Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

CyberArmor analysts have uncovered a meticulously crafted phishing campaign that has already compromised over 2,000 devices by exploiting the trusted theme of Social Security Administration (SSA) statements. Cybercriminals behind this operation deployed a highly convincing email lure masquerading as an…

Read more →

A highly coordinated phishing campaign impersonating various U.S. state Departments of Motor Vehicles (DMVs) has emerged as a significant threat, targeting citizens across multiple states with the intent to harvest personal and financial data. This sophisticated operation employs SMS phishing,…

Read more →

A notorious threat actor known as “xperttechy” is actively promoting a new version of the EagleSpy remote access Trojan (RAT), dubbed EagleSpy v5, on a prominent dark web forum. Marketed as a “lifetime activated” tool, EagleSpy v5 is raising alarms…

Read more →

A critical security flaw has been discovered and patched in the Zimbra Collaboration Suite (ZCS) Classic Web Client, exposing millions of business users to the risk of arbitrary JavaScript execution through stored cross-site scripting (XSS). Tracked as CVE-2025-27915, this vulnerability…

Read more →

 In a landmark move for the artificial intelligence industry, Google Cloud has donated its Agent2Agent (A2A) protocol to the Linux Foundation, marking a significant step toward open, secure, and interoperable communication between AI agents. The announcement was made at the…

Read more →

The National Cyber Security Centre (NCSC) has issued a critical alert regarding a newly identified malware, dubbed SHOE RACK, which has been observed targeting Fortinet firewalls and other perimeter devices. Developed using the Go 1.18 programming language, this malicious software…

Read more →

A critical vulnerability (CVE-2025-52562) in Performave Convoy—a KVM server management panel widely used by hosting providers—enables unauthenticated attackers to execute arbitrary code on affected systems. Rated the maximum CVSS score of 10.0, this flaw exposes servers to complete compromise without…

Read more →

The Department of Homeland Security (DHS) has raised alarms over an increasing wave of low-level cyberattacks targeting U.S. networks, orchestrated by pro-Iranian hacktivist groups. This warning comes in the wake of heightened geopolitical tensions following the United States’ military strikes…

Read more →

A newly disclosed security vulnerability in OPPO’s widely used Clone Phone app has raised significant concerns over user privacy, as it exposes sensitive data through a weakly secured WiFi hotspot. The flaw, cataloged as CVE-2025-27387, has been rated as high…

Read more →

Cybersecurity researchers and targeted individuals have reported a highly sophisticated scam orchestrated by suspected North Korean hackers. This attack, disguised as a legitimate Zoom meeting, leverages advanced social engineering techniques to trick professionals into compromising their systems. The campaign, which…

Read more →

Security researchers at SecurityScorecard have uncovered a sprawling cyber-espionage campaign orchestrated by the LapDogs Operational Relay Box (ORB) Network, a sophisticated infrastructure compromising over 1,000 devices worldwide. Identified as a key tool for China-Nexus threat actors, LapDogs primarily targets Small…

Read more →

The Wordfence Threat Intelligence Team uncovered a sophisticated malware campaign during a routine site cleanup, revealing a family of malicious code targeting WordPress and WooCommerce platforms. This campaign, which dates back to September 2023 as per their Threat Intelligence platform,…

Read more →

A critical security vulnerability, tracked as CVE-2024-45347, has been discovered in Xiaomi’s Mi Connect Service App, exposing millions of users to the risk of unauthorized access to their smart devices. The flaw, which received a CVSS severity score of 9.6,…

Read more →

As artificial intelligence (AI) becomes a cornerstone of modern industry, the Open Web Application Security Project (OWASP) has announced the release of its AI Testing Guide—a comprehensive framework designed to help organizations identify and mitigate vulnerabilities unique to AI systems.…

Read more →

A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users at risk of remote code execution (RCE) attacks. Tracked as CVE-2025-6218 and assigned a CVSS score of 7.8 (High), this…

Read more →

A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller—cloud networking software used to manage multi-cloud environments. The flaws enable full system compromise through an authentication bypass (CVE-2025-2171) followed by authenticated command injection (CVE-2025-2172). Authentication Bypass (CVE-2025-2171)…

Read more →

A groundbreaking AI jailbreak technique, dubbed the “Echo Chamber Attack,” has been uncovered by researchers at Neural Trust, exposing a critical vulnerability in the safety mechanisms of today’s most advanced large language models (LLMs). Unlike traditional jailbreaks that rely on…

Read more →

A critical privilege escalation vulnerability (CVE-2025-49144) in Notepad++ v8.8.1 enables attackers to achieve full system control through a supply-chain attack. The flaw exploits the installer’s insecure search path behavior, allowing unprivileged users to escalate privileges to NT AUTHORITY\SYSTEM with minimal user interaction.…

Read more →

Google has revealed a thorough protection technique aimed at indirect prompt injection attacks, a subtle but powerful threat, marking a major advancement in cybersecurity in the age of generative AI. Unlike direct prompt injections, where malicious commands are overtly inserted…

Read more →

The national team for responding to cyber incidents, CERT-UA, has exposed a sophisticated cyberattack targeting the information and communication system (ICS) of a central executive body in March-April 2024. During the implementation of response measures, a technical device running a…

Read more →