A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-24813, is being actively exploited in Apache Tomcat servers. Critical RCE Flaw in Apache Tomcat The flaw allows attackers to upload malicious files via unauthenticated HTTP PUT requests, followed by a…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Android Malware “TsarBot” Targeting 750 Banking, Finance & Crypto Apps
A newly identified Android malware, dubbed TsarBot, has emerged as a potent cyber threat targeting over 750 applications across banking, finance, cryptocurrency, and e-commerce sectors. Discovered by Cyble Research and Intelligence Labs (CRIL), this banking Trojan employs sophisticated overlay attacks…
Canon Printer Vulnerability Allows Attackers to Execute Arbitrary Code
A security vulnerability, tracked as CVE-2025-1268, has been found in certain Canon printer drivers, potentially allowing attackers to execute arbitrary code. The flaw, categorized as an out-of-bounds vulnerability, affects printer drivers for office multifunction printers, small office printers, production printers, and laser…
ClickFix Captcha – A New Technique Hackers Used to Deliver Infostealers, Ransomware, & Quakbot Malware
Cybercriminals are leveraging fake CAPTCHA verification pages dubbed ClickFix to distribute malware, including infostealers, ransomware, and the notorious Qakbot banking trojan. This technique manipulates users into executing malicious commands disguised as routine “verify you are human” prompts. The attack begins…
Mitel Alerts Users to Severe XSS Vulnerability in MiContact Center
Mitel has issued a security advisory (MISA-2025-0003) to notify users of its MiContact Center Business software about a high-severity reflected cross-site scripting (XSS) vulnerability. The vulnerability, identified in its Legacy Chat component, poses significant risks, allowing attackers to execute malicious…
Multiple Dell Unity Vulnerabilities Allow Attackers to Compromise Systems
Dell Technologies has released a security advisory detailing multiple critical vulnerabilities in its Dell Unity storage systems and related software. These vulnerabilities, if exploited, could allow attackers to gain unauthorized access, execute arbitrary commands, or even compromise the affected systems…
U.S. DOJ Seizes $8.2 Million from Hackers Linked to Pig Butchering Scam
The U.S. Department of Justice has successfully seized over $8.2 million in cryptocurrency tied to an elaborate “pig butchering” fraud operation that victimized dozens of Americans. On February 27, 2025, the U.S. Attorney’s Office for the Northern District of Ohio…
New Ubuntu Linux Vulnerabilities Let Attackers Exploit Kernel Components
A new set of security vulnerabilities discovered in Ubuntu Linux has raised concerns about kernel exploitation risks. Researchers at the Qualys Threat Research Unit (TRU) have uncovered three critical bypasses affecting Ubuntu’s unprivileged user namespace restrictions, potentially allowing attackers to…
“Crocodilus” A New Malware Targeting Android Devices for Full Takeover
Researchers have uncovered a dangerous new mobile banking Trojan dubbed Crocodilus actively targeting financial institutions and cryptocurrency platforms. The malware employs advanced techniques like remote device control, stealthy overlays, and social engineering to steal sensitive data, marking a significant escalation…
Gamaredon Hackers Weaponize LNK Files to Deliver Remcos Backdoor
Cisco Talos has uncovered an ongoing cyber campaign by the Gamaredon threat actor group, targeting Ukrainian users with malicious LNK files to deliver the Remcos backdoor. Active since at least November 2024, this campaign employs spear-phishing tactics, leveraging themes related…
Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands
Cybersecurity researchers have discovered a sophisticated phishing-as-a-service (PhaaS) platform, dubbed “Morphing Meerkat,” that leverages DNS mail exchange (MX) records to dynamically serve tailored phishing pages mimicking over 100 brands. The platform, which has been operational since at least January 2020,…
PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel
PJobRAT, an Android Remote Access Trojan (RAT) first identified in 2019, has resurfaced in a new campaign targeting users in Taiwan. Initially, PJobRAT was known for targeting Indian military personnel by disguising itself as dating and instant messaging apps. The…
New Python-Based Discord RAT Targets Users to Steal Login Credentials
A recently identified Remote Access Trojan (RAT) has raised alarms within the cybersecurity community due to its innovative use of Discord’s API as a Command and Control (C2) server. This Python-based malware exploits Discord’s extensive user base to execute commands,…
SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server
Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector. The campaign utilizes a novel malware family called SHELBY, which abuses GitHub for command-and-control (C2) operations, data exfiltration, and command retrieval. Novel Malware Family…
Russian Hackers Impersonate CIA to Steal Ukrainian Defense Intelligence Data
In a complex cyber operation discovered by Silent Push Threat Analysts, Russian hackers have launched a multi-pronged phishing campaign impersonating various organizations, including the CIA, to gather intelligence on individuals sympathetic to Ukraine’s defense efforts. The campaign, believed to be…
46 New Vulnerabilities in Solar Inverter Systems Allow Attackers to Tamper with Settings
Forescout Vedere Labs has uncovered 46 new vulnerabilities in solar power systems, primarily affecting inverters from three leading manufacturers Sungrow, Growatt, and SMA. These flaws, if exploited, could enable attackers to manipulate inverter settings, disrupt power grids, and compromise user…
DeBackdoor: A Framework for Detecting Backdoor Attacks in Deep Learning Models
Deep learning models, increasingly integral to safety-critical systems like self-driving cars and medical devices, are vulnerable to stealthy backdoor attacks. These attacks involve injecting hidden triggers into models, causing them to misbehave when triggered. Researchers from the Qatar Computing Research…
Red Team Tactics Grow More Sophisticated with Advancements in Artificial Intelligence
A recent scoping review has revealed that red team tactics are becoming increasingly sophisticated as artificial intelligence (AI) technologies advance. The study, which analyzed 11 articles published between 2015 and 2023, identified a wide array of AI methods being employed…
Malicious Snow White Movie Download Targets Viewers with New Malware
As the latest adaptation of Snow White hits theaters with lukewarm reception, the absence of streaming options on platforms like Disney+ has led many viewers to seek pirated versions online. This trend is not new; every major movie release without…
GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries
A critical SQL injection vulnerability, tracked as CVE-2025-24799, has been identified in GLPI, a widely used open-source IT Service Management (ITSM) tool. The flaw, if exploited, enables remote, unauthenticated attackers to manipulate database queries, potentially leading to severe consequences such as data…