Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Cybersecurity researchers have uncovered a critical vulnerability in Cursor IDE that allows attackers to execute arbitrary system commands through a sophisticated trust bypass mechanism, potentially compromising developer workstations across collaborative coding environments. Check Point Research disclosed the vulnerability, designated CVE-2025-54136…

Read more →

Security Risk Advisors (SRA), a leading cybersecurity consulting firm, today announced the launch of SCALR AI, a customizable platform designed to enable non-technical people to build and integrate agentive AI capabilities directly into their operations. SCALR AI is being showcased…

Read more →

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued Notice FIN-2025-NTC1, dated August 4, 2025, warning financial institutions about the growing risks associated with convertible virtual currency (CVC) kiosks, also known as cryptocurrency automated teller machines…

Read more →

The North Korean state-sponsored group Kimsuky, also known as APT43, Thallium, and Velvet Chollima, has been accused of launching a recent cyber-espionage campaign in which the attackers used malicious Windows shortcut (LNK) files as the first point of entry to…

Read more →

Cybersecurity firm CTM360 has uncovered an ongoing malicious operation dubbed “ClickTok,” specifically targeting TikTok Shop users worldwide through a dual-pronged strategy of phishing and malware deployment. This campaign leverages deceptive replicas of TikTok’s official in-app e-commerce platform, impersonating affiliates and…

Read more →

Microsoft has unveiled the return of its groundbreaking Zero Day Quest initiative, escalating the stakes in cybersecurity research with a staggering total bounty pool of up to $5 million. Building on the success of last year’s inaugural event, which offered…

Read more →

Security researchers discovered 28 distinct zero-day vulnerabilities, seven of which were expressly directed at artificial intelligence infrastructure, in a startling discovery made during the 2025 Pwn2Own Berlin event, which was organized by Trend Micro’s Zero Day Initiative. This inaugural AI…

Read more →

Cisco Systems has disclosed a data breach that compromised basic profile information of users registered on Cisco.com following a successful voice phishing attack targeting one of the company’s representatives. The incident resulted in unauthorized access to a third-party cloud-based Customer…

Read more →

A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian…

Read more →

SonicWall has issued an urgent security advisory following a significant escalation in cyberattacks targeting Generation 7 firewalls with enabled SSLVPN functionality over the past three days. The cybersecurity company is actively investigating whether these incidents stem from a previously disclosed…

Read more →

Zero-day exploits against Microsoft SharePoint are enabling attackers to extract IIS machine keys, establishing persistent backdoors that survive patches and reboots. In mid-July 2025, threat actors began abusing two critical SharePoint vulnerabilities—CVE-2025-53770 (deserialization, CVSS 9.8) and CVE-2025-53771 (authentication bypass, CVSS 6.3)—in an attack…

Read more →

Cloudflare has publicly accused Perplexity AI of employing deceptive crawling practices that violate established web crawling protocols and deliberately circumvent website protection mechanisms. The cybersecurity company has documented evidence of Perplexity using undisclosed user agents and rotating IP addresses to…

Read more →

Veracode Threat Research has uncovered a sophisticated North Korean cryptocurrency theft operation that continues to evolve, building on campaigns previously reported in February and June 2024. This latest iteration involves twelve malicious NPM packages, including cloud-binary, json-cookie-csv, cloudmedia, and nodemailer-enhancer,…

Read more →

FortiGuard Labs has reported a sustained trend in the exploitation of open-source software (OSS) repositories for malware dissemination within supply chain ecosystems. As development workflows increasingly depend on third-party packages, adversaries are capitalizing on vulnerabilities in platforms like NPM and…

Read more →

The Raspberry Robin malware, also known as Roshtyak, has undergone substantial updates that enhance its evasion and persistence on Windows systems. Active since 2021 and primarily disseminated through infected USB devices, this sophisticated downloader has integrated advanced obfuscation techniques to…

Read more →

A critical security vulnerability has been discovered in the popular ADOdb PHP database abstraction library that could allow attackers to execute arbitrary SQL statements, posing significant risks to applications using SQLite3 databases. The flaw, designated as CVE-2025-54119, affects all versions…

Read more →

MediaTek has disclosed three critical security vulnerabilities affecting dozens of its chipsets, potentially allowing attackers to gain elevated system privileges on affected devices. The vulnerabilities, detailed in the company’s August 2025 Product Security Bulletin, impact a wide range of MediaTek…

