Researchers have unveiled a groundbreaking attack dubbed “TEE.fail” that fundamentally compromises the security guarantees of Trusted Execution Environments (TEEs) from Intel and AMD by exploiting DDR5 memory architecture. The attack demonstrates how even the most advanced hardware-backed security features can…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information
Tata Motors, India’s largest automaker and a major player in the global automotive industry, suffered a catastrophic data exposure that revealed over 70 terabytes of sensitive information through multiple security failures. The breaches, discovered in 2023, involved exposed AWS credentials…
Docker Compose Flaw Lets Attackers Overwrite Arbitrary Files
A path traversal vulnerability discovered in Docker Compose allows attackers to write arbitrary files to host systems through specially crafted OCI artifacts. Tracked as CVE-2025-62725, the flaw was discovered in early October 2025 and carries a high severity rating of…
CISA Issues Alert on Active Exploitation of Dassault Systèmes Security Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding two severe vulnerabilities discovered in Dassault Systèmes DELMIA Apriso, a widely used manufacturing execution system. The agency has added these flaws to its official list of…
10 NPM Packages That Automatically Run on Install and Steal Credentials
A sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential theft operation. The malware uses advanced obfuscation techniques, social engineering tactics, and cross-platform functionality to harvest sensitive authentication data from…
Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
A sophisticated ransomware operation known as Beast has emerged as a significant cybersecurity threat, employing aggressive network propagation tactics that leverage Server Message Block (SMB) port scanning to infiltrate and encrypt systems across enterprise environments. The threat group, which evolved…
XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw, tracked as CVE-2025-24893, represents a serious threat to organizations running unpatched XWiki installations. Cybersecurity researchers…
Gunra Ransomware Targets Windows and Linux with Dual Encryption
The cybersecurity landscape continues to face persistent threats from emerging ransomware groups, with Gunra representing a significant concern since its emergence in April 2025. This threat actor has launched systematic attacks across multiple industries and geographic regions, including documented incidents…
Mozilla Enforces Transparency Rules for Data Collection in New Firefox Extensions
Mozilla has announced a significant transparency initiative for its Firefox browser ecosystem, implementing mandatory data disclosure requirements for extension developers. Starting November 3rd, 2025, all newly submitted Firefox extensions must explicitly declare their data collection and transmission practices within their…
Ethical Prompt Injection: Fighting Shadow AI with Its Own Weapon
AI language models like ChatGPT, DeepSeek, and Copilot are transforming business operations at lightning speed. They help us generate documents, summarise meetings, and even make decisions faster than ever before. But this rapid adoption comes at a price. Employees often…
New Atroposia RAT Uses Hidden Remote Desktop, Vulnerability Scanning and Advanced Persistence
A sophisticated new remote access trojan called Atroposia has emerged in underground cybercrime marketplaces, offering attackers a comprehensive toolkit for hidden remote desktop access, credential theft, and network manipulation at an accessible price point. Security researchers at Varonis recently discovered…
Microsoft Issues Alert on ASP.NET Flaw Allowing HTTP Request Smuggling Attacks
Microsoft has released a critical security update addressing a severe vulnerability in ASP.NET Core that could enable attackers to execute HTTP request smuggling attacks. On October 14, 2025, the company issued patches for CVE-2025-55315, a security feature bypass flaw affecting…
Brida Introduces New Release Offering Complete Support for Latest Frida Integration
The Brida security testing toolkit has released version 0.6, marking a significant update that brings full compatibility with the latest Frida dynamic instrumentation framework. This new release addresses critical compatibility gaps that emerged after Frida’s major overhaul in May 2025,…
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
Security researchers have discovered a sophisticated phishing technique that weaponizes invisible Unicode characters embedded within email subject lines using MIME encoding—a tactic that remains largely unknown among email security professionals. The discovery reveals how attackers are evolving their evasion methods…
Herodotus: New Android Malware Mimics Human Behavior to Bypass Biometric Security
A sophisticated new Android banking Trojan named Herodotus has emerged as a significant threat to mobile users, introducing a novel approach that deliberately mimics human typing patterns to evade behavioral biometrics detection systems. The malware’s sophisticated approach to avoiding detection…
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Advanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high…
IPFire 2.29 Released with Enhanced Intrusion Prevention System Reporting
The IPFire project has announced the release of version 2.29, Core Update 198, marking a significant milestone in the open-source firewall’s evolution. This update introduces transformative improvements to the Intrusion Prevention System, coupled with comprehensive reporting capabilities that fundamentally change…
Active Directory at Risk Due to Domain-Join Account Misconfigurations
Active Directory domain join accounts are systematically exposing enterprise environments to compromise, even when administrators follow Microsoft’s official guidance. A comprehensive security analysis reveals that these specialized accounts inherit excessive privileges by default, creating a direct pathway for attackers to…
Anivia Stealer Peddled on Dark Web with UAC Bypass
A newly advertised information-stealing malware called Anivia Stealer has surfaced on the dark web, with threat actor ZeroTrace aggressively promoting the C++17-based infostealer as a commercial malware-as-a-service offering. The malware implements sophisticated privilege escalation capabilities, including automatic User Account Control…
FileFix + Cache Smuggling: A New Evasion Combo
Cybersecurity researchers have uncovered a sophisticated evolution in phishing attacks that combines FileFix social engineering with cache smuggling techniques to bypass modern security defenses. This hybrid attack method eliminates the need for malicious code to make web requests, instead extracting…