In a concerning new development, cybercriminals are exploiting the widespread popularity of the recently launched DeepSeek AI chatbot to distribute the Vidar Stealer malware. According to research by Zscaler ThreatLabz, attackers are using brand impersonation tactics to lure unsuspecting users…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Ransomware Group Data-Leak Sites Increasing as Six New Groups Emerge
The cybersecurity landscape has witnessed a significant uptick in ransomware activity, with six new data-leak sites (DLSs) linked to emerging ransomware groups identified in early 2025. According to Cyjax, these groups include Kraken, Morpheus, GD LockerSec, Babuk2, Linkc, and the…
Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group
In a significant breakthrough, cybersecurity firm Silent Push has uncovered sensitive infrastructure tied to the Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT). This discovery sheds light on the group’s involvement in the historic $1.4 billion cryptocurrency heist…
MITRE Releases OCCULT Framework to Address AI Security Challenges
MITRE has unveiled the Offensive Cyber Capability Unified LLM Testing (OCCULT) framework, a groundbreaking methodology designed to evaluate risks posed by large language models (LLMs) in autonomous cyberattacks. Announced on February 26, 2025, the initiative responds to growing concerns that…
Genea IVF Clinic Cyberattack Threatens Thousands of Patient Records
A significant cybersecurity breach at Genea, one of Australia’s largest in vitro fertilization (IVF) providers, has raised alarms among thousands of patients amid concerns that sensitive medical data and treatment schedules may be compromised. The clinic confirmed on Wednesday that…
GRUB2 Flaws Expose Millions of Linux Devices to Exploitation
A critical set of 20 security vulnerabilities in GRUB2, the widely used bootloader for Linux systems, has been revealed, exposing millions of devices to potential secure boot bypass and remote code execution attacks. Discovered during a proactive hardening initiative, these…
Orange Communication Breached – Hackers Allegedly Claim 380,000 Email Records Exposed
Telecommunications provider Orange Communication faces a potential data breach after a threat actor using the pseudonym “Rey” claimed responsibility for leaking 380,000 email records and sensitive corporate data on a dark web forum. The alleged breach, disclosed earlier this week, includes source code, internal invoices,…
RSync Vulnerabilities Allow Hackers to Take Full Control of Servers – PoC Released
A series of critical security vulnerabilities in the widely-used Rsync file synchronization tool have been uncovered, exposing millions of servers to potential takeover by anonymous attackers. The flaws, discovered in Rsync version 3.2.7 and earlier, enable remote code execution, sensitive…
Millions of WordPress Websites Vulnerable to Script Injection Due to Plugin Flaw
A critical security vulnerability in the Essential Addons for Elementor plugin, installed on over 2 million WordPress websites, has exposed sites to script injection attacks via malicious URL parameters. The flaw, tracked as CVE-2025-24752 and scoring 7.1 (High) on the CVSS scale, allowed attackers to execute…
New Undetectable Batch Script Uses PowerShell and Visual Basic to Install XWorm
A novel malware delivery framework employing advanced obfuscation techniques has evaded detection by security tools for over 48 hours. The attack chain centers around a Batch script that leverages PowerShell and Visual Basic Script (VBS) to deploy either the XWorm…
US Employee Background Check Firm Hacked, 3 Million Records Exposed
DISA Global Solutions, a Houston-based provider of employee background checks and workplace safety services, disclosed a significant cybersecurity incident exposing the personal information of over 3.3 million individuals, including 15,198 Maine residents. The breach occurred on February 9, 2024, but was…
2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks
A sweeping cybersecurity alert has emerged as researchers identify 2,850+ unpatched Ivanti Connect Secure devices worldwide, leaving organizations vulnerable to exploitation through the critical flaw designated CVE-2025-22467. The findings, published by cybersecurity watchdog Shadowserver Foundation, reveal systemic risks to virtual private network (VPN)…
Have I Been Pwned Reports Huge Data Leak, Adds 284 Million Stolen Accounts
Cybersecurity service Have I Been Pwned (HIBP) has disclosed one of the largest data exposure events in its 11-year history, integrating 23 billion rows of stolen credentials from a malware operation dubbed “ALIEN TXTBASE.” The breach corpus contains 493 million unique website-email…
Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Deploying Webshell
A critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become a focal point for cybercriminals deploying webshells and advanced backdoor payloads. The vulnerability, caused by improper input validation in the routers’ web-based management interface, allows…
TgToxic Android Malware Updated it’s Features to Steal Login Credentials
The TgToxic Android malware, initially discovered in July 2022, has undergone significant updates, enhancing its ability to steal login credentials and financial data. Originally targeting Southeast Asian users through phishing campaigns and deceptive apps, the malware has now evolved to…
Google Issues Warning on Phishing Campaigns Targeting Higher Education Institutions
Google, in collaboration with its Mandiant Threat Intelligence team, has issued a warning about a surge in phishing campaigns targeting higher education institutions in the United States. These campaigns, observed since August 2024, have exploited the academic calendar and institutional…
New Auto-Color Malware Attacking Linux Devices to Gain Full Remote Access
Researchers at Palo Alto Networks have identified a new Linux malware, dubbed “Auto-Color,” that has emerged as a significant threat due to its advanced evasion techniques and ability to grant attackers full remote access to compromised systems. Discovered between November…
Malicious npm Package Targets Developers for Supply Chain Attack
The Socket Research Team has uncovered a malicious npm package@ton-wallet/create designed to steal sensitive cryptocurrency wallet keys from developers and users in the TON blockchain ecosystem. TON, originally developed by Telegram, is a growing platform for decentralized applications (dApps), smart…
New Attack Hijacks Popular YouTube Gaming Channels to Steal Steam Accounts
Cybersecurity researchers at Bitdefender Labs have uncovered a sophisticated scam targeting the Counter-Strike 2 (CS2) gaming community. Cybercriminals are hijacking popular YouTube gaming channels to impersonate professional players and lure unsuspecting fans into fraudulent schemes. These scams, timed to coincide…
Lumma Stealer Malware Delivered Through Weaponized Files Disguised as Videos
The Lumma Stealer malware, a sophisticated infostealer, is being actively distributed through malicious files disguised as video content on platforms like YouTube. Researchers at Silent Push have uncovered alarming patterns in the malware’s infrastructure, revealing its use of weaponized files…