Read more →

The North Korean-linked Chollima advanced persistent threat (APT) group, also known as Famous Chollima, has been orchestrating a persistent cyber espionage campaign since at least December 2022, primarily targeting job seekers in the software development and IT sectors to infiltrate…

Read more →

McAfee’s Mobile Research Team has identified a sophisticated Android malware campaign primarily aimed at Hindi-speaking users in India, masquerading as legitimate financial applications from institutions like SBI Card, Axis Bank, and IndusInd Bank. This operation distributes malicious APKs through dynamically…

Read more →

A critical security flaw in Streamlit, the popular open-source framework for building data applications, has been discovered that could allow cybercriminals to execute cloud account takeover attacks and manipulate financial data systems. The vulnerability, found in Streamlit’s file upload feature,…

Read more →

A groundbreaking security research has revealed that parameter pollution techniques combined with JavaScript injection can bypass 70% of modern Web Application Firewalls (WAFs), raising serious concerns about the effectiveness of current web security defenses. Security researchers conducting autonomous penetration testing discovered…

Read more →

Security researchers have discovered a new type of cyberattack that exploits how AI tools process legal text, successfully tricking popular language models into executing dangerous code. Cybersecurity firm Pangea has unveiled a sophisticated attack method called “LegalPwn” that embeds malicious…

Read more →

Security researchers have discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to bypass security restrictions and execute unauthorized commands, with the AI assistant itself helping to facilitate these attacks. The vulnerabilities, designated CVE-2025-54794 and CVE-2025-54795, demonstrate how sophisticated…

Read more →

SentinelLABS and Beazley Security have uncovered a sophisticated infostealer campaign deploying the Python-based PXA Stealer, which has rapidly evolved since late 2024 to incorporate advanced anti-analysis techniques, decoy content, and hardened command-and-control (C2) infrastructure. This operation, linked to Vietnamese-speaking cybercriminal…

Read more →

Adversaries are using artificial intelligence (AI) to increase their operational efficiency in a fast-changing threat landscape. They are scaling attacks and focusing on autonomous AI agents that support contemporary enterprise ecosystems. According to frontline intelligence from CrowdStrike’s 2025 Threat Hunting…

Read more →

Wilhelm Einhaus, a businessman from Bockum-Hövel, Germany, pioneered cell phone insurance services, establishing a robust network that integrated innovative offerings like a 24-hour repair and replacement program. His enterprise expanded rapidly, partnering with major telecommunications providers such as Deutsche Telekom…

Read more →

A threat actor operating under the moniker Cyber Products has established a public-facing storefront at cyberproducts[.]io to distribute their modular malware suite, dubbed Cyber Stealer. This development marks a shift toward overt commercialization of malicious tools, with additional promotion occurring…

Read more →

China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) has publicly accused U.S. intelligence agencies of orchestrating sophisticated cyberattacks against key military-industrial entities, building on the 2022 NSA breach at Northwestern Polytechnical University. The revelations detail two emblematic incidents…

Read more →

Mozilla has issued an urgent security warning to Firefox add-on developers following the detection of a sophisticated phishing campaign targeting accounts on the Add-ons Mozilla Organization (AMO) platform. The alert, published by Scott DeVaney from Mozilla’s Add-ons Community team on…

Read more →

Security researchers have uncovered and weaponized a critical Use-After-Free vulnerability (CVE-2025-38001) in the Linux network packet scheduler’s HFSC queuing discipline, successfully compromising Google kernelCTF instances—LTS, COS, and mitigation—and fully updated Debian 12. By ingeniously combining HFSC’s real-time scheduling mode, NETEM’s…

Read more →

Security researchers at Safety have uncovered an AI-generated malicious NPM package dubbed @kodane/patch-manager, engineered as an advanced cryptocurrency wallet drainer. This package, posing as a benign “NPM Registry Cache Manager” for license validation and registry optimization, embeds sophisticated mechanisms to…

Read more →

A massive cryptocurrency theft that remained hidden for over four years has been uncovered, revealing what may be the largest Bitcoin hack in history. LuBian, once one of the world’s most prominent Bitcoin mining pools, lost approximately $3.5 billion in…

Read more →

Digital Rights Management (DRM) systems are essential for safeguarding premium streaming content against unauthorized access and piracy, with Microsoft’s PlayReady emerging as a cornerstone technology adopted by major platforms such as Netflix, Amazon Prime Video, and Disney+. PlayReady employs sophisticated…

