In a Gen Threat Labs, a complex Traffic Direction System (TDS) dubbed “HelloTDS” has been uncovered, orchestrating the delivery of FakeCaptcha and other malicious campaigns to millions of users worldwide. This elaborate infrastructure employs advanced fingerprinting techniques and social engineering…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias “botsailer” with the associated email anupm019@gmail[.]com, these…
Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT—a groundbreaking AI assistant tailored specifically for the Kali Linux ecosystem,…
Kimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and Telegram
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Facebook, email,…
New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers
A newly identified information-stealing malware, crafted in the Rust programming language, has emerged as a significant threat to users of Chromium-based browsers such as Google Chrome, Microsoft Edge, and others. Dubbed “RustStealer” by cybersecurity researchers, this sophisticated malware is designed…
Hackers Leverage New ClickFix Tactic to Exploit Human Error with Deceptive Prompts
A sophisticated social engineering technique known as ClickFix baiting has gained traction among cybercriminals, ranging from individual hackers to state-sponsored Advanced Persistent Threat (APT) groups like Russia-linked APT28 and Iran-affiliated MuddyWater. This method targets human end users as the weakest…
ClickFix Attack Uses Fake Cloudflare Verification to Silently Deploy Malware
A newly identified social engineering attack dubbed “ClickFix” has emerged as a significant threat, leveraging meticulously crafted fake Cloudflare verification pages to trick users into executing malicious code on their devices. This phishing tactic, disguised as a routine security check,…
Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated with the email address ischhfd83[at]rambler[.]ru. Initially sparked by a customer inquiry into the Sakura RAT, a supposed open-source malware touted…
Beware: Fake AI Business Tools Spreading Hidden Ransomware
As small businesses increasingly adopt artificial intelligence (AI) tools to streamline operations, cybercriminals are seizing the opportunity to deploy ransomware through deceptive campaigns. According to a recent report by Cisco Talos, attackers are masquerading as legitimate AI software providers, embedding…
DragonForce Ransomware Reportedly Compromised Over 120 Victims in the Past Year
DragonForce, a ransomware group first identified in fall 2023, has claimed over 120 victims in the past year, marking its rapid ascent as a formidable player in the ransomware ecosystem. Initially operating under a Ransomware-as-a-Service (RaaS) model, DragonForce has since…
Scattered Spider Hackers Target Tech Company Help-Desk Administrators
A newly identified wave of cyberattacks by the notorious Scattered Spider hacking group has zeroed in on help-desk administrators at major technology companies, leveraging advanced social engineering techniques to breach corporate defenses. Known for their adept use of psychological manipulation,…
ViperSoftX Malware Used by Threat Actors to Steal Sensitive Information
The AhnLab Security Intelligence Center (ASEC) has recently issued a detailed report confirming the persistent distribution of ViperSoftX malware by threat actors, with notable impact on users in South Korea and beyond. First identified by Fortinet in 2020, ViperSoftX is…
Microsoft Unveils European Security Effort to Disrupt Cybercrime Networks
A critical heap-based buffer overflow vulnerability, tracked as CVE-2025-24993, has been discovered in the Windows New Technology File System (NTFS), posing a significant threat to millions of Windows users globally. The flaw, patched during Microsoft’s March 2025 Patch Tuesday, was…
New Mirai Variant Exploits TBK DVR Flaw for Remote Code Execution
The latest wave of Mirai botnet activity has resurfaced with a refined attack chain exploiting CVE-2024-3721, a critical command injection vulnerability in TBK DVR-4104 and DVR-4216 devices. This campaign leverages unpatched firmware to deploy a modified Mirai variant designed for…
U.S. Offers $10M Bounty for Information on RedLine Malware Creator
The US State Department has announced a reward of up to $10 million for information leading to the identification or location of Maxim Alexandrovich Rudometov, the alleged developer and administrator of the notorious RedLine infostealer malware. This action, under the…
Critical RCE Vulnerability in AWS Amplify Studio – PoC Now Public
In May 2025, AWS disclosed a critical remote code execution (RCE) vulnerability, CVE-2025-4318, in the @aws-amplify/codegen-ui package—a core dependency for AWS Amplify Studio’s UI code generation pipeline. The flaw, rated 9.5 on the CVSS scale, stemmed from improper input validation…
ANY.RUN Empowers Government Agencies with Real-Time Threat Detection
Government agencies worldwide are facing an unprecedented wave of cyberattacks, with adversaries employing advanced tactics to breach critical infrastructure and steal sensitive data. Recent case studies analyzed using the ANY.RUN malware analysis platform reveal how attackers are leveraging phishing, domain…
Critical FreeRTOS-Plus-TCP Flaw Allows Code Execution or System Crash
A critical memory corruption vulnerability, tracked as CVE-2025-5688, has been disclosed in FreeRTOS-Plus-TCP, Amazon’s open-source TCP/IP stack widely used in embedded and IoT devices. The flaw, rated 8.4 (High) on the CVSS scale, is rooted in how the stack processes…
Critical RCE Flaw Found in HPE Insight Remote Support Tool
Hewlett-Packard Enterprise (HPE) has released a critical security bulletin addressing multiple high-impact vulnerabilities in its Insight Remote Support (IRS) software, versions prior to 7.15.0.646. These flaws, identified by external researchers and disclosed to HPE, could allow remote attackers to execute…
Chrome Extensions Flaw Exposes Sensitive API Keys, Secrets and Tokens
A critical security flaw has been uncovered in numerous popular Chrome extensions, affecting millions of users worldwide by exposing sensitive credentials such as API keys, secrets, and tokens directly within their source code. This alarming oversight in modern development practices…