Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named “Civil Defense. ” This persona has been distributing Windows and Android malware disguised as legitimate software designed to aid potential conscripts in Ukraine.  Once installed, these malicious apps…

Read more →

The “You Dun” hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance. They further escalated privileges on compromised hosts with tools like traitor and CDK.  Active Cobalt Strike server leaked,…

Read more →

The researchers have observed consistent efforts by Russia, Iran, and China to exert foreign influence on democratic processes in the United States.  Recent U.S. government actions have exposed Iranian cyberattacks on the Trump-Vance campaign and the dissemination of stolen Trump…

Read more →

A newly discovered vulnerability in Okta’s Device Access features for Windows could allow attackers to steal user passwords on compromised devices. The flaw affecting the Okta Verify agent for Windows specifically concerns how the software interacts with OktaDeviceAccessPipe, a component…

Read more →

In its recent MediaTek Product Security Bulletin, the chipmaker disclosed two high-severity security vulnerabilities that affect multiple devices, including smartphones, tablets, AIoT (Artificial Intelligence of Things), smart displays, and more. The vulnerabilities could allow attackers to escalate their privileges on…

Read more →

A well-known dark web forum threat actor allegedly claimed responsibility for leaking data from Dell’s enterprise partner portal. According to the claim, the leak exposes sensitive information of approximately 80,000 users, including user IDs and email addresses, primarily belonging to…

Read more →

The rapid growth of cloud computing has made SaaS applications indispensable across industries. While they offer many advantages, they are also prime targets for cybercriminals who exploit security risks to steal data or disrupt services. As businesses increasingly focus on SaaS…

Read more →

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices. The malware’s core binaries were even signed with the same certificate used in jailbreak kits, indicating deep integration. The C2 servers, active until October 26,…

Read more →

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits the popular social platform Discord to maintain persistence on infected systems. Discord, known for its real-time communication features, has become a hub for various communities…

Read more →

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations using sophisticated spear-phishing tactics. Known for its stealth and precision, Konni has been active since 2014, primarily targeting regions like Russia and South Korea. Recent…

Read more →

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions of users worldwide. The latest Stable channel update, version 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux will be rolled out over the coming…

Read more →

Recent cyberattacks involving Akira and Fog threat actors have targeted various industries, exploiting a vulnerability (CVE-2024-40766) in SonicWall SSL VPN devices, where these attacks, initiated early in the kill chain, leverage malicious VPN logins from VPS-hosted IP addresses.  The rapid…

Read more →

The researcher discovered a vulnerability in the Windows Update process that allowed them to downgrade critical system components, including DLLs, drivers, and the NT kernel. This enabled the attacker to bypass security measures like Secure Boot and expose previously patched…

Read more →

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games like Badugi, Go-Stop, and Hold’em to disguise itself as a malicious program.  The attackers created a fraudulent gambling website that, when accessed, prompts users to…

Read more →

An international coalition led by the U.S. Department of Justice has dismantled the infrastructure behind the notorious RedLine and META infostealers. These malware variants have plagued millions of computers worldwide, stealing sensitive information and facilitating further cybercriminal activities. Operation Magnus…

Read more →

The Canadian Centre for Cyber Security (Cyber Centre), a Communications Security Establishment Canada (CSE) division, has warned Canadian organizations about an ongoing cyber threat. The Cyber Centre reports that a sophisticated state-sponsored threat actor from the People’s Republic of China…

Read more →

Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM credentials of the OPA server’s local user account to remote attackers, which was present in both the OPA CLI and Go SDK.  By exploiting this flaw,…

Read more →

Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins. These plugins, disguised as legitimate tools, inject malicious JavaScript code into compromised websites, tricking users into installing malware.  The malware uses blockchain…

Read more →

Recent analysis has revealed a concerning trend in mobile app security: Many popular apps store hardcoded and unencrypted cloud service credentials directly within their codebases.  It poses a significant security risk as anyone accessing the app’s binary or source code…

Read more →

Latrodectus, a new malware loader, has rapidly evolved since its discovery, potentially replacing IcedID. It includes a command to download IcedID and has undergone multiple iterations, likely to evade detection.  Extracting configurations from these versions is crucial for effective threat…

Read more →