On May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, which is hosted in the Microsoft Azure cloud environment. The U.S. Cybersecurity and Infrastructure…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Critical Vulnerability in Netwrix Password Manager Enables Authenticated Remote Code Execution
A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used enterprise password management solution, potentially allowing authenticated attackers to execute remote code on other users’ systems. Identified in versions up to 9.2.2, including the specific build…
Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage
Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI) Object Storage and Scaleway Object Storage to propagate sophisticated attacks using the Lumma Stealer malware. This malware-as-a-service (MaaS) infostealer, also known as LummaC2 Stealer, targets…
CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications
Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on critical security flaws in .NET-based desktop applications leveraging CefSharp, a lightweight wrapper around the Chromium Embedded Framework (CEF). CefSharp enables developers to embed Chromium browsers…
Vidar and StealC Malware Delivered Through Viral TikTok Videos by Hackers
A sophisticated social engineering campaign that leverages the viral power of TikTok to distribute dangerous information-stealing malware, specifically Vidar and StealC. This alarming trend marks a shift in cybercriminal tactics, moving away from traditional methods like fake CAPTCHA pages to…
Researchers Warn of ‘Smiao Network’ Cyber Threat Against Taiwan’s Federal Staff
The Foundation for Defense of Democracies (FDD) and cybersecurity firm TeamT5 has exposed an intricate Chinese intelligence operation, dubbed the ‘Smiao Network,’ targeting federal workers in both the United States and Taiwan. This network, linked to the Chinese technology company…
Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware
Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in Cityworks, a widely used asset management system. This critical flaw has been leveraged by a group tracked as UAT-6382, assessed with high confidence to be…
Lumma Stealer Infrastructure Behind Global Attacks on Millions of Users Dismantled
The U.S. Justice Department, in collaboration with the FBI and private sector partners like Microsoft, has announced the disruption of the Lumma Stealer (also known as LummaC2) malware infrastructure. This global operation targeted the notorious Malware-as-a-Service (MaaS) platform, which has…
Malicious VS Code Extensions Target Windows Solidity Developers to Steal Login Credentials
Datadog Security Research has uncovered a targeted malware campaign aimed at Solidity developers on Windows systems, using malicious Visual Studio Code (VS Code) extensions as the initial attack vector. Identified as the work of a single threat actor tracked as…
Hackers Deploy Weaponized npm Packages to Target React and Node.js JavaScript Frameworks
Socket’s Threat Research Team, a series of malicious npm packages have been found lurking in the JavaScript ecosystem for over two years, amassing more than 6,200 downloads. These weaponized packages, targeting popular frameworks like React, Vue.js, Vite, Node.js, and the…
Gujarat Teen Arrested for Orchestrating Over 50 Cyberattacks in ‘Operation Sindoor’
Gujarat Anti-Terrorism Squad (ATS) has apprehended two individuals, including a minor, for orchestrating a series of sophisticated cyber attacks against Indian websites and disseminating anti-national content online. The arrests came as part of “Operation Sindoor,” a targeted cybersecurity initiative that…
Linux Kernel Zero-Day SMB Vulnerability Discovered via ChatGPT
Security researcher has discovered a zero-day vulnerability (CVE-2025-37899) in the Linux kernel’s SMB server implementation using OpenAI’s o3 language model. The vulnerability, a use-after-free bug in the SMB ‘logoff’ command handler, could potentially allow remote attackers to execute arbitrary code…
Cybercriminals Using Trusted Google Domains to Spread Malicious Code
A sophisticated new malvertising scheme has emerged, transforming trusted e-commerce websites into phishing traps without the knowledge of site owners or advertisers. Cybercriminals are exploiting integrations with Google APIs, specifically through JSONP (JSON with Padding) calls, to inject malicious scripts…
Microsoft Expert Reveals the Hidden Dangers of Bad Code on Your PC’s Performance
Microsoft support engineer has identified a subtle but significant memory leak in .NET applications that can gradually consume system resources until computers slow to a crawl or crash completely. The issue, which primarily affects Windows systems running .NET applications, stems…
Cisco Webex Meetings Vulnerability Enables HTTP Response Manipulation
Security researchers have uncovered a vulnerability in Cisco Webex Meetings that could allow remote attackers to manipulate HTTP responses without authentication. The cloud-based vulnerability affects the client join services component of the popular videoconferencing platform. Cisco has already addressed the…
Cisco Unified Intelligence Center Vulnerability Allows Privilege Escalation
Cisco has disclosed two security vulnerabilities in its Unified Intelligence Center that could allow authenticated remote attackers to escalate privileges. The more severe flaw, tracked as CVE-2025-20113, received a CVSS score of 7.1 (High), while the secondary vulnerability, CVE-2025-20114, was…
New NIST Security Metric Aims to Pinpoint Exploited Vulnerabilities
Researchers from the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) have introduced a new security metric designed to improve vulnerability management. The proposed Likely Exploited Vulnerabilities (LEV) metric aims to enhance organizations’…
Versa Concerto 0-Day Flaw Enables Remote Code Execution by Bypassing Authentication
Security researchers have uncovered multiple critical vulnerabilities in Versa Concerto, a widely deployed network security and SD-WAN orchestration platform used by large enterprises, service providers, and government entities. Despite responsible disclosure efforts over a 90-day period, these vulnerabilities remain unpatched,…
Cisco Identity Services RADIUS Vulnerability Allows Attackers to Trigger Denial of Service Condition
Cisco has disclosed a significant security vulnerability in its Identity Services Engine (ISE) that could enable unauthenticated remote attackers to cause denial of service conditions by exploiting flaws in the RADIUS message processing feature. The vulnerability, which was discovered during…
Several GitLab Vulnerabilities Enable Attackers to Launch DoS Attacks
GitLab has issued critical security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with three high-risk flaws enabling denial-of-service (DoS) attacks dominating the threat landscape. The coordinated release of versions 18.0.1, 17.11.3, and 17.10.7…