VexTrio, a sophisticated threat actor known for operating a massive traffic distribution system (TDS), has expanded its malicious activities by deploying fake VPN applications on major app stores, including Google Play and the Apple App Store. Originating from a merger…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Record-Breaking GreedyBear Attack Uses 650 Hacking Tools to Steal $1M from Victims
The threat actor group dubbed GreedyBear has orchestrated an industrial-scale operation blending malicious browser extensions, executable malware, and phishing infrastructure to siphon over $1 million in cryptocurrency from victims. This coordinated assault, uncovered by Koi Security researchers, leverages a staggering…
PyPI Issues Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers
The Python Package Index (PyPI) has announced new restrictions aimed at mitigating ZIP parser confusion attacks that could exploit discrepancies in how Python package installers and inspectors handle ZIP archives. This move comes in response to vulnerabilities identified in tools…
Windows UAC Bypass Exploits Character Map Tool for Privilege Escalation
Cybersecurity researchers have uncovered a new technique that allows attackers to bypass Windows User Account Control (UAC) protections by exploiting an unexpected vulnerability in the system’s Private Character Editor tool, potentially granting unauthorized administrative privileges without user consent. The exploit…
Multiple Security Vulnerabilities Found in WWBN AVideo, MedDream, and Eclipse ThreadX
Cisco Talos’ Vulnerability Discovery & Research team has disclosed a total of 12 critical security vulnerabilities across three popular software platforms, highlighting significant security risks that could potentially impact millions of users worldwide. The disclosure includes seven vulnerabilities in WWBN…
CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released ten industrial control systems (ICS) advisories on August 7, 2025, highlighting critical vulnerabilities across various industrial automation and control platforms. These advisories represent a comprehensive effort to address security gaps that…
US Confirms Takedown of BlackSuit Ransomware Behind 450+ Hacks
Federal law enforcement agencies have successfully dismantled the critical infrastructure of BlackSuit ransomware, a sophisticated cybercriminal operation that has compromised over 450 victims across the United States since 2022 and collected more than $370 million in ransom payments. Major International…
Amazon ECS Internal Protocol Exploited to Steal AWS Credentials from Other Tasks
Security researchers have disclosed a critical vulnerability in Amazon Elastic Container Service (ECS) that allows malicious containers to steal AWS credentials from other tasks running on the same EC2 instance. The attack, dubbed “ECScape,” exploits an undocumented internal protocol to…
Malicious Go Packages Used by Threat Actors to Deploy Obfuscated Remote Payloads
Socket’s Threat Research Team has identified eleven malicious Go packages distributed via GitHub, with ten remaining active on the Go Module Mirror, posing ongoing risks to developers and CI/CD pipelines. Eight of these packages employ typosquatting techniques, mimicking legitimate modules…
Over 60 Malicious RubyGems Packages Used to Steal Social Media and Marketing Credentials
Socket’s Threat Research Team has exposed a persistent campaign involving over 60 malicious RubyGems packages that masquerade as automation tools for platforms like Instagram, Twitter/X, TikTok, WordPress, Telegram, Kakao, and Naver. Active since at least March 2023, the threat actor…
Flipper Zero Dark Web Firmware Cracks Rolling Code Security in Modern Cars
Security researchers have discovered alarming new firmware for the popular Flipper Zero device that can completely bypass the rolling code security systems protecting millions of modern vehicles. The breakthrough attack, demonstrated by YouTube channel Talking Sasquatch, represents a significant escalation…
Retbleed Vulnerability Exploited to Access Any Process’s Memory on Newer CPUs
Security researchers have successfully demonstrated a sophisticated exploit of the Retbleed vulnerability, a critical CPU security flaw that allows attackers to read arbitrary memory from any process running on affected systems. The exploit, which builds upon research originally published by ETH…
CISA Issues Urgent Advisory to Address Microsoft Exchange Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-02 on August 7, 2025, requiring federal agencies to immediately address a critical vulnerability in Microsoft Exchange hybrid configurations that could allow attackers to escalate from on-premises systems to…
ChatGPT-5 Launches – Discover What’s New in the Next-Gen AI Agent
OpenAI has officially launched ChatGPT-5, marking a significant leap forward in artificial intelligence technology with a revolutionary unified system that combines multiple specialized models to deliver unprecedented performance and versatility. The launch represents the most substantial advancement in conversational AI…
10 Best Red Teaming Companies for Advanced Attack Simulation in 2025
Red teaming companies are specialized cybersecurity firms that use a proactive, adversarial approach to test an organization’s defenses by simulating a real-world cyberattack. Unlike traditional penetration testing, which typically focuses on finding specific vulnerabilities, red teaming emulates the tactics, techniques,…
How Machine Learning Detects Living off the Land (LotL) Attacks
Elite cybercriminals prefer LotL attacks because they’re incredibly hard to spot. Instead of deploying obvious malware, attackers use the same trusted tools that an IT team relies on daily, such as PowerShell, Windows Management Instrumentation (WMI) and various integrated utilities…
HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks
Researchers at Cyata have disclosed nine previously unknown zero-day vulnerabilities in HashiCorp Vault, a widely adopted open-source secrets management platform, enabling attackers to bypass authentication, escalate privileges, and achieve remote code execution (RCE). These flaws, assigned CVEs through responsible disclosure…
Splunk Unveils PLoB Tool to Detect Compromised Credential Usage
Splunk has introduced PLoB (Post-Logon Behaviour Fingerprinting and Detection) in a world where compromised credentials remain the primary vector for initial access in more than half of cybersecurity incidents, as noted in the Cisco Talos IR Trends report for Q1…
Hackers Exploit SVG Files with Embedded JavaScript to Deploy Malware on Windows Systems
Threat actors are increasingly using Scalable Vector Graphics (SVG) files to get beyond traditional defenses in the quickly developing field of cybersecurity. Unlike raster formats such as JPEG or PNG, which store pixel-based data, SVGs are XML-structured documents that define…
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United States to face charges related to sophisticated hacking, wire fraud, and aggravated identity theft operations. The 39-year-old Nigerian national was…