SafePay ransomware has become one of the most active and destructive threat actors in Q1 2025, a shocking development in the cybersecurity scene. According to the Acronis Threat Research Unit (TRU), SafePay has aggressively targeted over 200 victims worldwide, including…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Cyberattacks on User Logins Jump 156%, Fueled by Infostealers and Phishing Toolkits
Identity-driven assaults have increased by a shocking 156% between 2023 and 2025, making up 59% of all confirmed threat instances in Q1 2025, according to data conducted by eSentire’s Threat Response Unit (TRU). This dramatic shift from traditional asset-focused exploits…
Hackers Exploit GitHub to Distribute Malware Disguised as VPN Software
CYFIRMA has discovered a sophisticated cyberattack campaign in which threat actors are using GitHub to host and disseminate malware masquerading as genuine software. Masquerading as “Free VPN for PC” and “Minecraft Skin Changer,” these malicious payloads are designed to trick…
INE Security Launches Enhanced eMAPT Certification
Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration…
ServiceNow Platform Vulnerability Enables Attackers to Exfiltrate Sensitive Data
Security researchers have identified a critical vulnerability in ServiceNow’s widely-used enterprise platform that could enable attackers to extract sensitive data including personally identifiable information (PII), credentials, and financial records. The flaw, dubbed “Count(er) Strike” by Varonis Threat Labs, affects ServiceNow…
Four Hackers Arrested by UK Police After Attacks on M&S Co‑op and Harrods
UK law enforcement authorities have made significant progress in their investigation into cyber attacks targeting some of Britain’s most prominent retailers, with four individuals now in custody following coordinated arrests across the West Midlands and London. The National Crime Agency…
Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks
Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed “PerfektBlue” that affect millions of vehicles and other devices using OpenSynergy’s BlueSDK framework. The vulnerabilities can be chained together to achieve remote code execution (RCE) with minimal user interaction,…
CISA Warns ValveLink Products May Expose Sensitive System Information
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning that multiple vulnerabilities in Emerson ValveLink Products could allow attackers to access sensitive system information and execute unauthorized code. The alert, designated ICSA-25-189-01 and released on…
Rhadamanthys Infostealer Uses ClickFix Technique to Steal Login Credentials
The Rhadamanthys Stealer, a highly modular information-stealing virus that was first discovered in 2022, has made a comeback with a clever and dishonest delivery method called ClickFix Captcha. This is a terrifying development for cybersecurity experts. This technique disguises malicious…
Brave Browser For Android via F‑Droid: Now Fully Available
Brave has taken a significant step toward empowering privacy-conscious Android users by making its browser fully available through its own F-Droid repository, providing an alternative distribution method that bypasses Google Play Store entirely. According to the recent report, this strategic…
Most Cryptocurrency Stocks Are Rising. Join ALR MINER And Earn $8,700 In BTC Every Day
Now, many global cryptocurrency investors view Bitcoin as a financial product for long-term investment rather than a simple speculative product. At the same time, the continued rise in Bitcoin prices reflects the shift in market sentiment and the recent important…
GitLab Vulnerabilities Allow Execution of Malicious Actions via Content Injection
GitLab has released critical security patches addressing four vulnerabilities, including a high-severity cross-site scripting flaw that could enable attackers to execute malicious actions on behalf of users through content injection. The company has issued patch releases 18.1.2, 18.0.4, and 17.11.6…
Critical Ruckus Wireless Flaws Threaten Enterprise Wi‑Fi Security
Multiple critical vulnerabilities discovered in Ruckus Wireless management products pose severe security risks to enterprise networks, with issues ranging from authentication bypass to remote code execution that could lead to complete system compromise. The vulnerabilities affect Virtual SmartZone (vSZ) and…
Ransomware Activity Spikes Amid Qilin’s New Wave of Targeted Attacks
The Qilin group emerged as the leading player in the ransomware ecosystem, which saw a notable rise in activity during June 2025 in a startling escalation of cyber dangers. According to the latest Deep Web and Dark Web trend report,…
Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners
The AhnLab Security Intelligence Center (ASEC) has confirmed that unpatched GeoServer instances are still facing relentless attacks by threat actors exploiting a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-36401. GeoServer, an open-source Geographic Information System (GIS) server developed…
Researchers Trick ChatGPT into Leaking Windows Product Keys
Security researchers have successfully demonstrated a sophisticated method to bypass ChatGPT’s protective guardrails, tricking the AI into revealing legitimate Windows product keys through what appears to be a harmless guessing game. This discovery highlights critical vulnerabilities in AI safety mechanisms…
New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages
A newly discovered man-in-the-middle exploit dubbed “Opossum” has demonstrated the unsettling ability to compromise secure communications over Transport Layer Security (TLS) by injecting unauthorized messages into an active session. Researchers warn that Opossum targets a wide range of widely used…
Massive Scraper Botnet of 3,600+ Devices Targets US and UK Websites
GreyNoise has discovered an undiscovered version of a scraper botnet with more than 3,600 distinct IP addresses worldwide, which is a major cybersecurity development. This botnet, first observed on April 19, 2025, exhibits a distinct behavioral footprint that makes it…
GitPhish: New Tool Automates GitHub Device Code Phishing Attacks
Security researchers revealed the dangers of GitHub Device Code Phishing—a technique that leverages the OAuth 2.0 Device Authorization Grant flow. This method can turn a simple eight-digit code and a phone call into a full compromise of an organization’s GitHub…
McDonald’s AI Hiring Bot Exposed with ‘123456’ Password — Millions of Job‑Seekers’ Data at Risk
A shocking security vulnerability in McDonald’s AI-powered hiring system has exposed the personal information of millions of job applicants, after security researchers discovered they could access the entire database using the laughably weak password “123456.” The breach affects McHire.com, McDonald’s…