The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has intensified its operations by employing advanced techniques to remain undetected within compromised networks. Known for its association with the TA505 threat group, Cl0p has shifted its…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
ZeroLogon Ransomware Exploits Windows AD to Hijack Domain Controller Access
A newly intensified wave of ransomware attacks has surfaced, leveraging the infamous ZeroLogon vulnerability (CVE-2020-1472) to compromise Windows Active Directory (AD) domain controllers. This exploit, first identified in 2020, has become a key weapon for ransomware groups like Ryuk and…
Hackers Exploit Ivanti Connect Secure Vulnerability to Inject SPAWNCHIMERA malware
In a concerning development, cybersecurity experts have identified active exploitation of a critical vulnerability in Ivanti Connect Secure (ICS) appliances, tracked as CVE-2025-0282. This zero-day vulnerability, a stack-based buffer overflow with a CVSS score of 9.0, has been leveraged by…
Enhancing Threat Detection With Improved Metadata & MITRE ATT&CK tags
The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to combat emerging threats. In response, Proofpoint’s Emerging Threats (ET) team has implemented significant updates to its ruleset, enhancing metadata coverage and integrating MITRE ATT&CK tags. These…
Researchers Breach Software Supply Chain and Secure $50K Bug Bounty
A duo of cybersecurity researchers uncovered a critical vulnerability in a software supply chain, landing them an extraordinary $50,500 bug bounty. The exploit, described as an “Exceptional Vulnerability,” not only exposed systemic flaws in software supply chain security but also…
Windows Driver Zero-Day Vulnerability Let Hackers Remotely Gain System Access
Microsoft has confirmed the discovery of a significant zero-day vulnerability, tracked as CVE-2025-21418, in the Windows Ancillary Function Driver for WinSock. This flaw, categorized as an Elevation of Privilege (EoP) vulnerability, has been exploited in the wild, allowing attackers to remotely gain control…
Hackers Manipulate Users Into Running PowerShell as Admin to Exploit Windows
Microsoft Threat Intelligence has exposed a novel cyberattack method employed by the North Korean state-sponsored hacking group, Emerald Sleet (also known as Kimsuky or VELVET CHOLLIMA). The group is exploiting social engineering tactics to deceive individuals into running PowerShell commands…
Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack
Fortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to execute remote code (RCE) and launch denial-of-service (DoS) attacks. These vulnerabilities, disclosed by Akamai researcher Ben…
FortiOS & FortiProxy Vulnerability Allows Attackers Firewall Hijacks to Gain Super Admin Access
A critical vulnerability in Fortinet’s FortiOS and FortiProxy products has been identified, enabling attackers to bypass authentication and gain super-admin access. The flaw, classified as an Authentication Bypass Using an Alternate Path or Channel (CWE-288), is actively being exploited in…
0-Day Vulnerability in Windows Storage Allow Hackers to Delete the Target Files Remotely
A newly discovered 0-day vulnerability in Windows Storage has sent shockwaves through the cybersecurity community. Identified as CVE-2025-21391, this critical flaw allows attackers to elevate privilege and remotely delete targeted files on a victim’s system without their interaction. Microsoft officially confirmed…
Sandworm APT Hackers Weaponize Microsoft KMS Activation Tools To Compromise Windows
In a sophisticated cyber-espionage operation, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows users. The campaign, which began…
Ratatouille Malware Bypass UAC Control & Exploits I2P Network to Launch Cyber Attacks
A newly discovered malware, dubbed “Ratatouille” (or I2PRAT), is raising alarms in the cybersecurity community due to its sophisticated methods of bypassing User Account Control (UAC) and leveraging the Invisible Internet Project (I2P) network for anonymous Command and Control (C2)…
Hackers Can Exploit “Wormable” Windows LDAP RCE Vulnerability for Remote Attacks
A critical new vulnerability in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP), tagged as CVE-2025-21376, has recently come to light, raising alarms across global cybersecurity circles. The flaw, which has been classified as “critical,” could allow remote attackers to execute…
Google Chrome’s Safe Browsing Now Protects 1 Billion Users Worldwide
Google’s Safe Browsing technology now ensures enhanced protection for over 1 billion Chrome users worldwide. Launched in 2005, Safe Browsing is a robust system designed to safeguard users from phishing, malware, scams, and other cyber threats. By leveraging advanced artificial…
Critical Ivanti CSA Vulnerability Allows Attackers Remote Code Execution to Gain Restricted Access
A critical vulnerability has been discovered in the Ivanti Cloud Services Application (CSA), potentially allowing attackers to execute remote code and access restricted functionality. Ivanti has released an urgent security update to address the issues, tracked as CVE-2024-47908 and CVE-2024-11771,…
Critical OpenSSL Vulnerability Let Attackers Launch Man-in-the-Middle Attacks
A high-severity security vulnerability (CVE-2024-12797) has been identified in OpenSSL, one of the most widely used cryptographic libraries. The flaw allows attackers to exploit a loophole in TLS and DTLS handshakes, potentially enabling man-in-the-middle (MITM) attacks on vulnerable connections. OpenSSL…
Fortinet FortiOS & FortiProxy Zero-Day Exploited to Hijack Firewall & Gain Super Admin Access
Cybersecurity firm Fortinet has issued an urgent warning regarding a newly discovered zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products. This critical flaw enables remote attackers to obtain super-admin privileges by exploiting maliciously crafted CSF proxy requests.…
Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE & 3 0-Day
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services. This month’s release includes fixes for critical remote code execution (RCE) vulnerabilities, elevation of privilege flaws,…
Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE’s Fixed
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services. This month’s release includes fixes for critical remote code execution (RCE) vulnerabilities, elevation of privilege flaws,…
Satellite Weather Software Vulnerabilities Let Attackers Execute Code Remotely
IBL Software Engineering has disclosed a significant security vulnerability, identified as CVE-2025-1077, affecting its Visual Weather software and derivative products, including Aero Weather, Satellite Weather, and NAMIS. This vulnerability allows remote, unauthenticated attackers to execute arbitrary Python code on affected…