Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily during Chinese time zone working hours. This operation focuses on Chinese-speaking individuals and entities both within and outside China, leveraging…

Read more →

Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where…

Read more →

Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens, login credentials, cryptocurrency wallet information, personally identifiable information (PII), multifactor authentication (MFA) artifacts, and pretty much any data stored in…

Read more →

Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a startling return to crypto-jacking techniques reminiscent of the Coinhive heyday of 2017. This new wave, detected in late 2024, marks…

Read more →

Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit…

Read more →

Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish businesses, especially those in the defense and aerospace sectors. The campaign distributes malicious emails masquerading as contractual documents, such as…

Read more →

A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. The vulnerability, designated as CVE-2025-27212, affects multiple UniFi Access products and carries a maximum…

Read more →

Grafana Labs has released critical security patches addressing two significant vulnerabilities that could enable attackers to redirect users to malicious websites and execute arbitrary code within dashboard environments. The security update addresses CVE-2025-6023, a high-severity cross-site scripting (XSS) vulnerability, and…

Read more →

Google has initiated legal proceedings against the operators of BadBox 2.0, identified as the largest botnet comprising internet-connected televisions and other devices. This botnet, uncovered through a collaborative effort with cybersecurity firms HUMAN Security and Trend Micro, has infected over…

Read more →

Sophos has disclosed three critical security vulnerabilities in its Intercept X for Windows endpoint security solution that could allow attackers to execute arbitrary code and gain system-level privileges on affected systems. The vulnerabilities, designated CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, all carry…

Read more →

Researchers at Cyble Research and Intelligence Labs (CRIL) have uncovered an ongoing quishing campaign dubbed “Scanception,” which exploits QR code-based delivery mechanisms to distribute credential-harvesting URLs. This advanced phishing operation begins with targeted emails containing PDF lures that mimic legitimate…

Read more →

Cybersecurity researchers at Northeastern University and Dartmouth College have unveiled a groundbreaking attack technique that exploits fundamental parsing discrepancies in Web Application Firewalls (WAFs), potentially compromising the security of millions of websites worldwide. The research, dubbed “WAFFLED” (Web Application Firewall…

Read more →

Microsoft has shed light on the sophisticated operations of Octo Tempest, a financially motivated cybercriminal group alternatively known as Scattered Spider, Muddled Libra, UNC3944, or 0ktapus. This threat actor has demonstrated a versatile arsenal of tactics, techniques, and procedures (TTPs)…

Read more →

A critical security vulnerability has been discovered in Lenovo’s protection driver software, affecting millions of users across desktop and laptop systems. The flaw, identified as CVE-2025-4657, allows local attackers with elevated privileges to execute arbitrary code through a buffer overflow…

Read more →

Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into executing malicious commands under the guise of resolving…

Read more →

Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware, including MDifyLoader and Cobalt Strike Beacon. These attacks, observed from December 2024 through July 2025, build on prior incidents involving SPAWNCHIMERA…

Read more →

Novabev Group, the parent company of premium vodka brand Beluga, has confirmed it was hit by a sophisticated ransomware attack on July 14, 2025, temporarily disrupting operations and affecting IT infrastructure across the company and its WineLab subsidiary. The Russian…

Read more →

In 2025, the cybersecurity landscape is more fragmented and perilous than ever before. Organizations face an explosion of data sources, an increasing attack surface spanning endpoints, networks, cloud environments, and identities, and a relentless onslaught of sophisticated, multi-stage attacks. Traditional…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen Industrial Control Systems (ICS) security advisories on July 17, 2025, highlighting critical vulnerabilities that could compromise essential infrastructure operations. This coordinated disclosure represents one of the most significant advisory releases of…

Read more →

A newly disclosed vulnerability dubbed “Daemon Ex Plist” allows attackers to escalate privileges from standard user to root access on macOS systems, exploiting a timing flaw in how the operating system handles daemon configuration files. Security researcher Egor Filatov published details of…

Read more →