A newly disclosed critical vulnerability (CVE-2025-4009) in Evertz’s Software Defined Video Network (SDVN) product line exposes a wide range of broadcasting infrastructure to unauthenticated remote code execution. The flaw, uncovered by ONEKEY Research Labs, affects the core web administration interface…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Zscaler to Acquire Red Canary, Enhancing AI-Powered Security Operations
Zscaler, Inc. (NASDAQ: ZS), the global leader in cloud security, has announced a definitive agreement to acquire Red Canary, a top Managed Detection and Response (MDR) provider. This strategic move is set to transform security operations by integrating Zscaler’s AI-driven…
Threat Actors Weaponize Fake AI-Themed Websites to Deliver Python-based infostealers
Mandiant Threat Defense has uncovered a malicious campaign orchestrated by the threat group UNC6032, which capitalizes on the global fascination with artificial intelligence (AI). Since at least mid-2024, UNC6032 has been deploying fake AI video generator websites to distribute malware,…
251 Malicious IPs Target Cloud-Based Device Exploiting 75 Exposure Points
On May 8, 2025, cybersecurity researchers at GreyNoise detected a highly orchestrated scanning operation targeting 75 known exposure points across the internet in just 24 hours. The campaign, executed by 251 malicious IP addresses—all geolocated to Japan and hosted on…
SilentWerewolf Attack Combines Legitimate Tools with Code Obfuscation for Stealthy Infiltration
The threat actor dubbed SilentWerewolf has employed advanced phishing techniques to infiltrate organizations in Russia and Moldova, focusing on critical sectors such as nuclear energy, aircraft, and mechanical engineering. Starting on March 11, the first campaign used spearphishing emails with…
VenomRAT Malware Introduces New Tools for Password Theft and Stealthy Access
A malicious cyber campaign leveraging VenomRAT, a potent Remote Access Trojan (RAT), has been uncovered, posing a significant threat to unsuspecting users through a deceptive website mimicking Bitdefender’s Antivirus for Windows download page. The fraudulent domain, “bitdefender-download[.]com,” lures victims with…
Threat Actors Weaponizing DCOM to Harvest Credentials on Windows Systems
Threat actors are now leveraging the often-overlooked Component Object Model (COM) and its distributed counterpart, Distributed Component Object Model (DCOM), to harvest credentials on Windows systems. As traditional red team methods like direct access to the Local Security Authority Subsystem…
Emerging FormBook Malware Threatens Windows Users with Complete System Takeover
A critical cybersecurity threat has surfaced targeting Microsoft Windows users, as detailed in the latest analysis of the FormBook malware. Documented in Part II of a comprehensive FormBook analysis blog, this malware variant poses a severe risk by enabling attackers…
Hackers Circulate Over 93 Billion Stolen User Cookies on the Dark Web
Web cookies, those ubiquitous pop-ups we routinely dismiss with a click, are small text files stored on your device by websites you visit. While cookies are essential for a seamless browsing experience—remembering your login, shopping cart, or language preferences—they also…
Robinhood Ransomware Operator Arrested for Attacks on Government and Private Networks
On May 27, 2025, Iranian national Sina Gholinejad, 37, pleaded guilty in a North Carolina federal court to charges of computer fraud and conspiracy to commit wire fraud, admitting his central role in the international Robbinhood ransomware campaign that targeted…
CISA Releases Executive Guide on SIEM and SOAR Platforms for Rapid Threat Detection
In today’s rapidly evolving threat landscape, Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms have become foundational to organizational cybersecurity strategies. SIEM platforms collect, centralize, and analyze log data from diverse sources, such as…
MATLAB, Serving Over 5 Million Users, Hit by Ransomware Attack
MathWorks, the renowned developer of MATLAB and Simulink, has been grappling with the aftermath of a significant ransomware attack that began on Sunday, May 18, 2025. The incident, which affected both customer-facing and internal IT systems, prompted immediate notification to…
CISA Publishes ICS Advisories Highlighting New Vulnerabilities and Exploits
On May 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a new Industrial Control Systems (ICS) advisory—ICSA-25-146-01—highlighting a significant security vulnerability in the Johnson Controls iSTAR Configuration Utility (ICU) Tool. This tool is widely deployed for configuring and…
Chrome Security Patch Addresses High-Severity Vulnerabilities Enabling Code Execution
The Chrome team at Google has officially released Chrome 137 to the stable channel for Windows, Mac, and Linux platforms. This update, version 137.0.7151.55/56, brings a host of security improvements, bug fixes, and technical enhancements, reinforcing Chrome’s position as a…
Zero-Interaction libvpx Flaw in Firefox Allows Attackers to Run Arbitrary Code
Mozilla has released Firefox 139, addressing several critical and moderate security vulnerabilities that posed significant risks to users. The update, announced on May 27, 2025, resolves issues ranging from memory corruption and local code execution to cross-origin data leaks, reinforcing…
Threat Actors Use Fake DocuSign Notifications to Steal Corporate Data
DocuSign has emerged as a cornerstone for over 1.6 million customers worldwide, including 95% of Fortune 500 companies, and boasts a user base exceeding one billion. However, this widespread adoption has made DocuSign a prime target for cybercriminals. Leveraging the…
Government Calls on Organizations to Adopt SIEM and SOAR Solutions
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation and prioritization of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. These resources aim…
Hackers Use Fake OneNote Login to Capture Office365 and Outlook Credentials
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and U.S. users, utilizing a chain of free cloud platforms and Telegram bots for credential harvesting and data exfiltration. The attack typically begins with a phishing…
Microsoft Alerts on Void Blizzard Hackers Targeting Telecommunications and IT Sectors
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as Void Blizzard, also known as LAUNDRY BEAR. Assessed with high confidence to be Russia-affiliated, Void…
WordPress TI WooCommerce Wishlist Plugin Flaw Puts Over 100,000 Websites at Risk of Cyberattack
A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely used WordPress extension with over 100,000 active installations. This plugin enables WooCommerce store owners to integrate wishlist functionality into their online shops, often alongside other…