Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A critical security vulnerability has been discovered in Cisco’s Unified Intelligence Center that allows authenticated remote attackers to upload arbitrary files to affected systems, potentially enabling complete system compromise. The flaw, tracked as CVE-2025-20274, carries a CVSS score of 6.3…

Read more →

Cybersecurity researchers have discovered that threat actors began exploiting the critical CitrixBleed 2 vulnerability nearly two weeks before a public proof-of-concept was released, highlighting the sophisticated nature of modern attack campaigns. The vulnerability, tracked as CVE-2025-5777, represents a significant security…

Read more →

A severe remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint that allows attackers to execute arbitrary code through malicious XML content embedded within web parts. According to the recent report, the vulnerability, which affects the deserialization process…

Read more →

The Python Package Index (PyPI) has implemented an administrative block on the inbox.ru email domain, prohibiting its use for new user registrations and as additional verification addresses. This action stems from a recent campaign that exploited the domain to create…

Read more →

Socket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major escalation within the npm supply chain. These packages, initially flagged in two instances for hidden functionality…

Read more →

The Department of Defense (DoD) revealed that an advanced persistent threat (APT) group, known as Salt Typhoon and publicly identified as Chinese state-sponsored actors, had successfully penetrated a U.S. state’s Army National Guard network in a major increase in cyberthreats.…

Read more →

Security researchers have uncovered a critical chain of vulnerabilities in Samsung’s WEA453e wireless access point that allows unauthenticated remote attackers to execute commands with full administrative privileges. The flaws, discovered in August 2020, demonstrate how seemingly minor web interface oversights…

Read more →

Security researchers at Atredis have uncovered multiple privilege escalation vulnerabilities in Lenovo Vantage, a pre-installed management platform on Lenovo laptops that handles device updates, configurations, and system health monitoring. These flaws, tracked under CVEs 2025-6230, 2025-6231, and 2025-6232, allow unprivileged…

Read more →

Google’s artificial intelligence agent “Big Sleep” has made cybersecurity history by discovering and stopping the exploitation of a critical zero-day vulnerability in SQLite, marking the first time an AI system has directly foiled real-world cyberattacks. The AI agent, developed by…

Read more →

Microsoft has issued an urgent warning to Windows users about an impending security certificate expiration that could significantly impact device functionality. The tech giant announced that Secure Boot certificates used by most Windows devices are scheduled to expire starting in…

Read more →

A cybersecurity researcher has demonstrated how a carefully crafted Gmail message can trigger code execution through Claude Desktop, Anthropic’s AI assistant application, highlighting a new class of vulnerabilities in AI-powered systems that don’t require traditional software flaws. The exploit leverages…

Read more →

The financially driven organization known as Dark Partners has been planning massive cryptocurrency theft since at least May 2025, using a complex network of more than 250 malicious domains that pose as AI tools, VPN services, cryptocurrency wallets, and well-known…

Read more →

SentinelOne researchers have discovered NimDoor, a sophisticated MacOS malware campaign ascribed to North Korean-affiliated attackers, most likely the Stardust Chollima gang, in a notable increase in cyber threats targeting the bitcoin industry. Active since at least April 2025, NimDoor exploits…

Read more →

Oracle Corporation released its July 2025 Critical Patch Update, addressing a substantial 309 security vulnerabilities across its extensive product portfolio. This quarterly security release represents one of the most comprehensive patches in recent years, affecting dozens of Oracle’s enterprise software…

Read more →

Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This…

Read more →

Attackers are increasingly using advanced disguising techniques, such polyglot files, to get around email filters and successfully send phishing payloads in the constantly changing world of cyber threats. These polyglot files, which can be interpreted as multiple file formats simultaneously,…

Read more →

Cyber espionage campaigns against Japanese companies have increased in fiscal year 2024, which runs from April 2024 to March 2025, according to a thorough analysis published by Macnica’s Security Research Center. The main objective of these campaigns is to exfiltrate…

Read more →

A critical security vulnerability has been discovered in Vim, the popular open-source command-line text editor, that could allow attackers to overwrite arbitrary files on users’ systems. The vulnerability, designated CVE-2025-53906, was published on July 15, 2025, and affects all versions of…

Read more →

Cloudflare’s latest DDoS Threat Report for the second quarter of 2025 reveals that the company autonomously mitigated the largest-ever recorded distributed denial-of-service (DDoS) attacks, peaking at an unprecedented 7.3 terabits per second (Tbps) and 4.8 billion packets per second (Bpps).…

Read more →

The largest Bitcoin-enabled Western darknet marketplace, Abacus Market, has gone offline amid widespread suspicions of an exit scam that may have cost users millions of dollars in held cryptocurrency funds. TRM Labs, a blockchain analytics firm, assesses that the marketplace’s…

Read more →