Cybersecurity researchers have uncovered a sprawling network of over 100 malicious Chrome extensions actively exploiting unsuspecting users. These extensions, masquerading as legitimate tools for productivity, ad-blocking, and browsing enhancement, are designed with nefarious intent stealing sensitive login credentials and executing…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
Ivanti’s Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively abused. The vulnerabilities, initially disclosed by Ivanti on March 13th, 2025, combine an authentication bypass (CVE-2025-4427) and a remote code execution flaw (CVE-2025-4428) to create a…
Malicious Hackers Create Fake AI Tool to Exploit Millions of Users
A concerning development in the field of cybersecurity is the initiation of a sophisticated campaign by hostile actors posing as Kling AI, a well-known AI-powered picture and video synthesis platform that has amassed 6 million users since its June 2024…
Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities
A Research by Tenable and Cisco Talos has shed light on a critical vulnerability in Google Cloud Platform’s (GCP) Cloud Functions and Cloud Build services, revealing a potential attack vector for cybercriminals. According to Tenable, the default Cloud Build Service…
Atlassian Alerts Users to Multiple Critical Vulnerabilities Affecting Data Center Server
Atlassian has released its May 2025 Security Bulletin addressing eight high-severity vulnerabilities affecting multiple enterprise products in its Data Center and Server offerings. The vulnerabilities, discovered through Atlassian’s Bug Bounty program, penetration testing processes, and third-party library scans, pose significant…
Critical Vulnerability in Lexmark Printers Enables Remote Code Execution
Security researchers from DEVCORE discovered the vulnerability through Trend Micro’s Zero Day Initiative (ZDI), marking the third major printer firmware flaw disclosed in 2025 following similar incidents affecting HP and Canon devices. Critical security vulnerability affecting over 150 Lexmark printer…
Kettering Health Experiences System-Wide Outage Due to Ransomware Attack
Kettering Health, a major healthcare provider, has been hit by what appears to be a ransomware attack causing a system-wide technology outage that has severely limited access to critical patient care systems. The attack, which began early Tuesday, May 20,…
New Phishing Attack Uses AES & Malicious npm Packages to Office 365 Login Credentials
Fortra’s Suspicious Email Analysis (SEA) team uncovered a highly sophisticated phishing campaign targeting Microsoft Office 365 (O365) credentials. Unlike typical phishing attempts, this attack stood out due to its intricate use of modern technologies and developer infrastructure. The threat actors…
Attaxion Leads the Way as First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)
Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration of the European Vulnerability Database (EUVD) into its platform. Operated by the European Union Agency for Cybersecurity (ENISA), the EUVD is a publicly accessible vulnerability repository developed…
Critical VMware ESXi & vCenter Flaw Allows Remote Execution of Arbitrary Commands
VMware by Broadcom has released critical security updates to address multiple severe vulnerabilities affecting its virtualization products, with evidence suggesting active exploitation in the wild. The vulnerabilities, tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, affect VMware ESXi, Workstation, Fusion, Cloud Foundation,…
Hazy Hawk Targets DNS Vulnerabilities to Hijack Cloud Resources and Spread Malware
The threat actor gained attention in February 2025 after successfully hijacking a subdomain of the U.S. Centers for Disease Control and Prevention (CDC). Sophisticated threat actor dubbed “Hazy Hawk” has been exploiting DNS misconfigurations since at least December 2023 to…
Critical Vulnerability in Palo Alto GlobalProtect Gateway & Portal Enables Remote Code Execution
Palo Alto Networks has assigned the vulnerability a LOW severity rating but urges administrators to apply patches by upgrading to fixed PAN-OS versions, with timelines extending through August 2025. Reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks’ GlobalProtect gateway and portal…
Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data
A new research report released today by Progressive International, Expose Accenture, and the Movement Research Unit uncovers the sprawling influence of Accenture, the world’s largest consultancy firm, in driving a global wave of surveillance, exclusion, and authoritarianism. The investigation reveals…
More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads
The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as Golden Chickens), continues to exploit human trust through meticulously crafted social engineering. Sold as a Malware-as-a-Service (MaaS) to notorious threat actors like FIN6 and Cobalt Group,…
Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT
Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent Threat (APT) group, deploying intricately crafted PowerShell payloads to deliver the XWorm Remote Access Trojan (RAT). This operation showcases the group’s advanced tactics, leveraging encoded…
RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances
Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed “RedisRaider,” specifically targeting Linux servers with publicly accessible Redis instances. This sophisticated Linux worm employs aggressive propagation techniques and advanced obfuscation to exploit vulnerabilities in misconfigured Redis servers, deploying…
Regeneron to Buy 23andMe for $256M Amid Growing Data Privacy Concerns
Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for genetic testing pioneer 23andMe, offering $256 million for the majority of the company’s assets. Announced Monday, the deal would transfer 23andMe’s consumer genomics business and…
Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and sinnercore that automate the…
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While the campaign…
CISA Includes MDaemon Email Server XSS Flaw in KEV Catalog
Cybersecurity and Infrastructure Security Agency (CISA) has added a cross-site scripting (XSS) vulnerability affecting MDaemon Email Server to its Known Exploited Vulnerabilities (KEV) Catalog on May 19, 2025. This critical addition, identified as CVE-2024-11182, highlights a security flaw that allows…