Read more →

Cybersecurity researchers have uncovered significant overlaps between the attack infrastructure of ShadowSyndicate, also known as Infra Storm by Group-IB, and several prominent ransomware-as-a-service (RaaS) operations. Active since July 2022, ShadowSyndicate has been linked to high-profile RaaS brands such as AlphaV/BlackCat,…

Read more →

Security researchers at Genians Security Center have uncovered a sophisticated new variant of the RoKRAT malware, attributed to the North Korean-linked APT37 threat group, which employs steganography to conceal malicious payloads within seemingly innocuous JPEG image files. This technique allows…

Read more →

The Interlock ransomware group was connected to several sophisticated cyber incidents that targeted firms in North America and Europe, according to a recent report published in July 2025 by eSentire’s Threat Response Unit (TRU). The group, active since September 2024,…

Read more →

Multiple serious security vulnerabilities have been discovered in Partner Software and Partner Web applications widely used by government agencies and contractors, potentially exposing sensitive systems to remote code execution attacks and data breaches. The vulnerabilities, tracked as CVE-2025-6076, CVE-2025-6077, and…

Read more →

A severe security vulnerability in the widely-used Squid HTTP proxy has been disclosed, potentially exposing millions of systems to remote code execution attacks. The flaw, designated as CVE-2025-54574 and SQUID-2025:1, represents a critical buffer overflow vulnerability in the software’s URN…

Read more →

A critical remote code execution vulnerability has been discovered in the popular NestJS framework that could allow attackers to execute arbitrary code on developer machines. The vulnerability, tracked as CVE-2025-54782, affects the @nestjs/devtools-integration package and has been assigned the highest…

Read more →

Cybersecurity researchers at Aim Labs have discovered a critical vulnerability in the popular AI-powered Cursor IDE that enables attackers to achieve silent remote code execution on developer machines. The vulnerability, dubbed “CurXecute,” has been assigned a high severity rating and…

Read more →

HashiCorp has disclosed a critical security vulnerability affecting its Vault products that could allow privileged operators to execute arbitrary code on the underlying host machine. The flaw, designated CVE-2025-6000 and tracked as HCSEC-2025-14, impacts both Community and Enterprise editions of…

Read more →

A Pi-hole donor has reported receiving spam email to an address created exclusively for their donation to the popular network-level ad blocker, raising concerns about a potential data breach affecting the project’s donor database. The incident, reported on Reddit’s Pi-hole…

Read more →

In the rapidly evolving healthcare landscape of 2025, ensuring compliance with the Health Insurance Portability and Accountability Act (HIPAA) is more critical than ever. The increasing reliance on digital health records, telehealth, and other technological advancements has created a complex…

Read more →

Choosing the right dark web monitoring tool is a critical decision for both individuals and organizations seeking to protect their digital assets and identity. With the dark web serving as a hub for illegal data trading, from leaked credentials to…

Read more →

A significant security breach within the Qilin ransomware operation has provided unprecedented insight into the group’s affiliate network structure and operational methods. On July 31, 2025, internal conflicts between the ransomware group and one of its affiliates led to the…

Read more →

Security researchers have discovered a sophisticated Linux backdoor dubbed “Plague” that has remained undetected by all major antivirus engines despite multiple samples being uploaded to VirusTotal over the past year. The malicious software operates as a Pluggable Authentication Module (PAM),…

Read more →

Cybersecurity firm Arctic Wolf has identified a significant increase in ransomware attacks targeting SonicWall firewall devices in late July 2025, with evidence pointing to the exploitation of a previously unknown zero-day vulnerability. The company’s investigation revealed multiple coordinated attacks using…

Read more →

The SafePay ransomware organization has quickly become a powerful operator since its initial detection in September 2024, marking a startling increase in the cyber threat scenario. Unlike predominant ransomware-as-a-service (RaaS) models that rely on affiliates for dissemination and profit-sharing, SafePay…

Read more →

The ransomware landscape underwent significant disruption, marked by the abrupt cessation of operations from several prominent Ransomware-as-a-Service (RaaS) groups, including RansomHub, Babuk-Bjorka, FunkSec, BianLian, 8Base, Cactus, Hunters International, and LockBit. This wave of disappearances has fragmented the ecosystem, diminishing the…

Read more →

Operators of LockBit ransomware have improved their tactics, methods, and procedures (TTPs) to avoid detection and increase damage in the always changing world of cyberthreats. By exploiting DLL sideloading and masquerading, these attackers disguise malicious activities within legitimate system processes,…

