A critical security vulnerability has been discovered in ImageMagick, the widely used open-source image processing software, that could allow attackers to execute arbitrary code remotely. The vulnerability, tracked as CVE-2025-57803 with a severity score of 9.8 out of 10, affects 32-bit builds of ImageMagick…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Windows 11 25H2 Preview Build Released: Here’s What’s New
Microsoft has begun rolling out the Windows 11, version 25H2 (Build 26200.5074) preview to the Release Preview Channel, offering enthusiasts and enterprise customers an early look at this year’s annual feature update ahead of general availability later in 2025. This…
APT Groups Weaponize Infostealer Malware in Precision Attacks
The cybersecurity landscape has witnessed a dangerous evolution as Advanced Persistent Threat (APT) groups increasingly weaponize opportunistic infostealer malware for sophisticated espionage campaigns. What once served as broad-spectrum credential harvesting tools are now being repurposed into precision instruments of geopolitical…
Hackers Exploit Windows Defender Policies to Shut Down EDR Agents
Cybercriminals are now weaponizing Windows Defender Application Control (WDAC) policies to disable Endpoint Detection and Response (EDR) agents en masse. What began as a proof-of-concept research release in December 2024 has quickly evolved into an active threat, with multiple malware…
Linux UDisks Daemon Vulnerability Lets Attackers Access Privileged User Files
Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts. The vulnerability, tracked as CVE-2025-8067, was publicly released on…
Netskope Windows Client Vulnerability Enables Privilege Escalation via Rogue Server
A serious security vulnerability in Netskope’s Windows client has been discovered that could allow attackers to escalate privileges from a low-privileged user to full system-level access. The flaw, tracked as CVE-2025-0309, affects all versions of the Netskope Windows client prior…
Vulnerabilities in Sitecore CMS Platform Allow Excute Arbitrary Code Remotely
Security researchers at watchTowr Labs have uncovered a devastating chain of vulnerabilities in Sitecore Experience Platform that could allow attackers to completely compromise enterprise websites without authentication. The research reveals how cybercriminals could poison website cache systems, escalate privileges, and…
AI Waifu RAT Exploits Users with Advanced Social Engineering Tactics
A sophisticated new malware campaign has emerged that weaponizes artificial intelligence and social engineering to target niche online communities. Security researchers have identified the “AI Waifu RAT,” a remote access trojan that masquerades as an innovative AI interaction tool while…
Google Urges 2.5B Gmail Users to Reset Passwords After Salesforce Breach
A sophisticated voice phishing operation has emerged as a significant threat to organizations worldwide, with cybercriminals successfully infiltrating Salesforce environments to steal sensitive data and demand ransom payments. Google’s Threat Intelligence Group has identified this financially motivated campaign, designating the…
QNAP Flaw Allows Attackers to Bypass Authentication
QNAP Systems has released security patches to address multiple vulnerabilities affecting QVR firmware in legacy VioStor Network Video Recorder (NVR) systems. The company disclosed two significant security flaws on August 29, 2025, urging users to update their systems immediately to…
Citrix 0-Day Flaw Under Active Exploitation Since May
Security researcher Kevin Beaumont has revealed alarming details about CVE-2025-6543, a critical Citrix NetScaler vulnerability that was actively exploited as a zero-day attack for months before the company issued patches. What Citrix initially downplayed as a simple “denial of service”…
Amazon Takes Down Russian APT29 Infrastructure Targeting Users
Amazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service. The August 2025 operation represents the latest chapter in an ongoing cyber warfare battle between tech…
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks targeting Mac and iOS users. The vulnerability, combined with an OS-level flaw (CVE-2025-43300), has raised…
Weaponized PDFs and LNK Files Used in Windows Attacks
A clandestine campaign in which threat actors are weaponizing a legitimate-looking PDF document, titled “국가정보연구회 소식지 (52호)” (National Intelligence Research Society Newsletter – Issue 52), alongside a malicious Windows shortcut (LNK) file named 국가정보연구회 소식지(52호).pdf.LNK. The attackers distribute both files…
AppSuite PDF Editor Exploit Lets Hackers Run Arbitrary Commands
A sophisticated backdoor in AppSuite PDF Editor that enables threat actors to execute arbitrary commands on compromised Windows systems. Initially flagged as a potentially unwanted program due to its aggressive installation behavior, AppSuite’s true nature was revealed when its malicious…
VS Code Marketplace Abused by Threat Actors to Deliver Malware via Trusted Extensions
A recently uncovered vulnerability in the Visual Studio Code (VS Code) Marketplace has allowed malicious actors to hijack discontinued extension names and slip malware past unsuspecting developers. In June, ReversingLabs (RL) researchers discovered a new malicious extension, ahbanC.shiba, that bore…
VirusTotal Launches Endpoint That Explains Code Functionality for Malware Analysts
Virustotal today unveiled a powerful addition to its Code Insight suite: a dedicated API endpoint that accepts code snippets—either disassembled or decompiled—and returns succinct summaries and detailed descriptions tailored for malware analysts. Launched over two years after the debut of…
Critical Hikvision Vulnerabilities Allow Remote Command Injection
On August 28, 2025, the Hikvision Security Response Center (HSRC) issued Security Advisory SN No. HSRC-202508-01, detailing three critical vulnerabilities affecting various HikCentral products. Collectively assigned CVE identifiers CVE-2025-39245, CVE-2025-39246, and CVE-2025-39247, these vulnerabilities range in severity from moderate to…
Popular Nx Packages Compromised by Credential-Stealing Malware
A widespread supply chain attack on the popular Nx build system has compromised dozens of high-traffic packages, exposing sensitive credentials and demonstrating a frighteningly comprehensive approach to future threats. Security researchers have confirmed that malicious versions of Nx—numbered 20.9.0 through…
TransUnion Data Breach Compromises Over 4 Million Customers
In a significant data breach disclosed by TransUnion LLC, more than 4.4 million consumers had sensitive personal information compromised in late July 2025. The credit reporting agency, headquartered at 555 W. Adams Street in Chicago, Illinois, revealed the incident on…