Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A critical vulnerability in Rockwell Automation’s ControlLogix Ethernet modules has been discovered that could allow remote attackers to execute malicious code on industrial control systems. The vulnerability, identified as CVE-2025-7353, affects multiple ControlLogix communication modules and carries a severe CVSS…

Read more →

The PostgreSQL Global Development Group released emergency security updates on August 14, 2025, addressing three critical vulnerabilities that enable code injection attacks during database restoration processes. The flaws affect all supported versions from PostgreSQL 13 through 17, requiring immediate patching…

Read more →

In the relentless battle against cyber threats in 2025, unpatched software remains a gaping vulnerability exploited by attackers worldwide. Outdated operating systems, applications riddled with known flaws, and missing security updates create an open invitation for malware, ransomware, and data…

Read more →

AshES Cybersecurity has disclosed a severe zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) software that transforms the security tool into a weapon against the systems it’s designed to protect. The flaw, found in the Microsoft-signed kernel driver “elastic-endpoint-driver.sys,”…

Read more →

Security researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise enterprise security monitoring systems without any credentials. The vulnerability, designated CVE-2025-25256, has already been exploited by attackers in real-world scenarios,…

Read more →

A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to thousands of developer projects worldwide. The incident, discovered on July 18 by ReversingLabs’ automated threat…

Read more →

Cisco Talos researchers have uncovered a sophisticated Chinese-speaking advanced persistent threat (APT) group, designated UAT-7237, that has been actively targeting web hosting infrastructure in Taiwan since at least 2022. The group demonstrates significant operational overlaps with previously identified threat actor…

Read more →

The network remains the central nervous system of every organization. While endpoints and cloud environments are crucial, all digital activity ultimately traverses the network. Implementing the best NDR solutions is essential for monitoring and securing this critical infrastructure. Traditional perimeter…

Read more →

Free data recovery software or tools are among the most essential tools, playing a crucial role in our lives. Although you can find dozens of them nowadays, their importance remains significant. Losing our data from a device due to failure…

Read more →

Cisco Systems has issued a high-priority security advisory addressing multiple critical vulnerabilities in the Internet Key Exchange Version 2 (IKEv2) feature across its networking and security product portfolio. Published on August 14, 2025, the advisory warns of six separate vulnerabilities…

Read more →

F5 Networks has disclosed a new HTTP/2 vulnerability affecting multiple BIG-IP products that could allow attackers to launch denial-of-service attacks against enterprise networks. The vulnerability, designated CVE-2025-54500 and published on August 13, 2025, exploits a flaw in HTTP/2 implementation that…

Read more →

The popular open-source image manipulation software ImageMagick has addressed four critical security vulnerabilities discovered by Google’s artificial intelligence-powered security research tool, Big Sleep. These flaws, affecting millions of applications worldwide that rely on ImageMagick for image processing, have been patched…

Read more →

Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, represents a significant evolution…

Read more →

HexStrike AI, the leading autonomous cybersecurity framework, today announced seamless integration with ChatGPT, Claude, and GitHub Copilot, enabling these AI agents to orchestrate over 150 professional security tools for comprehensive penetration testing and vulnerability intelligence. This milestone empowers developers, red…

Read more →

Oracle has released VirtualBox 7.2.0, a major update that significantly expands ARM virtualization capabilities and introduces comprehensive Windows 11/ARM support. Released on August 14, 2025, this update represents a substantial leap forward in cross-platform virtualization technology, addressing long-standing limitations and…

Read more →

A significant security breach has exposed the complete source code of ERMAC V3.0, a sophisticated banking trojan that targets over 700 financial applications worldwide. The leak, discovered by cybersecurity firm Hunt.io in March 2024, was made possible by a surprisingly…

Read more →

A newly disclosed vulnerability in Palo Alto Networks’ GlobalProtect application could allow attackers to escalate privileges and install malicious software on affected systems through improper certificate validation. The security flaw, tracked as CVE-2025-2183, was published on August 13, 2025, and…

Read more →

Organizations of all sizes face an unrelenting barrage of sophisticated cyber threats, from highly evolved ransomware strains and stealthy advanced persistent threats (APTs) to cunning social engineering campaigns—challenges that increasingly drive the adoption of MDR Services to enhance detection and…

Read more →

A critical vulnerability discovered in Cisco’s Secure Firewall Threat Defense Software has been identified as CVE-2025-20217, posing significant risks to network security infrastructure worldwide. The vulnerability, affecting the Snort 3 Detection Engine, could allow unauthenticated remote attackers to launch denial…

Read more →

Security researchers have disclosed a critical vulnerability in the HTTP/2 protocol that could enable massive distributed denial-of-service (DDoS) attacks, potentially affecting millions of web servers worldwide. The flaw, dubbed “MadeYouReset” and assigned CVE-2025-8671, was publicly disclosed on August 13, 2025,…

Read more →