Read more →

Check Point Research (CPR) has delved into the operations of Storm-2603, a recently identified threat actor linked to Chinese advanced persistent threat (APT) groups, amid widespread exploitation of Microsoft SharePoint Server vulnerabilities known as “ToolShell.” This campaign exploits four critical…

Read more →

Sonatype’s automated detection systems have uncovered an expansive and ongoing infiltration of the global open-source ecosystem by the notorious Lazarus Group, a threat actor believed to be backed by North Korea’s Reconnaissance General Bureau. Between January and July 2025, Sonatype…

Read more →

Threat actors are leveraging Microsoft 365’s Direct Send feature to launch sophisticated phishing campaigns that mimic internal organizational emails, eroding trust and heightening the success rate of social engineering exploits. This feature, designed for unauthenticated relaying of messages from devices…

Read more →

Chinese-speaking threat actors have used the PlayPraetor Remote Access Trojan (RAT) to infiltrate more than 11,000 Android devices globally in a sophisticated Malware-as-a-Service (MaaS) operation. This allows for on-device fraud (ODF) by controlling the device in real time. First investigated…

Read more →

Microsoft Threat Intelligence has exposed a sophisticated cyberespionage operation orchestrated by the Russian state-sponsored actor tracked as Secret Blizzard, which has been actively compromising foreign embassies in Moscow through an adversary-in-the-middle (AiTM) technique to deploy the custom ApolloShadow malware. This…

Read more →

Illumina Inc., a leading genomic sequencing company, has agreed to pay $9.8 million to settle federal allegations that it knowingly sold cybersecurity-vulnerable genomic sequencing systems to government agencies while misrepresenting their security standards. The settlement resolves claims spanning over seven…

Read more →

Microsoft has announced a significant new feature for IT administrators that will enhance network monitoring capabilities within Microsoft Teams. Starting September 2025, administrators will gain access to silent, 60-second test call functionality designed to proactively monitor network performance and identify…

Read more →

Threat actors are leveraging sophisticated phishing campaigns by creating fake Microsoft OAuth applications to impersonate legitimate enterprises, enabling credential theft while bypassing multifactor authentication (MFA). Proofpoint researchers have tracked this activity since early 2025, identifying over 50 impersonated applications, including…

Read more →

A significant privacy breach has emerged in the artificial intelligence landscape, as ChatGPT shared conversations are being indexed by major search engines, effectively transforming private exchanges into publicly discoverable content accessible to millions of users worldwide. This discovery has exposed…

Read more →

Cybercriminals are increasingly exploiting link wrapping features from vendors like Proofpoint and Intermedia to mask malicious payloads, leveraging the inherent trust users place in these security tools. Link wrapping, intended as a protective measure, reroutes URLs through vendor scanning services…

Read more →

The Pakistan-linked threat group APT36, also known as Transparent Tribe, has broadened its cyber operations beyond traditional military targets to encompass Indian railways, oil and gas infrastructure, and the Ministry of External Affairs. Security researchers have uncovered two sophisticated desktop-based…

Read more →

Outflank is pioneering the integration of large language models (LLMs) to expedite research and development workflows while maintaining rigorous quality standards. This approach allows teams to focus on refining and testing techniques for their Outflank Security Tooling (OST) suite, which…

Read more →

Microsoft announced a significant security enhancement for Excel users, revealing plans to block external workbook links to unsafe file types by default starting in October 2025. This major change aims to strengthen workbook security by preventing potential security vulnerabilities that…

Read more →

Cybersecurity researchers have a massive incentive to target WhatsApp this fall, as the Zero Day Initiative (ZDI) announced a record-breaking $1 million bounty for a zero-click remote code execution exploit against the popular messaging platform at Pwn2Own Ireland 2025. The…

Read more →

Cybersecurity researchers have uncovered a concerning new attack vector where threat actors are exploiting free trials of endpoint detection and response (EDR) software to disable existing security protections on targeted systems. This technique, dubbed “BYOEDR” (Bring Your Own EDR), represents…

Read more →

Microsoft has announced significant enhancements to its .NET Bounty Program, introducing expanded coverage, streamlined award structures, and substantially increased financial incentives for security researchers. The updated program now offers maximum rewards of USD 40,000 for critical vulnerabilities affecting .NET and…

