Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Hypervisors the invisible backbone of modern corporate IT have become the new primary battleground for ransomware groups. According to new data from Huntress, attacks targeting hypervisors to deploy ransomware have skyrocketed in late 2025. While hypervisors like VMware ESXi and…

Read more →

Global cybercrime is accelerating toward a projected cost of 15.63 trillion dollars by 2029, up from an estimated 10.5 trillion dollars today, as criminals exploit new technologies faster than businesses can defend against them. Yet 59% of organisations say they…

Read more →

Adex, the anti-fraud and traffic-quality platform operating under AdTech Holding, has successfully identified and neutralized a sophisticated, multi-year malware operation linked to the infamous Triada Trojan. This campaign, which has persistently targeted the mobile advertising ecosystem, underscores the evolving dangers…

Read more →

India’s government is considering a controversial proposal that could require smartphone manufacturers to enable satellite location tracking on all devices permanently. The plan has sparked significant backlash from major tech companies, including Apple, Google, and Samsung, who argue the measure…

Read more →

NVIDIA and Lakera AI have introduced a groundbreaking unified security and safety framework designed to address the emerging challenges posed by autonomous AI agents in enterprise environments. This collaborative effort represents a significant step forward in making agentic systems AI…

Read more →

In the second installment of the “Advent of Configuration Extraction” series, security researchers have unwrapped QuasarRAT, a widely-deployed .NET remote access trojan (RAT), revealing sophisticated techniques for extracting its encrypted configuration from both clean and obfuscated binary samples. The analysis…

Read more →

Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often…

Read more →

Next.js developers have a new weapon in the fight against the critical “React2Shell” vulnerability. This new scanner offers a simple, one-line solution for development teams to identify vulnerable versions of Next.js and React Server Components (RSC) and apply the necessary…

Read more →

Hundreds of Porsche owners across Russia are facing a significant problem as their luxury cars have suddenly stopped working. The issue stems from a failure in the factory-installed security and tracking systems, which have completely shut down the vehicles. According…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity vulnerability affecting Meta’s React Server Components to its Known Exploited Vulnerabilities (KEV) catalog. Assigned the identifier CVE-2025-55182, the security flaw dubbed “React2Shell” by the security community is currently being…

Read more →

A new security analysis has unveiled “LOLPROX,” a comprehensive catalog of “Living Off The Land” (LOL) techniques specifically targeting Proxmox Virtual Environment (VE). The research, detailed by security researcher Andy Gill (ZephrSec), highlights how threat actors can weaponize the popular…

Read more →

A groundbreaking security research project has uncovered a new class of vulnerabilities affecting virtually every major AI-powered integrated development environment (IDE) and coding assistant on the market. Dubbed “IDEsaster,” this attack chain exploits fundamental features of underlying IDE platforms to…

Read more →

A critical remote code execution vulnerability in React Server Components has emerged as an active exploitation target, with security researchers observing widespread automated attacks across the internet. The flaw, tracked as CVE-2025-55182 and dubbed “React2Shell,” affects React and downstream ecosystems, including the…

Read more →

A sophisticated new “packer-as-a-service” tool known as Shanya has emerged in the cybercriminal underground, rapidly becoming a preferred weapon for major ransomware groups looking to neutralize endpoint defenses. According to new research from Sophos, Shanya is an evolution in the…

Read more →

Cal.com has disclosed a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to user accounts by exploiting a flaw in password verification logic. The flaw, tracked as CVE-2025-66489 and assigned a critical CVSS v4 score of…

Read more →

A massive Indonesian-speaking cybercrime operation spanning over 14 years has been uncovered, revealing a sophisticated infrastructure that shows hallmarks of state-level backing and resources typically associated with advanced persistent threat actors. Security researchers at Malanta have exposed what may be…

Read more →

Barts Health NHS Trust has disclosed a significant data breach affecting patient and staff information after the Cl0p ransomware gang exploited a critical vulnerability in Oracle E-Business Suite software. The criminal syndicate stole files from an invoice database. It published…

Read more →

A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket Threat Research Team have discovered two malicious software packages that impersonate popular Google tools. These fake packages, designed to trick…

Read more →

A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers from Intel 471 first identified this malware on November 25, 2025, disguised as a security application from mBank, one of…

Read more →

Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React Server Components (RSC) and has a maximum CVSS score of 10, the highest possible rating,…

Read more →