A new ransomware group, dubbed Anubis, has emerged as a significant threat in the cybersecurity landscape. Active since late 2024, Anubis employs advanced techniques and operates across multiple platforms, including Windows, Linux, NAS, and ESXi environments. The group is leveraging…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
VS Code Extension with 9 Million Installs Attacks Developers with Malicious Code
Microsoft has removed two widely-used Visual Studio Code (VS Code) extensions, “Material Theme Free” and “Material Theme Icons Free,” from its marketplace after cybersecurity researchers discovered malicious code embedded within them. These extensions, developed by Mattia Astorino (also known as…
Microsoft Defender Leverages Machine Learning to Block Malicious Command Executions
The modern cybersecurity landscape is witnessing an unprecedented surge in sophisticated attack techniques, with adversaries increasingly exploiting legitimate command-line tools to execute malicious actions. To address this evolving threat, Microsoft Defender for Endpoint has enhanced its capabilities to detect and…
RustDoor and Koi Stealer Malware Attack macOS to Steal Login Credentials
A new wave of sophisticated cyberattacks targeting macOS systems has been identified, involving two malware strains, RustDoor and Koi Stealer. These attacks, attributed to North Korea-linked Advanced Persistent Threat (APT) groups, primarily aim at stealing sensitive login credentials and cryptocurrency…
LARVA-208 Hackers Compromise 618 Organizations Stealing Logins and Deploying Ransomware
A newly identified cybercriminal group, LARVA-208, also known as EncryptHub, has successfully infiltrated 618 organizations globally since June 2024, leveraging advanced social engineering techniques to steal credentials and deploy ransomware. According to reports from cybersecurity firms CATALYST and Prodaft, the…
Google’s SafetyCore App Secretly Scans All Photos on Android Devices
Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s recent controversy over photo scanning. The app, silently installed on Android devices via system updates, enables on-device image analysis to detect sensitive content—a feature marketed…
New “nRootTag” Attack Turns 1.5 Billion iPhones into Free Tracking Tools
Security researchers have uncovered a novel Bluetooth tracking vulnerability in Apple’s Find My network – the system powering AirTags and device-finding capabilities across iPhones, iPads, and Macs. Dubbed “nRootTag,” the attack transforms nearly any Bluetooth-enabled computer or smartphone into an…
Authorities Arrested Hacker Behind 90 Major Data Breaches Worldwide
Cybersecurity firm Group-IB, alongside the Royal Thai Police and Singapore Police Force, announced the arrest of a prolific hacker linked to over 90 major data breaches across 25 countries, including 65 attacks in the Asia-Pacific region. The cybercriminal, operating under aliases ALTDOS, DESORDEN,…
Cisco Nexus Vulnerability Allows Attackers to Inject Malicious Commands
Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability affecting its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Tracked as CVE-2025-20161 (CVSSv3 score: 5.1), the flaw enables authenticated attackers with administrative privileges…
New Wi-Fi Jamming Attack Can Disable Specific Devices
A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks with surgical precision, raising alarms across cybersecurity and telecommunications industries. Researchers from Northeastern University and the University of Chicago uncovered this vulnerability in IEEE 802.11…
GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass security mechanisms, execute malicious scripts, and access sensitive data. The patches, included in versions 17.9.1, 17.8.4, and 17.7.6 for both…
LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows
A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers discovered it could allow attackers to execute malicious files on Windows systems by exploiting hyperlink handling mechanisms. The flaw, which impacts versions…
Cisco Nexus Switch Vulnerability Allows Attackers to Cause DoS
Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. The vulnerability enables unauthenticated attackers to trigger denial of service (DoS) conditions through crafted Ethernet frames. Rated 7.4 on…
Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications
Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection during malware distribution. Attackers are leveraging ephemeral port 60102, typically reserved for temporary communications, as a service port for covert malware transmission. This approach bypasses…
LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager
The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial appearance in November 2024. Known for encrypting files with the .lcryx extension and demanding $500 in Bitcoin for decryption, this ransomware has evolved with advanced…
Ghostwriter Malware Targets Government Organizations with Weaponized XLS File
A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has been detected, targeting government and military entities in Ukraine and opposition groups in Belarus. The campaign, active since late 2024, employs weaponized Excel (XLS) files…
Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox, has been uncovered, targeting healthcare services in North America. The attackers exploited Philips DICOM Viewer software to deploy malicious payloads, including a backdoor remote access…
Windows Virtualization-Based Security Exploited to Develop Highly Evasive Malware
In a groundbreaking development, researchers have uncovered how attackers are exploiting Windows Virtualization-Based Security (VBS) enclaves to create malware that is highly evasive and difficult to detect. VBS enclaves, designed as isolated and secure regions of memory within a process,…
Poseidon Mac Malware Hiding Within PKG Files to Evade Detections
A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan, is leveraging PKG files with preinstall scripts to infiltrate systems. This malware, weighing only 207 bytes, is currently undetected by VirusTotal and represents a significant…
App with Over 100,000 Downloads from Google Play Steals User Data and Blackmails
A financial management app named Finance Simplified has been revealed as a malicious tool for stealing sensitive user data and engaging in blackmail. Despite its fraudulent nature, the app managed to accumulate over 100,000 downloads from the Google Play Store…