Read more →

A significant cybersecurity crisis has emerged with the discovery of over 17,000 Microsoft SharePoint servers exposed to internet-based attacks, including 840 systems vulnerable to a critical zero-day vulnerability that Chinese threat actors are actively exploiting. The vulnerability, designated CVE-2025-53770 and…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has made a significant contribution to the cybersecurity community by publicly releasing Thorium, a powerful open-source platform designed to revolutionize malware analysis and digital forensics operations. This announcement marks a major milestone in…

Read more →

A small increase in targeted cyberattacks that make use of Remote Monitoring and Management (RMM) capabilities that are embedded in PDF documents has been seen by WithSecure. These campaigns primarily focus on organizations in France and Luxembourg, employing socially engineered…

Read more →

Unit 42, the threat research division of Palo Alto Networks, has unveiled its Attribution Framework, designed to transform the traditionally subjective process of threat actor attribution into a structured, evidence-based science. Drawing on the foundational Diamond Model of Intrusion Analysis,…

Read more →

Ransomware activity has skyrocketed in the ever-evolving cyber threat landscape, with Bitsight’s State of the Underground 2025 study indicating a 53% increase in ransomware group-operated leak sites and a roughly 25% increase in unique victims reported on leak sites throughout…

Read more →

Ransomware affiliates associated with groups like Ryuk, Conti, and Diavol have increasingly relied on the modular TrickBot malware to facilitate sophisticated extortion campaigns, resulting in over US$724 million in cryptocurrency theft. Originally emerging in 2016 as a banking Trojan, TrickBot…

Read more →

The Knownsec 404 Advanced Threat Intelligence Team has lately discovered increased activity from the Silver Fox cybercrime gang, which has been using fake versions of popular programs as weapons to spread malware in a complex cyber threat landscape. Tracing back…

Read more →

Singapore’s recent disclosure of an ongoing cyberattack by the advanced persistent threat (APT) group UNC3886 on critical infrastructure highlights a deliberate strategy favoring technical attribution over overt political linkages. Coordinating Minister for National Security K. Shanmugam announced during the Cyber…

Read more →

Researchers at zLabs have been closely monitoring the DoubleTrouble banking trojan, a rapidly evolving malware strain that has shifted its tactics to exploit unsuspecting users across Europe. Initially disseminated via phishing websites mimicking reputable banks, the trojan has now adapted…

Read more →

Security researchers have discovered critical BIOS vulnerabilities affecting Lenovo’s IdeaCentre and Yoga All-in-One desktop computers that could allow privileged attackers to execute arbitrary code and potentially compromise system security at the firmware level. Critical Security Flaws Discovered in Popular Desktop…

Read more →

A Bangalore-based technology professional has been arrested in connection with a massive cryptocurrency theft worth approximately ₹379 crore ($44 million) from the popular Indian crypto exchange CoinDCX, according to law enforcement officials. The arrest represents one of the most significant…

Read more →

The Russian state-sponsored threat actor APT28, also known as Fancy Bear or Forest Blizzard, has deployed LameHug, the first publicly documented malware leveraging large language models (LLMs) for automated command generation and execution. According to a recent CERT-UA report, this…

Read more →

Spanish authorities have successfully apprehended a sophisticated cybercriminal who allegedly stole sensitive data from major financial institutions, educational organizations, and private companies across the country. The arrest represents a significant victory in the ongoing battle against cybercrime targeting Spanish citizens…

Read more →

A SentinelLABS investigation has revealed that businesses linked to the Chinese advanced persistent threat (APT) group Hafnium, also known as Silk Typhoon, have submitted more than ten patents for highly intrusive forensics and data exfiltration methods. These patents, registered by…

Read more →

A newly analyzed Malware-as-a-Service (MaaS) infostealer, NOVABLIGHT, has emerged as a significant cybersecurity threat, targeting unsuspecting users with advanced data theft capabilities. Developed and sold by the Sordeal Group, a threat actor demonstrating French-language proficiency, NOVABLIGHT is marketed as an…

Read more →

Cybersecurity researchers successfully exploited critical zero-day vulnerabilities in two discontinued network security devices during DistrictCon’s inaugural Junkyard competition in February, earning runner-up recognition for Most Innovative Exploitation Technique. The findings highlight the persistent security risks posed by end-of-life hardware that…

Read more →

A Raspberry Pi device that was directly attached to an internal network switch was used by the financially motivated threat actor group UNC2891 to breach ATM networks in a sophisticated cyber campaign that targeted banking infrastructure. This embedded hardware, equipped…

