Cybersecurity researchers are highlighting a dangerous attack technique that combines rogue IPv6 configuration with NTLM credential relay to achieve complete Active Directory domain compromise, exploiting default Windows configurations that most organizations leave unchanged. Attack Leverages Default Windows IPv6 Behavior The…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
22-year-old Operator of ‘Rapper Bot’ Botnet Charged for Launching 3 Tbps DDoS Attack
Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant victory in the ongoing battle against cybercriminal infrastructure. Ethan Foltz of Eugene, Oregon, faces federal charges…
Operator of ‘Rapper Bot’ DDoS Botnet Faces Charges
Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant victory in the ongoing battle against cybercriminal infrastructure. Ethan Foltz of Eugene, Oregon, faces federal charges…
CISA Issues Four ICS Advisories on Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released four critical Industrial Control Systems (ICS) advisories on August 19, 2025, alerting organizations to current security vulnerabilities and potential exploits affecting critical infrastructure systems. These advisories provide essential information for administrators and…
Apple Confirms Critical 0-Day Under Active Attack – Immediate Update Urged
Apple has issued an emergency security update for iOS 18.6.2 and iPadOS 18.6.2 to address a critical zero-day vulnerability that the company confirms is being actively exploited in sophisticated attacks against targeted individuals. The update, released on August 20, 2025,…
Critical Flaw in Apache Tika PDF Parser Exposes Sensitive Data to Attackers
A critical XML External Entity (XXE) vulnerability has been discovered in Apache Tika’s PDF parser module, potentially allowing attackers to access sensitive data and compromise internal systems. The flaw, tracked as CVE-2025-54988, affects a wide range of Apache Tika deployments…
PromptFix Exploit Forces AI Browsers to Execute Hidden Malicious Commands
Cybersecurity researchers have uncovered critical vulnerabilities in AI-powered browsers that allow attackers to manipulate artificial intelligence agents into executing malicious commands without user knowledge, introducing what experts are calling a new era of “Scamlexity” in digital security threats. The research,…
RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions
A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous I/O interface to bypass Endpoint Detection and Response (EDR) systems. This sophisticated agent minimizes reliance on traditional system calls like…
Google Unveils Enhanced Features to Empower Defenders and Strengthen AI Security
Google Cloud has announced a suite of advanced security enhancements at the 2025 Security Summit, aimed at fortifying AI ecosystems and leveraging artificial intelligence to elevate organizational defenses. These updates focus on proactive vulnerability detection, automated threat intelligence processing, and…
Threat Actors Impersonate as Google Support to Sniff Out Your Login Credentials
Threat actors are posing as Google support agents in an increasing number of complex social engineering attacks in order to take advantage of account recovery tools and obtain user credentials without authorization. These campaigns leverage legitimate-looking communication channels, such as…
QuirkyLoader: A New Malware Loader Spreading Infostealers and Remote Access Trojans (RATs)
IBM X-Force has tracked QuirkyLoader, a sophisticated loader malware deployed by threat actors to distribute prominent families such as Agent Tesla, AsyncRAT, FormBook, MassLogger, Remcos, Rhadamanthys, and Snake Keylogger. This multi-stage threat initiates through spam emails from legitimate providers or…
Ransomware Attacks in Japan Surge by 1.4 Times, Signaling a Significant Increase in Cyber Threats
Japan saw a significant increase in ransomware attacks in the first half of 2025, with incidences increasing by about 1.4 times over the same period the year before. According to a detailed investigation by Cisco Talos, 68 ransomware cases targeted…
Threat Actors Exploit GenAI Platforms to Craft Sophisticated and Realistic Phishing Attacks
The proliferation of generative AI (GenAI) platforms has revolutionized web-based services, enabling rapid code assistance, natural language processing, chatbot deployment, and automated site construction. However, telemetry data reveals a concerning evolution in the GenAI ecosystem, where threat actors are increasingly…
Scaly Wolf Unleashing Attacks to Expose Organizations’ Hidden Secrets
The Scaly Wolf advanced persistent threat (APT) gang has once again targeted a Russian engineering company in a sophisticated targeted attack that was discovered by Doctor Web’s analysts. This shows that the group is determined to obtain corporate secrets. This…
Serial Hacker Sentenced for Defacing and Hacking Organizational Websites
Al-Tahery Al-Mashriky, 26, of Rotherham, South Yorkshire, was given a 20-month prison sentence for several charges of illegal computer access and data exfiltration, part of a major crackdown on ideologically driven cyberthreats. Al-Mashriky, affiliated with extremist hacking collectives such as…
CERT/CC Issues Alert on Critical Flaws in Workhorse Municipal Accounting Software
The Computer Emergency Response Team Coordination Center (CERT/CC) has issued a critical security advisory warning of severe vulnerabilities in Workhorse Software Services’ municipal accounting software that could enable unauthorized access to sensitive government financial data and personally identifiable information. The…
Copilot Vulnerability Lets Attackers Bypass Audit Logs and Gain Hidden Access
A critical vulnerability in Microsoft’s M365 Copilot allowed users to access sensitive files without leaving any trace in audit logs, creating significant security and compliance risks for organizations worldwide. The flaw, discovered in July 2024, remained largely hidden from customers…
Legitimate Chrome VPN with 100K+ Installs Secretly Captures Screenshots and Exfiltrates Sensitive Data
A Chrome extension marketed as FreeVPN.One, boasting over 100,000 installations, a verified badge, and featured placement in the Chrome Web Store, has been exposed as spyware that silently captures screenshots of users’ browsing activities and exfiltrates them to remote servers.…
Microsoft Issues Emergency Patch for Windows Reset and Recovery Bug
Microsoft has released an emergency out-of-band security update to address a critical issue affecting Windows reset and recovery operations across multiple versions of the operating system. The patch, released on August 19, 2025, resolves problems that emerged after users installed…
Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems
Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts on corporate systems and steal sensitive session data. The discovery highlights significant security gaps in enterprise AI implementations and raises…