Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A North Korean-affiliated threat actor called Famous Chollima (also known as Wagemole) has launched a sophisticated remote access trojan (RAT) campaign against Windows and MacOS devices, a concerning development discovered by Cisco Talos in May 2025. This group, suspected to…

Read more →

Russia’s sophisticated cyber warfare strategy emerges as a calculated blend of state power and non-state agility, leveraging private companies, hacktivists, and criminal proxies to amplify its digital dominance. The roots of this hybrid model trace back to the collapse of…

Read more →

The Sysdig TRT has uncovered critical vulnerabilities in the GitHub Actions workflows of several high-profile open source projects, including those maintained by MITRE and Splunk. GitHub Actions, a popular platform for automating CI/CD pipelines, offers immense flexibility for developers but…

Read more →

Microsoft has announced a significant enhancement to its Office 365 Defender suite with the introduction of Mail Bombing Detection, a new feature designed to combat the rising threat of email bombing attacks. This capability will be rolled out globally, starting…

Read more →

Mobile wallets like Apple Pay and Google Pay (GPay) have revolutionized the way we pay, offering speed and convenience that traditional cards can’t match. But as recent research and real-world incidents show, these digital wallets are not immune to attack.…

Read more →

A recent vulnerability has been discovered in the Zyxel NWA50AX Pro, a WiFi 6 access point for small businesses, exposing it to an n-day flaw that allows arbitrary file deletion via a misconfigured CGI endpoint. This issue, tracked as CVE-2024-29974,…

Read more →

F6, a leading developer of technologies to combat cybercrime, has reported the emergence of SuperCard, a malicious modification of the legitimate NFCGate program, now targeting Android users globally, with recent attacks recorded in Russia. Initially detected in Europe during spring…

Read more →

A highly coordinated phishing campaign surfaced, targeting U.S. citizens by impersonating various state Departments of Motor Vehicles (DMVs). This widespread attack utilized SMS phishing, or “smishing,” as its primary delivery vector, bombarding victims with alarming text messages about fictitious unpaid…

Read more →

The RapperBot botnet has resurfaced with unprecedented aggression, targeting network edge devices in a staggering series of over 50,000 attacks. Identified and detailed by researchers at Qianxin XLab, this botnet represents a sophisticated threat to Internet of Things (IoT) ecosystems,…

Read more →

VMware has officially announced the general availability of VMware Cloud Foundation (VCF) 9.0, marking a significant leap in private cloud technology designed to meet the demands of AI, data-intensive workloads, and modern enterprise operations. For years, organizations faced a stark…

Read more →

The rapid evolution of large language models (LLMs) has not only transformed legitimate industries but has also found its way into the hands of cybercriminals. WormGPT, a notorious blackhat AI tool, has recently resurfaced in enhanced forms powered by advanced…

Read more →

Google has released a crucial security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out as version 137.0.7151.119/.120 for Windows and Mac, and 137.0.7151.119…

Read more →

Qilin ransomware has emerged as a formidable force, rapidly ascending to prominence amid the collapse of once-dominant groups like RansomHub and LockBit in 2025. Active since October 2022, Qilin has solidified its position through a sophisticated Ransomware-as-a-Service (RaaS) model, offering…

Read more →

Cybercriminals are increasingly exploiting a deceptive social engineering technique known as ClickFix to initiate multi-stage cyberattacks, delivering remote access trojans (RATs) and data-stealing malware with alarming efficiency. First identified in March 2024, ClickFix manipulates users into executing malicious PowerShell commands…

Read more →

FortiGuard Labs has uncovered a formidable new strain of malware, dubbed Winos 4.0, targeting Microsoft Windows users, with a particular focus on individuals in Taiwan. First detected in January 2025, this malicious campaign leverages cunning phishing tactics, masquerading as communications…

Read more →

The Qualys Threat Research Unit (TRU) has uncovered two interconnected local privilege escalation (LPE) vulnerabilities—CVE-2025-6018 and CVE-2025-6019—that together enable attackers to gain full root access on a wide range of Linux distributions with minimal effort.  These flaws impact both desktop…

Read more →

A significant data breach has rocked Sweden’s Scania Financial Services, as a threat actor operating under the alias “hensi” claims to have infiltrated the subdomain insurance.scania.com, exfiltrating a trove of sensitive files and offering them for sale on underground forums. …

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding active exploitation of a critical Linux kernel vulnerability, tracked as CVE-2023-0386, which has now been added to the Known Exploited Vulnerabilities (KEV) Catalog. This flaw, rooted in the…

Read more →

A critical vulnerability, dubbed “GerriScary,” has been discovered in Google’s Gerrit code-collaboration platform, putting at least 18 major Google projects—including ChromiumOS, Chromium, Dart, and Bazel—at risk of unauthorized code submissions by hackers.  This flaw, uncovered by Tenable Cloud Research, highlights…

Read more →

Two critical vulnerabilities have been discovered in Citrix NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), potentially exposing sensitive data to hackers and putting enterprise networks at significant risk.  The flaws, identified as CVE-2025-5349 and CVE-2025-5777, have…

Read more →