Read more →

A critical security vulnerability has been discovered in SUSE Manager that enables attackers to execute arbitrary commands with root privileges without any authentication. The flaw, designated as CVE-2025-46811, represents a severe threat to organizations using affected SUSE Manager deployments and…

Read more →

Sonatype’s automated malware detection systems have exposed a large-scale and ongoing cyber infiltration campaign orchestrated by the North Korea-backed Lazarus Group, also known as Hidden Cobra. Between January and July 2025, Sonatype identified and blocked 234 unique malware packages attributed…

Read more →

Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected systems without authentication. The vulnerability, tracked as CVE-2025-54309, has been assigned a maximum CVSS score of…

Read more →

Cybersecurity giant Palo Alto Networks announced a landmark $25 billion acquisition of identity security leader CyberArk on July 30, 2025, marking the company’s formal entry into the rapidly growing Identity Security market. The strategic combination represents a significant premium and…

Read more →

A cybercriminal group has allegedly infiltrated Nokia’s internal network through a vulnerable third-party contractor, potentially exposing sensitive information belonging to more than 94,500 employees in what security experts are calling one of the most extensive corporate data breaches affecting the…

Read more →

A sophisticated cyberattack campaign disrupted the Russian IT industry and entities in several other countries, leveraging advanced evasion techniques to deploy the notorious Cobalt Strike Beacon. Attackers ingeniously concealed payload information within user profiles on platforms like GitHub, Microsoft Learn…

Read more →

Cybercriminals affiliated with the Qilin ransomware-as-a-service (RaaS) operation have demonstrated advanced evasion techniques by exploiting a previously undocumented vulnerable driver, TPwSav.sys, to disable Endpoint Detection and Response (EDR) systems through a bring-your-own-vulnerable-driver (BYOVD) attack. First observed in July 2022, Qilin…

Read more →

Sophos analysts have identified a novel infection chain employed by the financially motivated cybercriminal group GOLD BLADE, also known as RedCurl, Red Wolf, and Earth Kapre, to deploy their custom RedLoader malware on Windows systems. This group, active since 2018…

Read more →

Threat actors have revived the sophisticated VIP keylogger malware, previously detailed in an earlier white paper for its use of spear-phishing and steganography to infiltrate systems and steal data from web browsers and user credentials. This iteration introduces an AutoIt-based…

Read more →

Cybersecurity researchers from Flashpoint have exposed the intricate tactics employed by North Korean threat actors to infiltrate global organizations through remote work vulnerabilities. These operatives, affiliated with the Democratic People’s Republic of Korea (DPRK), masquerade as legitimate freelance developers, IT…

Read more →

Large language model (LLM)-powered honeypots are becoming increasingly complex instruments for luring and examining threat actors in the rapidly changing field of cybersecurity. A recent deployment using Beelzebub, a low-code honeypot framework, demonstrated how such systems can simulate vulnerable SSH…

Read more →

Apple has released a comprehensive set of security updates across its entire product ecosystem on July 29, 2025, addressing multiple vulnerabilities including a critical Safari flaw that was reportedly exploited in Chrome zero-day attacks. The updates span iOS, iPadOS, macOS,…

Read more →

A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim count due to underreporting and delayed detections. The attacks, first identified last week by Dutch…

Read more →

The maritime sector, which facilitates approximately 90% of international trade, is facing an unprecedented surge in sophisticated cyberattacks from advanced persistent threat (APT) groups, ransomware operators, and hacktivists, driven by escalating geopolitical conflicts. According to a recent Cyble intelligence report,…

Read more →

Dropbox has announced the discontinuation of its Passwords service, giving users until October 28, 2025, to export their stored credentials before the feature is permanently shut down. The cloud storage company is phasing out the password management tool as part…

Read more →

The Contagious Interview campaign conducted by the Lazarus Group continues to expand its capabilities. We have observed an exponential evolution in the delivery mechanisms for the campaign’s main payloads: BeaverTail, InvisibleFerret, and OtterCookie. In this article, we will discuss the…

Read more →

BeyondTrust has disclosed a critical privilege escalation vulnerability in its Privilege Management for Windows solution that could allow local authenticated attackers to gain administrator-level access to compromised systems. The security flaw, tracked as CVE-2025-2297, affects versions before 25.4.270.0 and carries a…

Read more →