Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Over 10,000 WordPress websites have been hijacked to deliver malicious software targeting both macOS and Windows users. Researchers revealed this week how attackers leveraged vulnerabilities in outdated WordPress software and plugins to distribute malware via fake browser update pages presented…

Read more →

Cybersecurity experts have uncovered a new exploit leveraging the widely used Remote Desktop Protocol (RDP). This vulnerability enables attackers to gain unauthorized control over Windows systems and hijack browser activity, posing a significant threat to individual and enterprise data security.…

Read more →

Experts at Wiz Research have identified a publicly exposed ClickHouse database belonging to DeepSeek, a Chinese AI startup renowned for its innovative models. The vulnerability granted full control over database operations, exposing sensitive information such as chat history, secret keys,…

Read more →

Cybersecurity experts are sounding the alarm about a new SMS-based phishing tool, Devil-Traff, that is enabling large-scale cyberattacks worldwide. By exploiting trust and leveraging advanced automation, this malicious platform empowers attackers to conduct high-volume phishing campaigns with devastating results. How…

Read more →

The highly anticipated release of OPNsense 25.1 has officially arrived! Nicknamed “Ultimate Unicorn,” this update marks a significant milestone for the open-source firewall platform, celebrating its decade-long journey of innovation, security, and reliable performance. Packed with exciting features, new integrations,…

Read more →

Microsoft has officially added DeepSeek R1, an advanced AI model, to its Azure AI Foundry and GitHub Model Catalog. This move places DeepSeek R1 among a curated selection of over 1,800 AI models, spanning open-source, task-specific, and industry-focused solutions. Businesses…

Read more →

The emergence of the Lynx Ransomware-as-a-Service (RaaS) platform has drawn significant attention in cybersecurity circles, owing to its advanced technical capabilities, structured affiliate workflow, and expansive ransomware arsenal. Lynx has proven to be a highly organized and efficient cybercriminal operation,…

Read more →

A detailed analysis from Maverits, a leading cybersecurity firm, reveals a significant evolution in the strategies and objectives of APT28, a cyber-espionage group linked to Russia’s GRU military intelligence unit. Covering activities from 2022 to 2024, the report highlights APT28’s…

Read more →

Security enthusiasts and professionals are turning their focus towards a new angle on phishing attacks in the identity and access management space. During the “Offensive Entra ID (Azure AD) and Hybrid AD Security” training, a clever demonstration showcased how a…

Read more →

Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via Load Address Prediction) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions). These…

Read more →

Privacy is the cornerstone of digital communication in today’s world, and platforms like WhatsApp consistently introduce features to enhance user security. One such feature is WhatsApp’s “View Once” option, which ensures that sensitive photos and videos disappear after being viewed…

Read more →

Privacy is the cornerstone of digital communication in today’s world, and platforms like WhatsApp consistently introduce features to enhance user security. One such feature is WhatsApp’s “View Once” option, which ensures that sensitive photos and videos disappear after being viewed…

Read more →

 A recently disclosed Windows kernel-level vulnerability, identified as CVE-2024-49138, has raised significant security concerns in the cybersecurity community. Leveraging a buffer overflow vulnerability within the Windows Common Log File System (CLFS), researchers have released a proof-of-concept (PoC) exploit, showcasing the critical risks…

Read more →

Researchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular…

Read more →

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered a novel variant of the Mirai-based botnet malware, dubbed Aquabotv3, actively targeting Mitel SIP phones via a critical vulnerability. This marks the third observed iteration of Aquabot, which now showcases unique…

Read more →

A new ransomware gang, Hellcat, emerged on dark web forums in 2024, targeting critical infrastructure, government organizations, educational institutions, and the energy sector. Operating on a ransomware-as-a-service (RaaS) model, Hellcat offers ransomware tools and infrastructure to affiliates in exchange for…

Read more →

Researchers have successfully jailbroken DeepSeek R1, a cutting-edge reasoning model originating from China. Dubbed a potential challenger to tech giants like OpenAI, DeepSeek R1 has garnered international attention for its impressive problem-solving abilities in mathematics, logic, and coding. However, the…

Read more →

Google’s Threat Intelligence Group (GTIG) in collaboration with Mandiant has revealed critical insights into ScatterBrain, a sophisticated obfuscation tool utilized by China-nexus cyber espionage groups, specifically APT41, to deploy the advanced backdoor family POISONPLUG.SHADOW. This analysis underscores the significant evolution…

Read more →

Security researchers have raised alarms about active exploitation attempts targeting a newly discovered zero-day command injection vulnerability in Zyxel CPE Series devices, tracked as CVE-2024-40891. This critical vulnerability, which remains unpatched and undisclosed by the vendor, has left over 1,500 devices…

Read more →

A newly identified strain of information-stealing malware, FleshStealer, is making headlines in 2025 due to its advanced evasion techniques and targeted data extraction capabilities. Flashpoint analysts have shed light on its operation, revealing a sophisticated tool that poses significant risk…

Read more →