Zero-days
Microsoft’s final Patch Tuesday of 2025 has been released, addressing 56 vulnerabilities across its product suite. The December update includes patches for three zero-day vulnerabilities, one of which is confirmed to be actively exploited in the wild. Among the resolved…
AI-Driven Tools Uncover GhostPenguin Backdoor Attacking Linux Servers
A sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal in July 2025. The threat represents a new breed of stealthy malware designed to maintain…
SAP Security Patch Day Fixes Critical Flaws in Solution Manager, NetWeaver & More
SAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and high‑severity vulnerabilities across key enterprise products. Administrators are strongly advised to review the latest security notes in the SAP Support…
Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of…
New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims…