Ukraine’s national cyber incident response team, CERT-UA, has issued an urgent warning about a new malware campaign that weaponizes Excel add-in (XLL) files to deploy the CABINETRAT backdoor. Throughout September 2025, CERT-UA analysts discovered multiple malicious XLL files masquerading as…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Chinese State-Sponsored Hackers Exploiting Network Edge Devices to Harvest Sensitive Data
Chinese state-sponsored cyber threat group Salt Typhoon has been targeting global telecommunications infrastructure since at least 2019, exploiting network edge devices to establish deep persistence and harvest vast quantities of sensitive data. Aligned with the Ministry of State Security (MSS),…
Senior Travel Scams Used by Threat Actors to Distribute Datzbro Malware
In August 2025, Australian authorities issued multiple scam alerts after users reported suspicious Facebook groups promoting “active senior trips.” What initially appeared as harmless community gatherings concealed a sophisticated mobile malware operation. ThreatFabric researchers uncovered that these groups were managed…
WestJet Confirms Data Breach Exposing Customer Personal Information
WestJet Airlines has confirmed that a recent cybersecurity incident exposed certain personal information belonging to its customers. The Canadian carrier says the breach took place in mid-June and was discovered on June 13, 2025. Company officials stress that the situation…
Malicious PyPI Package Mimics as SOCKS5 Proxy Tool Attacking Windows Platforms
JFrog’s security research team has identified a malicious PyPI package named SoopSocks that masquerades as a legitimate SOCKS5 proxy utility while stealthily implanting a backdoor on Windows systems. This package leverages automated installation, advanced persistence techniques, and real-time network reconnaissance…
Top 100 World’s Best Cybersecurity Companies in 2025
The digital landscape in 2025 is characterized by unprecedented connectivity and an equally sophisticated array of cyber threats. Organizations face a constant barrage of attacks targeting their data, infrastructure, and reputation. Selecting the right cybersecurity partners has become a mission-critical…
Multiple NVIDIA Flaws Allow Attackers to Escalate Privileges on Systems
NVIDIA has issued a critical security bulletin revealing multiple vulnerabilities in its NVIDIA App software that can enable attackers to escalate privileges on Windows systems. The flaws, addressed in the September 2025 update, stem from improper file handling during the…
New FlipSwitch Hooking Method Overcomes Linux Kernel Defenses
A novel rootkit hooking method dubbed FlipSwitch has emerged, circumventing the latest Linux 6.9 kernel dispatch safeguards and reigniting concerns over kernel-level compromise. By manipulating the machine code of the new syscall dispatcher rather than the deprecated sys_call_table, FlipSwitch restores…
New DNS Malware ‘Detour Dog’ Uses TXT Records to Deliver Strela Stealer
Detour Dog, a stealthy website malware campaign tracked since August 2023, has evolved from redirecting victims to tech-support scams into a sophisticated DNS-based command-and-control (C2) distribution system that delivers the Strela Stealer information stealer via DNS TXT records. Tens of…
Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware
Security researchers have uncovered a new macOS malware campaign in which threat actors are abusing Extended Validation (EV) code-signing certificates to distribute completely undetectable (FUD) disk image (DMG) payloads. While EV certificate abuse has long plagued the Windows ecosystem, its…
Red Hat OpenShift AI Vulnerability Lets Attackers Seize Infrastructure Control
A serious vulnerability in the Red Hat OpenShift AI service (RHOAI) enables attackers with minimal access to escalate privileges and take control of entire clusters. Identified as CVE-2025-10725, the flaw resides in an overly permissive ClusterRole assignment. A low-privileged user,…
Battering RAM Exploit Bypasses Modern Protections in Intel, AMD Cloud Processors
Cloud providers rely on hardware-based memory encryption to keep user data safe. This encryption shields sensitive information like passwords, financial records, and personal files from hackers and curious insiders. Leading technologies such as Intel SGX and AMD SEV-SNP are designed…
Google Publishes Security Hardening Guide to Counter UNC6040 Threats
Google’s Threat Intelligence Group (GTIG) has published a comprehensive guide to help organizations strengthen their SaaS security posture—particularly Salesforce—against UC6040’s sophisticated voice-phishing and malicious connected-app attacks. By combining identity hardening, SaaS-specific controls, and advanced logging and detection, security teams can…
48+ Cisco Firewalls Hit by Actively Exploited 0-Day Vulnerability
Cisco has confirmed two serious vulnerabilities impacting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls. Tracked as CVE-2025-20333 and CVE-2025-20362, both issues allow attackers to run arbitrary code on unpatched devices. Cisco security advisories warn that exploits for both flaws…
Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about critical vulnerabilities in Cisco’s IOS and IOS XE Software SNMP subsystem that are actively being exploited by threat actors. CVE-2025-20352, which involves a stack-based buffer overflow in the…
Microsoft Sentinel Launches AI-Driven Agentic SIEM Platform for Enterprise Security
Organizations face an ever-evolving cyberthreat landscape marked by faster, more complex attacks. Today, Microsoft is answering this call with the general availability of an agentic security platform built on Microsoft Sentinel. This new wave of innovation combines data, context, automation, and intelligent…
Google Gemini Vulnerabilities Let Hackers Steal Saved Data and Live Location
Research has uncovered three significant vulnerabilities in Google’s Gemini AI assistant suite, dubbed the “Gemini Trifecta,” that could have allowed cybercriminals to steal users’ saved data and live location information. The vulnerabilities, which have since been remediated by Google, demonstrate…
MatrixPDF Campaign Evades Gmail Filters to Deliver Malicious Payloads
Cybercriminals are turning a trusted file format against users in a sophisticated new attack campaign. MatrixPDF represents a concerning evolution in social engineering attacks that split malicious activities across multiple platforms to evade detection. PDF files have become the perfect…
Top 10 Best Autonomous Endpoint Management Software In 2025
Managing endpoints effectively has become one of the most critical priorities for IT teams across organizations. With the growing number of devices, operating systems, and hybrid workforce requirements, businesses need smarter and more automated endpoint management solutions. This is where…
New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite
China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the Middle East, and Asia, deploying a newly discovered .NET malware suite called NET-STAR. First tracked by Unit 42 in June…