Cisco Talos has uncovered a sophisticated and destructive cyberattack targeting a critical infrastructure entity in Ukraine, deploying a previously unknown wiper malware dubbed “PathWiper.” This attack, attributed with high confidence to a Russia-nexus advanced persistent threat (APT) actor, showcases the…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
HUMAN’s Satori Threat Intelligence and Research team, in collaboration with Google, Trend Micro, and Shadowserver, has uncovered and partially disrupted a massive cyber fraud operation named BADBOX 2.0. This operation, an evolved iteration of the original BADBOX malware disclosed in…
Paste.ee Turned Cyber Weapon: XWorm and AsyncRAT Delivered by Malicious Actors
The widespread text-sharing website Paste.ee has been used as a weapon by bad actors to spread powerful malware strains like XWorm and AsyncRAT, which is a worrying trend for cybersecurity professional. This tactic represents a significant shift in phishing and…
PoC Exploit Released for Apache Tomcat DoS Vulnerability
A critical memory leak vulnerability in Apache Tomcat’s HTTP/2 implementation (CVE-2025-31650) has been weaponized, enabling unauthenticated denial-of-service attacks through malformed priority headers. The flaw affects Tomcat versions 9.0.76–9.0.102, 10.1.10–10.1.39, and 11.0.0-M2–11.0.5, with public exploits already circulating 12. Vulnerability Mechanics and…
Hackers Exploit Roundcube Vulnerability to Steal User Credentials via XSS Attack
A recent spearphishing campaign targeting Polish entities has been attributed with high confidence to the UNC1151 threat actor, a group linked to Belarusian state interests and, according to some sources, Russian intelligence services. CERT Polska reports that the attackers leveraged…
Iranian APT ‘BladedFeline’ Remains Hidden in Networks for 8 Years
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks of Kurdish and Iraqi government officials for nearly eight years. First identified in 2017 through attacks…
ViperSoftX Malware Enhances Modularity, Stealth, and Persistence Techniques
The cybersecurity landscape witnessed the emergence of new PowerShell-based malware samples circulating in underground forums and threat-hunting communities, marking a significant evolution of the notorious ViperSoftX stealer. This updated variant, building on its 2024 predecessor, showcases remarkable advancements in modularity,…
New Chaos RAT Targets Linux and Windows Users to Steal Sensitive Data
A new wave of cyber threats has emerged with the discovery of updated variants of Chaos RAT, a notorious open-source remote administration tool (RAT) first identified in 2022. As reported by Acronis TRU researchers in their recent 2025 analysis, this…
China Accuses Taiwan of Operating APT Groups with US Support
China has accused Taiwan’s Democratic Progressive Party (DPP) authorities of orchestrating a series of sophisticated cyber attacks through Advanced Persistent Threat (APT) groups. Referred to as “T-APTs,” these groups are allegedly supported by Taiwan’s Information, Communications and Electronic Force Command…
Beware of Fake Zoom Client Downloads Granting Attackers Access to Your Computer
In the wake of the COVID-19 pandemic, collaborative tools like Microsoft Teams, Zoom, and WebEx have become indispensable for remote work, enabling seamless communication with colleagues and clients. However, their widespread adoption has also made them prime targets for cybercriminals.…
WordPress Admins Cautioned About Fake Cache Plugin Stealing Admin Credentials
A newly identified malicious plugin, dubbed “wp-runtime-cache,” has been discovered targeting WordPress sites with a sophisticated method to steal admin credentials. Disguised as a caching plugin, this malware lurks in the wp-content/plugins directory, evading detection by hiding from the WordPress…
Members of ViLE Hacker Group Arrested for Hacking DEA Portal
Two members of the cybercriminal group “ViLE” were sentenced this week in Brooklyn federal court for their roles in a high-profile hacking and extortion scheme targeting a U.S. federal law enforcement web portal. Sagar Steven Singh, known online as “Weep,”…
Odoo Employee Database Allegedly Exposed and Put Up for Sale on Dark Web
A data breach has reportedly struck Odoo, a leading Belgian provider of open-source business management software. On June 5, 2025, a 63.4MB employee database—allegedly sourced through a “collaborative effort with a senior insider”—was advertised for sale on a dark web…
Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem
Dell Technologies has issued a critical security advisory (DSA-2025-208) for its PowerScale OneFS operating system, addressing multiple vulnerabilities that could allow malicious actors to compromise affected systems. The most severe of these vulnerabilities, tracked as CVE-2024-53298, involves a missing authorization…
TA397 Hackers Exploits Scheduled Tasks to Deploy Malware on Targeted Systems
A recent in-depth analysis by Proofpoint Threat Research has shed light on the sophisticated operations of TA397, also known as Bitter, a suspected state-backed threat actor highly likely aligned with Indian intelligence interests. Identified as an espionage-focused group, TA397 has…
Wireshark Vulnerability Allows Attackers to Launch DoS Attacks
A critical security vulnerability, tracked as CVE-2025-5601, was disclosed on June 4, 2025, affecting Wireshark versions 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12. This flaw, identified as “Dissection engine crash” (wnpa-sec-2025-02), stems from a bug in the column utility module…
Hackers Exploit New HTML Trick to Deceive Outlook Users into Clicking Malicious Links
Cybersecurity researchers have encountered a cleverly crafted phishing email targeting Czech bank customers, employing a lesser-known but highly deceptive technique to bypass security mechanisms and trick users into clicking malicious links. At first glance, the email appears to be a…
VMware NSX XSS Vulnerability Exposes Systems to Malicious Code Injection
Broadcom has issued a high-severity security advisory (VMSA-2025-0012) for VMware NSX, addressing three newly discovered stored Cross-Site Scripting (XSS) vulnerabilities: CVE-2025-22243, CVE-2025-22244, and CVE-2025-22245. These vulnerabilities impact the NSX Manager UI, gateway firewall, and router port components, exposing organizations to…
Researcher Found 6 Critical Vulnerabilities in NetMRI Allow Attackers Gain Complete Admin Access
In a Rhino Security Labs, six critical vulnerabilities have been identified in Infoblox’s NetMRI network automation and configuration management solution, specifically version 7.5.4.104695 of the virtual appliance. These security flaws, ranging from unauthenticated command injection to hardcoded credentials and arbitrary…
830 Organizations Hacked via Glitch-hosted Phishing Attack Uses Telegram & Fake CAPTCHAs
Netskope Threat Labs reported a staggering 3.32-fold increase in traffic to phishing pages hosted on the Glitch platform, a browser-based web development tool that allows users to create and deploy web apps with free subdomains. This alarming spike has impacted…