A malicious Android application has been uncovered, impersonating legitimate Indian banking apps to orchestrate credential theft, surveillance, and unauthorized financial transactions. This malware employs a modular architecture featuring a dropper and a primary payload, leveraging deceptive user interfaces, silent installation…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Phishing Attack Spoofs Facebook Login Page to Capture Credentials
Cybercriminals are using a variety of dishonest tactics in a sophisticated phishing effort aimed at Facebook users in order to obtain login information. The attack begins with a malicious redirect that leads victims to a fraudulent website mimicking legitimate Facebook…
US Announces $15M Reward for North Korean IT Scheme Leaders
The United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and convictions of North Korean nationals involved in extensive revenue generation schemes targeting American companies and…
Bloomberg’s Comdb2 Vulnerable to DoS Through Malicious Packets
Cisco Talos’ Vulnerability Discovery & Research team has disclosed five critical security vulnerabilities in Bloomberg’s Comdb2 open-source database that could allow attackers to cause denial-of-service conditions through specially crafted network packets. The vulnerabilities, all affecting version 8.1 of the high-availability…
Critical VGAuth Flaw in VMware Tools Grants Full System Access
Security researchers have uncovered critical vulnerabilities in VMware Tools’ Guest Authentication Service (VGAuth) that allow attackers to escalate privileges from any user account to full SYSTEM access on Windows virtual machines. The flaws, tracked as CVE-2025-22230 and CVE-2025-22247, affect VMware…
Tridium Niagara Framework Flaws Expose Sensitive Network Data
Cybersecurity researchers at Nozomi Networks Labs have discovered 13 critical vulnerabilities in Tridium’s widely-used Niagara Framework, potentially exposing sensitive network data across building management, industrial automation, and smart infrastructure systems worldwide. The vulnerabilities, consolidated into 10 distinct CVEs, could allow…
Malware Campaign Uses YouTube and Discord to Harvest Credentials from Computers
The Acronis Threat Research Unit (TRU) has uncovered a sophisticated malware campaign deploying infostealers like Leet Stealer, its modified variant RMC Stealer, and Sniffer Stealer, leveraging social engineering tactics centered on gaming hype. These threats masquerade as indie game installers,…
New VoIP Botnet Targets Routers Using Default Passwords
Cybersecurity researchers have uncovered a sophisticated botnet operation exploiting VoIP-enabled routers through default password attacks, with initial activity concentrated in rural New Mexico before expanding globally to compromise approximately 500 devices. The discovery began when GreyNoise Intelligence engineers noticed an…
New CastleLoader Attack Uses Cloudflare-Themed Clickfix Method to Compromise Windows Systems
A newly identified loader malware dubbed CastleLoader has emerged as a significant threat since early 2025, rapidly evolving into a distribution platform for various information stealers and remote access trojans (RATs). Leveraging sophisticated phishing tactics under T1566 and drive-by compromise…
xonPlus Launches Real-Time Breach Alerting Platform For Enterprise Credential Exposure
Chennai, India, July 25th, 2025, CyberNewsWire xonPlus, a real-time digital risk alerting system, officially launches today to help security teams detect credential exposures before attackers exploit them. The platform detects data breaches and alerts teams and systems to respond instantly.…
Multiple Hacker Groups Exploit SharePoint 0-Day Vulnerability in the Wild
Microsoft has confirmed that a pair of zero-day vulnerabilities in on-premises SharePoint Server, collectively dubbed ToolShell, are under active exploitation by diverse threat actors ranging from opportunistic cybercriminals to sophisticated nation-state advanced persistent threat (APT) groups. ToolShell encompasses CVE-2025-53770, a…
Bulletproof Host Aeza Group Moves Infrastructure to New Autonomous System
Threat analysts at Silent Push announced the discovery of a major infrastructure shift by the bulletproof hosting provider Aeza Group, which was designated and sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on July…
BlackSuit Ransomware Infrastructure Seized by Authorities
International law enforcement agencies delivered a significant blow to cybercriminals this week with the successful takedown of critical infrastructure belonging to the BlackSuit ransomware gang. The coordinated operation, dubbed “Operation Checkmate,” has effectively dismantled the group’s primary communication and extortion…
Hackers Inject Destructive Commands into Amazon’s AI Coding Agent
A significant security breach has exposed critical vulnerabilities in Amazon’s artificial intelligence infrastructure, with hackers successfully injecting malicious computer-wiping commands into the tech giant’s popular AI coding assistant. The incident represents a concerning escalation in cyber threats targeting AI-powered development…
Quid Miner Launches Mobile Cloud Mining App for Seamless, Secure BTC and DOGE Cryptocurrency Daily Income of $17,777
[London, UK ] July 2025 – As digital assets continue to gain mainstream adoption, investors are turning to innovative tools that simplify how they participate in the crypto economy. Quid Miner, a UK-based platform, is leading this shift with a…
Hive0156 Hackers Targeting Government and Military Organizations to Deploy REMCOS RAT
IBM X-Force researchers have identified ongoing cyber campaigns by Hive0156, a Russian-aligned threat actor, systematically targeting Ukrainian government and military personnel with sophisticated malware attacks. The group, which shows significant operational overlap with CERT-UA’s UAC-0184 actor, has been actively deploying…
AI-Powered Cyber Attacks Utilize ML Algorithms to Deploy Malware and Circumvent Traditional Security
Artificial intelligence (AI) and machine learning (ML) are enabling hackers to plan extremely complex assaults that surpass conventional defenses in a threat landscape that is changing quickly. According to the Gigamon Hybrid Cloud Security Survey, which polled over 1,000 security…
Surge in Phishing Attacks Exploiting Spoofed SharePoint Domains and Sneaky 2FA Tactics
Cybersecurity researchers have observed a significant uptick in phishing campaigns that leverage domains designed to impersonate Microsoft SharePoint, employing highly structured naming conventions to evade detection. These malicious domains, which have proliferated since June 26, 2025, follow predictable patterns, including…
APT28 Hackers Unveil First LLM-Powered Malware, Enhancing Attack Techniques with AI
Ukraine’s Computer Emergency Response Team (CERT-UA) has publicly reported the emergence of LAMEHUG, marking it as the inaugural malware to embed large language model (LLM) capabilities directly into its attack chain. This campaign targets Ukrainian government officials through phishing emails…
Elephant APT Group Exploits VLC Player and Encrypted Shellcode in Attacks on Defense Sector
Arctic Wolf Labs has uncovered a sophisticated cyber-espionage operation attributed to the Dropping Elephant advanced persistent threat (APT) group, also known as Patchwork or Quilted Tiger, focusing on Turkish defense contractors specializing in precision-guided missile systems. The campaign, which began…