Researchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection with obfuscation and anti-analysis techniques, steals data from various browsers, applications, and cryptocurrency wallets. It operates as an Electron or NodeJS application, injecting code into vulnerable…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication
Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to the Pakistani group Storm-0156, which allows Secret Blizzard to access networks of Afghan government entities and Pakistani operators. They have deployed their own malware, TwoDash and…
Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware
BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using spearphishing emails with malicious HTML attachments to deliver GammaLoad malware. To evade detection, BlueAlpha is leveraging Cloudflare Tunnels to conceal their infrastructure and using DNS fast-fluxing…
CapibaraZero Firmware With ESP32-S3 Hardware Enables Low Cost Flipper Zero alternative
The open-source tech landscape continues to innovate, and the release of the CapibaraZero firmware marks another breakthrough. Designed for ESP32-S3-based hardware platforms, CapibaraZero provides a low-cost alternative to the highly popular—but expensive—Flipper Zero, a multifunctional tool for penetration testers, ethical…
Multiple SonicWall Vulnerabilities Let Attackers Execute Remote Code
SonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances. These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity. SonicWall urges users to take immediate…
Django Security Update, Patch for DoS & SQL Injection Vulnerability
The Django team has issued critical security updates for versions 5.1.4, 5.0.10, and 4.2.17. These updates address two vulnerabilities: a potential denial-of-service (DoS) attack in the strip_tags() method and a high-severity SQL injection risk in Oracle databases. All developers and system administrators…
Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena
Rockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries looking to execute arbitrary…
Europol Dismantled 50+ Servers Used For Fake Online Shopping Websites
Europol, in collaboration with law enforcement across Europe, has taken down a sophisticated cybercriminal network responsible for large-scale online fraud. Over 50 servers were seized, a trove of digital evidence was secured, and two primary suspects are now in pretrial…
Multiple ICS Advisories Released by CISA Detailing Exploits & Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has released two advisories highlighting significant security vulnerabilities in Industrial Control Systems (ICS) software and hardware. These vulnerabilities, identified in AutomationDirect’s C-More EA9 Programming Software and Planet Technology’s industrial switch WGS-804HPT, could pose…
Researchers Released hrtng IDA Pro Plugin for Malware Analyst to Make Reverse Engineering Easy
The Global Research and Analysis Team (GReAT) has announced the release of hrtng, a cutting-edge plugin for IDA Pro, one of the most prominent tools for reverse engineering. Designed specifically to enhance the efficiency of malware analysis, hrtng provides analysts with powerful…
Windows NTLM Zero-Day Vulnerability Exposes User Credentials
A critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered. The flaw enables attackers to steal NTLM credentials with minimal user interaction, posing a significant security risk. It impacts systems from Windows 7 and Server…
HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags
Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL Launch has emerged, allowing users to embed arbitrary HTML tags within the Web UI. This vulnerability tracked as CVE-2024-42195, poses a potential risk of sensitive information…
CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being actively exploited in the wild. The vulnerabilities affect popular software and hardware products, including Zyxel firewalls, CyberPanel, North Grid, and ProjectSend. Organizations using these products are…
HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks
HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to solve Capture The Flag (CTF) challenges without human intervention. It utilizes a two-module architecture: a planner to create commands and a summarizer to understand the hacking…
Fuji Electric Indonesia Hit by Ransomware Attack
Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and raising concerns about data security and business continuity. The attack was publicly disclosed by Fuji Electric’s headquarters on December 2, 2024, through an official notice, which…
Thinkware Cloud APK Vulnerability Allows Code Execution With Elevated Privileges
A critical vulnerability identified as CVE-2024–53614 has been discovered in the Thinkware Cloud APK version 4.3.46. This vulnerability arises from the use of a hardcoded decryption key within the application. It allows malicious actors to access sensitive data and execute…
ChatGPT Next Web Vulnerability Let Attackers Exploit Endpoint to Perform SSRF
Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the ChatGPT Next Web, popularly known as NextChat. This vulnerability has raised concerns within the cybersecurity community due to its potential for exploitation through Server-Side Request Forgery…
I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks
I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and UD-LT1/EX routers are being actively exploited. These vulnerabilities pose significant risks to users, necessitating urgent attention and action. Below is a detailed look at each vulnerability,…
Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification
A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially allowing attackers to bypass image signature verification. This flaw, which affects several Cisco product lines, could enable unauthorized users to load unverified software onto affected devices.…
Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data
Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte of sensitive data. Emerging in June 2024, Brain Cipher has quickly established a reputation for its aggressive cyberattacks, with a notable incident involving According to statements…