The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a proposed update to the National Cyber Incident Response Plan (NCIRP), inviting public feedback on the draft. This highly anticipated revision, outlined in a pre-decisional public comment draft released this month,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Iranian Hackers Launched A Massive Attack to Exploit Global ICS Infrastructure
In a joint cybersecurity advisory, the FBI, CISA, NSA, and partner agencies from Canada, the United Kingdom, and Israel have issued an urgent warning about ongoing malicious cyber activities by advanced persistent threat (APT) actors affiliated with Iran’s Islamic Revolutionary…
Next.js Vulnerability Let Attackers Bypass Authentication
A high-severity vulnerability has been discovered in the popular web framework, Next.js, which allows attackers to bypass authentication under specific circumstances. The issue, cataloged as CVE-2024-51479, affects versions from 9.5.5 up to 14.2.14. Developers using these versions must quickly upgrade…
CISA Issues Secure Practices for Cloud Services To Strengthen U.S Federal Agencies
In a decisive move to bolster cloud security, the Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services. This directive mandates federal civilian agencies to adopt stringent security measures for…
Critical Chrome Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely
Google has released a new security update on the Stable channel, bringing Chrome to version 131.0.6778.204/.205 for Windows and Mac and 131.0.6778.204 for Linux. This update addresses multiple high-severity vulnerabilities, ensuring enhanced safety for users. The rollout will occur gradually over the coming…
Fortinet Critical Vulnerabilitiy Let Attackers Inject Commands Remotely
Fortinet, a global leader in cybersecurity solutions, has issued an urgent security advisory addressing two critical vulnerabilities affecting its FortiManager and FortiWLM products. The vulnerabilities, which can allow unauthorized code execution and sensitive file read access, demand immediate attention to…
Chrome Security Update, Patch for Multiple Security Flaws
Google has released a new security update on the Stable channel, bringing Chrome to version 131.0.6778.204/.205 for Windows and Mac and 131.0.6778.204 for Linux. This update addresses multiple high-severity vulnerabilities, ensuring enhanced safety for users. The rollout will occur gradually over the coming…
CISA Released Secure Mobile Communication Best Practices – 2025
The Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to safeguard mobile communications amid rising concerns over cyber espionage activities linked to People’s Republic of China (PRC)-affiliated threat actors. These malicious actors have been targeting commercial…
New VIPKeyLogger Via Weaponized Office Documenrs Steals Login Credentials
The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. Delivered as attachments disguised as archives or Microsoft 365 files, it employs malicious Microsoft Office documents to spread through command-and-control (C2) infrastructure. It targets sensitive…
INTERPOL Urges to End ‘Pig Butchering’ & Replaces With “Romance Baiting”
INTERPOL has called for the term “romance baiting” to replace “pig butchering,” a phrase widely used to describe a manipulative scam where victims are emotionally exploited and financially defrauded. The international law enforcement organization emphasizes that the new term fosters…
New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections
Cybersecurity experts are sounding the alarm over a new strain of malware dubbed “I2PRAT,” which leverages encrypted peer-to-peer (P2P) communication via the Invisible Internet Project (I2P) network to avoid detection. The malware, first reported on November 19 by the researcher…
Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks
A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought rogue Remote Desktop Protocol (RDP) attacks to the forefront of cybersecurity concerns. Leveraging a combination of RDP relays, rogue RDP servers, and custom malicious configuration…
1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely
GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through 9.4.5, could potentially allow attackers to inject malicious code into web pages, leading to cross-site scripting…
RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families
RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol similar to RisePro for downloading and executing second-stage payloads. Despite RisePro’s development discontinuation in June 2024, RiseLoader’s emergence suggests a potential connection to the threat…
Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files
Recent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American organization in 2022, where attackers compromised the organization’s MDaemon email server and exploited the WorldClient webmail component to maintain persistent…
Cybercriminals Exploit Google Calendar and Drawings in Phishing Campaigns
Attackers are ingeniously exploiting Google Calendar and Google Drawings in phishing campaigns, targeting unsuspecting individuals and organizations. Leveraging the inherent trust in Google’s widely used tools, cybercriminals are successfully deceiving users into revealing sensitive information and compromising their accounts. Google…
Google’s New XRefer Tool To Analyze More Complex Malware Samples
XRefer, an IDA Pro plugin, enhances binary analysis with a persistent companion view by employing Gemini-powered cluster analysis to decompose binaries into functional units, providing high-level architectural overviews akin to viewing a city’s districts. Simultaneously, it offers a context-aware view…
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory’s integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control over critical Azure resources. By exploiting these vulnerabilities, attackers could compromise the integrity of the Azure…
Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released
A Proof of Concept (PoC) exploit for the critical path traversal vulnerability identified as CVE-2024-38819 in the Spring Framework has been released, shedding light on a serious security issue affecting applications that serve static resources via functional web frameworks. This…
Multiple SHARP Routers Vulnerabilities Let Attackers Execute Arbitrary Code
Multiple vulnerabilities have been identified in SHARP routers, potentially allowing attackers to execute arbitrary code with root privileges or compromise sensitive data. Labeled under JVN#61635834, the vulnerabilities highlight significant security concerns for affected devices. Overview and Key Vulnerabilities JPCERT/CC, alongside…