Linux has been the reliable backbone of business infrastructure for many years; it powers 96% of the top million web servers worldwide and more than 80% of workloads in public clouds. Its reputation for reliability and inherent security has long…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
North Korean Hackers Exploit Zoom Invites in Attacks on Crypto Companies
Cybersecurity firm SentinelOne has exposed an ongoing malware campaign orchestrated by North Korean threat actors, known for their persistent “fake interview” scams. This operation continues to leverage spear-phishing tactics aimed at individuals and organizations within the Web3, cryptocurrency, and blockchain…
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems
The MITRE Corporation has unveiled its comprehensive AADAPT™ framework (Adversarial Actions in Digital Asset Payment Technologies), a specialized knowledge base designed to catalog and counter sophisticated attacks targeting digital asset management systems, cryptocurrency exchanges, and blockchain infrastructure. The framework represents…
British Citizen Sentenced for Islamophobic WiFi Hack at UK Train Stations
John Andreas Wik, a 37-year-old resident of Limes Road in Beckenham, has been handed a 24-month prison sentence, suspended for two years, after admitting to orchestrating an Islamophobic hack of free WiFi landing pages at multiple train stations across Britain.…
Apache Tomcat Coyote Flaw Allows Attackers to Launch DoS Attacks
The Apache Software Foundation has revealed a vulnerability in the Tomcat Coyote module, specifically within the Maven artifact org.apache.tomcat:tomcat-coyote, that could enable malicious actors to orchestrate denial-of-service (DoS) attacks. This flaw stems from an uncontrolled resource consumption issue tied to…
NCC Advises Immediate Windows 11 Upgrade to Strengthen Cyberattack Defenses
The National Cyber Security Centre (NCSC) has unveiled its latest recommended configuration packs for Microsoft Windows operating systems, designed to streamline the deployment of baseline security settings. These packs distill essential configurations into a minimal set that balances usability with…
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes
A critical vulnerability in Git’s command-line interface has been disclosed with public proof-of-concept exploits available, allowing arbitrary file writes and remote code execution on Linux and macOS systems. CVE-2025-48384 affects Git installations using git clone –recursive on weaponized repositories, exploiting improper handling…
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits
Unit 42 researchers from Palo Alto Networks have been monitoring a sophisticated threat cluster designated CL-STA-1020, which has been systematically targeting governmental entities across Southeast Asia. This operation focuses on extracting sensitive data from government agencies, particularly details surrounding recent…
Cybercriminals Clone CNN, BBC, and CNBC Sites to Lure Victims into Investment Fraud
Researchers have unveiled a sprawling cybercrime syndicate orchestrating an elaborate phishing and investment fraud campaign by cloning legitimate news outlets such as CNN, BBC, CNBC, News24, and ABC News. This operation leverages domain spoofing and typosquatting techniques to fabricate over…
ImageMagick Vulnerability Enables RCE via Malicious File Name Patterns
A critical vulnerability in ImageMagick’s image processing library has been disclosed, enabling remote code execution through carefully crafted filename templates. Tracked as CVE-2025-53101, the flaw stems from a stack buffer underwrite in the MagickCore/image.c module. By specifying multiple consecutive format…
CBI Uncovers Noida Tech Support Scam Targeting Victims in UK and Australia
The Central Bureau of Investigation (CBI) has made a major breakthrough in Operation Chakra-V by taking down a sophisticated global cybercrime network that was primarily targeting people in Australia and the United Kingdom with tech support frauds. This operation highlights…
Red Bull-Themed Phishing Attacks Target Job Seekers’ Credentials
A few significant investments in email filtering, authentication procedures, and endpoint protection, attackers are constantly improving their techniques to circumvent automated security measures in a time when phishing is still a major cyberthreat. A recent campaign identified by Evalian’s Security…
CISA Flags Remote Linking Protocol Flaws Allowing Attackers to Hijack Train Brake Systems
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority security alert warning of serious vulnerabilities in railway brake control systems that could allow attackers to commandeer train operations and potentially cause catastrophic accidents. The alert, published on July…
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform
Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assigned CVE-2025-5333, affects…
CISA Issues Alert on Actively Exploited Wing FTP Server Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Wing FTP Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the security flaw in the wild. Critical Security Flaw Enables System…
Gigabyte UEFI Firmware Vulnerability Allows Code Execution in SMM Privileged Mode
Critical security vulnerabilities in Gigabyte motherboard firmware have been disclosed that allow attackers to execute arbitrary code in System Management Mode (SMM), the most privileged execution level on x86 processors. The flaws, identified by security researchers at Binarly REsearch, affect…
Microsoft Explains How to Find and Stop Processes Blocking Files in Windows
Microsoft has provided comprehensive guidance on resolving one of Windows users’ most frustrating issues: the dreaded “The process cannot access the file because it is being used by another process” error message. This common problem occurs when multiple programs attempt…
Weaponized Games: Threat Actors Target Gen Z Gamers Through Popular Titles
Kaspersky security researchers have discovered sophisticated threat actor activities that take advantage of the digitally native Gen Z population, which was born between 1997 and 2012 and is heavily involved in gaming, streaming, and anime, for malevolent purposes. Over a…
New Forensic Method Reveals Hidden Traces of RDP Exploits by Hackers
Cybersecurity researchers have unveiled advanced techniques for tracking attackers who use Remote Desktop Protocol (RDP) to move laterally through compromised networks, turning the very technology hackers rely on into a digital fingerprint that reveals their every move. The breakthrough centers…
Hackers Weaponize Compiled HTML Help to Deliver Malicious Payload
Threat actors have exploited Microsoft Compiled HTML Help (CHM) files to distribute malware, with a notable sample named deklaracja.chm uploaded to VirusTotal from Poland. This CHM file, a binary container for compressed HTML and associated objects, serves as a delivery…