As part of its ongoing commitment to product security, Dell Technologies has released a significant update for the PowerStore T family, remediating a series of vulnerabilities that could be exploited by malicious actors to compromise affected systems. The update, detailed…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Releases Dedicated SIEM & SOAR Guide for Cybersecurity Professionals
Security Information and Event Management (SIEM) platforms are essential for detecting, analyzing, and responding to cybersecurity threats in real time. However, the effectiveness of a SIEM system depends heavily on the quality and prioritization of logs ingested. This article explores…
UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers
The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its malicious activities, targeting government and enterprise web servers with unprecedented aggression. Initially disclosed for their tactics of website manipulation, the…
Victoria’s Secret Website Taken Offline After Cybersecurity Breach
Victoria’s Secret, the iconic lingerie retailer, has taken its US website offline and suspended some in-store services following a major cybersecurity incident. Customers attempting to access the site since Monday have been greeted with a black screen and a terse…
New Research Reveals Key TCP SYN Patterns for Detecting Malicious Activity
A groundbreaking study by NETSCOUT, utilizing data from their honeypot systems designed to capture unsolicited internet traffic, has shed light on the intricate patterns within Transmission Control Protocol (TCP) SYN segments the initial step in the TCP three-way handshake. Published…
New Spear-Phishing Campaign Targets Financial Executives with NetBird Malware
Trellix’s email security systems detected a highly targeted spear-phishing campaign aimed at CFOs and finance executives across industries like banking, energy, insurance, and investment firms in regions spanning Europe, Africa, Canada, the Middle East, and South Asia. This meticulously crafted…
New ChoiceJacking Exploit Targets Android and iOS via Infected Charging Ports
A team of cybersecurity researchers from the Institute of Information Security and A-SIT Secure Information Technology Centre Austria has unveiled a new class of USB-based attacks on mobile devices, dubbed “ChoiceJacking.” This attack revives and surpasses the notorious “juice jacking”…
Woodpecker: Red Teaming Tool Targets AI, Kubernetes, and API Vulnerabilities
Operant AI has announced the release of Woodpecker, an open-source automated red teaming engine designed to make advanced security testing accessible to organizations of all sizes. Traditionally, red teaming—simulated cyberattacks conducted by ethical hackers to uncover vulnerabilities—has been a privilege…
Malicious WordPress Plugin Disguised as Java Update Infects Site Visitors
A troubling new cyber threat has emerged targeting WordPress websites, where a malicious plugin masquerading as a legitimate tool tricks visitors into downloading harmful software. Disguised as “Yoast SEO” with convincing metadata, this plugin was recently uncovered in the /wp-content/plugins/contact-form/…
Massive Botnet Targets ASUS Routers by Injecting Malicious SSH Keys
GreyNoise Research has publicly disclosed a sophisticated cyberattack campaign that has compromised over 9,000 ASUS routers worldwide. First detected by GreyNoise’s proprietary AI-powered analysis tool, Sift, on March 18, 2025, the campaign leverages a combination of brute-force attacks, authentication bypasses,…
Critical OneDrive Flaw Lets Malicious Websites Access All Your Files
A newly revealed vulnerability in Microsoft’s OneDrive File Picker has placed millions of users at risk, enabling popular web applications, including ChatGPT, Slack, Trello, and ClickUp, to gain full read access to users’ entire OneDrive accounts. The flaw, uncovered by…
APT Hackers Turn Google Calendar Into Command Hub Using TOUGHPROGRESS Malware, Google Alerts
Google Threat Intelligence Group (GTIG), a sophisticated malware campaign dubbed “TOUGHPROGRESS” has been uncovered, orchestrated by the notorious PRC-based threat actor APT41, also known as HOODOO. Identified in late October 2024, this campaign exploits a compromised government website to distribute…
Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands
The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial institutions in Peru before expanding its scope to virtual cards and cryptocurrency wallets. This malware, known for impersonating legitimate Peruvian Android apps, tricks users into…
Worldwide Operation Shuts Down Hundreds of Ransomware Servers and Domains, Ending Key Attack Infrastructure
Law enforcement and judicial officials, working together with Europol and Eurojust, have dealt a devastating blow to the worldwide ransomware ecosystem in a historic international operation. From May 19 to 22, 2025, Operation Endgame targeted the critical infrastructure behind ransomware…
Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘Rent-a-Bank-Account’ Scam
Cybercriminals are exploiting vulnerable individuals by transforming them into unwitting money mules through a sophisticated fraud known as the ‘rent-a-bank-account’ scam. This scam involves fraudsters enticing people, often those in financial distress, with promises of quick cash in exchange for…
Apple Blocked 2 million Malicious App & $9 Billion in Fraudulent Transactions
Apple has strengthened the App Store as a bulwark of confidence, a remarkable testament to its commitment to customer safety. According to the company’s annual fraud analysis, over the past five years, Apple has thwarted more than $9 billion in…
DragonForce Ransomware Actors Exploits RMM Tools to Gain Access to Organizations
Sophos Managed Detection and Response (MDR) successfully responded to a sophisticated targeted attack orchestrated by threat actors leveraging DragonForce ransomware. The attackers gained unauthorized access to a Managed Service Provider’s (MSP) remote monitoring and management (RMM) tool, SimpleHelp, using it…
Earth Lamia Hackers Exploits Vulnerabilities in Web Applications to Attack Multiple Industries
Cybersecurity researchers at Trend Research have uncovered the aggressive operations of Earth Lamia, an Advanced Persistent Threat (APT) group with a China-nexus, targeting organizations across Brazil, India, and Southeast Asia since 2023. This threat actor has demonstrated a sophisticated approach…
XenServer Windows VM Tools Flaw Enables Attackers to Run Arbitrary Code
Citrix has issued a high-severity security bulletin addressing multiple vulnerabilities—CVE-2025-27462, CVE-2025-27463, and CVE-2025-27464—affecting XenServer VM Tools for Windows. These vulnerabilities allow attackers with the ability to execute arbitrary unprivileged code within a guest Windows VM to escalate privileges and compromise…
Russian APT28 Hackers Attacking NATO-aligned Organizations to Steal Sensitive Data
Russia’s GRU-backed APT28, widely known as Fancy Bear, has intensified its cyber espionage campaign against NATO-aligned organizations. Active since at least 2007, this notorious threat actor has been attributed to a series of sophisticated attacks targeting critical infrastructure, government entities,…