JFrog Security Research has uncovered three critical zero-day vulnerabilities in PickleScan, a widely-adopted industry-standard tool for scanning machine learning models and detecting malicious content. These vulnerabilities would enable attackers to completely bypass PickleScan’s malware detection mechanisms, potentially facilitating large-scale supply…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Actively Exploit New Windows LNK 0-Day Vulnerability
A newly discovered security flaw in Windows shortcut files is being actively used by hackers to target diplomatic organisations. The vulnerability allows attackers to conceal malicious commands within shortcut files (.lnk), making them invisible to users. The Discovery and Initial…
Malicious VSCode Extension Deploys Anivia Loader and OctoRAT
In late November 2025, a sophisticated supply-chain attack leveraging the Visual Studio Code extension ecosystem came to light, demonstrating how threat actors are increasingly targeting developer tools to gain persistent access to high-value systems. On November 21, a malicious extension…
Microsoft Confirms Windows 11 25H2 UI Features Broken also Along With 24H2 Following Update
Microsoft has acknowledged a significant issue affecting Windows 11 versions 24H2 and 25H2. Where critical user interface components break following the installation of monthly cumulative updates released on or after July 2025. The problem impacts XAML-dependent modern applications, including core…
Examining the Risk of AI-Assisted MedusaLocker Ransomware Attacks
Researchers at Cato CTRL have demonstrated that the feature, designed to streamline AI workflows, can be easily weaponized to deploy MedusaLocker ransomware without the user’s knowledge. A new cybersecurity investigation has revealed a critical oversight in Anthropic’s rapidly growing “Claude…
CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild and prompting immediate action from organizations and device users worldwide. The vulnerabilities CVE-2025-48572…
Longwatch RCE Flaw Allows Attackers to Run Remote Code with Elevated Privileges
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical remote code execution vulnerability affecting Industrial Video & Control’s Longwatch video surveillance and monitoring system. The flaw enables unauthenticated attackers to execute arbitrary code with…
Malicious Rust “evm-units” Impersonator Deploys OS-Specific Payloads
A malicious Rust crate masquerading as an Ethereum Virtual Machine (EVM) utility has been caught delivering silent, OS-specific payloads to developers’ machines. The package, named evm-units and authored by “ablerust,” was hosted on Crates.io for roughly eight months and accumulated…
Shai-Hulud 2.0 Cyberattack Compromises 30,000 Repos and Exposes 500 GitHub Accounts
The Shai-Hulud 2.0 supply chain attack has proven to be one of the most persistent and destructive malware campaigns targeting the developer ecosystem. Since the incident first emerged on November 24, 2025, Wiz Research and Wiz CIRT have been tracking…
Let’s Encrypt Cutting Certificate Lifespan from 90 Days to 45 Days
Let’s Encrypt, the nonprofit certificate authority serving millions of websites, announced a significant shift in how it issues digital certificates. Starting in 2026, the organization will reduce the validity period of its SSL/TLS certificates from 90 days to 45 days,…
New Calendly-Inspired Phishing Attack Aims to Steal Google Workspace Credentials
A long-running phishing campaign is abusing Calendly-branded job invitations to compromise Google Workspace and Facebook Business accounts, with a particular focus on hijacking ad management platforms used by agencies and large brands. The operation, uncovered by Push Security, combines Attacker‑in‑the‑Middle…
New “Executive Award” Scam Exploits ClickFix to Deliver Stealerium Malware
A sophisticated new phishing campaign is targeting company executives with a double-pronged attack that steals credentials and deploys information-stealing malware in a single coordinated strike. The “Executive Award” scam, identified by cybersecurity researchers at Trustwave MailMarshal, represents an evolution in…
Critical Elementor Plugin Flaw Allows Attackers to Seize WordPress Admin Control
A severe privilege escalation vulnerability in the King Addons for Elementor WordPress plugin has exposed thousands of websites to complete administrative compromise. The flaw, tracked as CVE-2025-8489 with a critical CVSS score of 9.8, allows unauthenticated attackers to register with…
New Stealth K.G.B RAT Marketed by Threat Actors on Underground Forums
Threat actors on an underground cybercrime forum are allegedly promoting a new remote access Trojan (RAT) bundle dubbed “K.G.B RAT + Crypter + HVNC,” claiming it is “fully undetectable” by security solutions. The post, attributed to a member of a…
Authorities Seize Domains Linked to Tai Chang Cryptocurrency Investment Scam
The United States Justice Department has seized a website domain used to steal money from Americans through fake cryptocurrency investments. The domain, tickmilleas.com, was operated by the Tai Chang scam compound located in Kyaukhat, Burma. This action comes less than…
Threat Actors Using Matanbuchus Downloader to Deliver Ransomware and Maintain Persistence
Threat actors are increasingly abusing the Matanbuchus malicious downloader as a key enabler for hands-on-keyboard ransomware operations, using its backdoor-like capabilities to deliver secondary payloads, move laterally, and maintain long-term persistence on compromised systems. Initially observed in 2020 and offered…
Researchers Catch Lazarus Group’s Recruitment Workflow on Camera via Honeypot
A groundbreaking collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has lifted the curtain on North Korean threat actors from the Lazarus Group, revealing their recruitment tactics and operational methods in unprecedented detail. The research team documented…
Multiple Django Vulnerability Expose Applications to SQL Injection and DoS Attacks
The Django development team has released critical security patches for three major versions of the popular Python web framework, addressing two significant vulnerabilities that could expose applications to SQL injection attacks and denial-of-service conditions. The updates, issued on December 2,…
CISA Alerts on Iskra iHUB Authentication Flaw Allowing Remote Device Reconfiguration
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe authentication vulnerability affecting Iskra iHUB and iHUB Lite intelligent metering gateways worldwide. Assigned CVE-2025-13510 with a CVSS score of 9.3, this vulnerability represents a significant…
Water Saci Hackers Exploit AI Tools to Target WhatsApp Web Users
The Water Saci campaign targeting Brazilian users has escalated significantly, with threat actors demonstrating remarkable technical sophistication by employing artificial intelligence to enhance their malware propagation capabilities. Security researchers have identified a critical shift in the group’s attack methodology: the…