Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog with the addition of three high-risk security flaws affecting Ivanti Endpoint Manager (EPM). These vulnerabilities, which involve absolute path traversal issues, have been observed being…

Read more →

North Korea’s Lazarus Group has launched a new wave of attacks targeting the npm ecosystem, compromising six packages designed to steal login credentials and deploy backdoors. The malicious packages is-buffer-validator, yoojae-validator, event-handle-package, array-empty-validator, react-event-dependency, and auth-validator have collectively been downloaded…

Read more →

A significant security vulnerability affecting Apache Pinot, an open-source distributed data store designed for real-time analytics, has been publicly disclosed. The flaw, identified as CVE-2024-56325, allows remote attackers to bypass authentication on vulnerable installations, posing a critical threat to affected systems.…

Read more →

The SideWinder Advanced Persistent Threat (APT) group has been observed intensifying its activities, particularly targeting military and government entities across various regions. This group, known for its aggressive expansion beyond traditional targets, has recently updated its toolset to include sophisticated…

Read more →

SAP announced 21 new Security Notes and updates to 3 previously released notes on its latest Security Patch Day. This release addresses critical vulnerabilities within SAP products, underscoring the company’s commitment to safeguarding enterprise software. SAP strongly recommends customers prioritize…

Read more →

A critical vulnerability has been discovered in Veritas’ Arctera InfoScale product, a solution widely used for disaster recovery and high availability scenarios. The issue lies in the insecure deserialization of untrusted data in the .NET remoting endpoint, allowing attackers to…

Read more →

Google has released a critical update for its Chrome browser, advancing the stable channel to version 134.0.6998.88 for Windows, Mac, and Linux, and 134.0.6998.89 for Windows and Mac on the Extended Stable channel. This update includes several high-priority security fixes…

Read more →

Apache Tomcat, a widely used open-source web server software, has faced numerous security vulnerabilities in recent years. Some critical issues put servers at risk of remote code execution (RCE) and other attacks. These vulnerabilities highlight the importance of keeping software…

Read more →

Microsoft’s Time Travel Debugging (TTD) framework, a powerful tool for recording and replaying Windows program executions, has been found to harbor subtle yet significant bugs in its CPU instruction emulation process, according to a new report from Mandiant. These flaws…

Read more →

In a landmark move to strengthen its position in the rapidly evolving artificial intelligence landscape, ServiceNow, a leading provider of digital workflow solutions, has announced its acquisition of Moveworks, an AI startup, for $2.85 billion. The deal, revealed on Monday,…

Read more →

Apple has rolled out iOS 18.4 Beta 3, available to developers as of March 10, 2025, with the build number 22E5222f. This release is part of the ongoing beta testing phase, with the final version anticipated in early April 2025.…

Read more →

Ragnar Loader, a sophisticated toolkit associated with the Ragnar Locker ransomware group, has been instrumental in facilitating targeted cyberattacks on organizations since its emergence in 2020. This malware is part of the Monstrous Mantis ransomware ecosystem and is designed to…

Read more →

North Korean state-sponsored hackers, known as APT37 or ScarCruft, have been employing sophisticated tactics to breach systems, leveraging malicious ZIP files containing LNK files to initiate attacks. These LNK files, often disguised as documents related to North Korean affairs or…

Read more →

In a recent exploration of embedded device hacking, a researcher demonstrated how to extract firmware from flash memory using the flashrom tool. This process is crucial for understanding device operation and identifying potential vulnerabilities. However, it involves risks that can…

Read more →

A significant vulnerability in the Android operating system, identified as CVE-2024-31317, has been discovered, allowing attackers to exploit the Zygote process for system-wide code execution and privilege escalation. This flaw affects devices running Android 11 or older, highlighting a critical…

Read more →

EncryptHub, a rising cybercriminal entity, has been under scrutiny by multiple threat intelligence teams, including Outpost24’s KrakenLabs. Recent investigations have uncovered previously unseen aspects of EncryptHub’s infrastructure and tactics, revealing a sophisticated multi-stage malware campaign. The threat actor’s operational security…

Read more →

The integration of Rust into the Linux kernel is a significant step forward in enhancing memory safety, a critical aspect of kernel development. This effort, known as Rust for Linux, began in 2021 with the publication of an RFC by…

Read more →

new data has emerged linking over 2,400 IP addresses associated with Astrill VPN to individuals believed to be North Korean IT workers. These findings were reported by a cyber security source, who obtained the information from http://Spur.us, a platform known for…

Read more →

A significant vulnerability has been identified in the Laravel framework, specifically affecting versions between 11.9.0 and 11.35.1. The issue revolves around improper encoding of request parameters on the error page when the application is running in debug mode, leading to…

Read more →

A critical vulnerability identified as CVE-2024-12297 has been discovered in Moxa’s PT series of network switches, affecting multiple models across different product lines. This security flaw involves an authorization logic disclosure that can be exploited to bypass authentication mechanisms, allowing…

Read more →