Category: gbhackers

New ‘Point-and-Click’ Phishing Kit Evades Security Filters to Deliver Malicious Payloads A new toolkit named Impact Solutions has emerged on cybercrime forums, offering a comprehensive, user-friendly framework for crafting advanced phishing campaigns. By democratizing malware… Go to gbhackers.com

IIS Servers Compromised by Chinese Hackers for SEO Manipulation Cisco Talos has revealed that UAT-8099, a Chinese-speaking cybercrime group, has been exploiting vulnerable Internet Information Services (IIS) servers across multiple countries to conduct… Go to gbhackers.com

TOTOLINK X6000R Routers Hit by Three Vulnerabilities Allowing Remote Code Execution Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025. These vulnerabilities range from argument… Go to gbhackers.com

Termix Docker Image Leaking SSH Credentials (CVE-2025-59951) A critical vulnerability in the official Termix Docker image puts users at risk of exposing sensitive SSH credentials. The flaw allows anyone with network access… Go to gbhackers.com

Chrome Security Update Addressing 21 Vulnerabilities The Chrome team has released Chrome 141.0.7390.54/55 to the stable channel for Windows, Mac, and Linux, rolling out over the coming days and weeks. This update delivers… Go to gbhackers.com

Microsoft Outlook Bug on Windows Devices Results in Repeated Email Crashes Microsoft is currently investigating a significant bug affecting classic Outlook for Windows that prevents users from accessing their email accounts. The issue manifests as a… Go to gbhackers.com

Splunk Enterprise Flaws Allow Attackers to Run Unauthorized JavaScript Code Splunk released security advisories addressing multiple vulnerabilities affecting various versions of Splunk Enterprise and Splunk Cloud Platform. The flaws range from cross-site scripting (XSS) vulnerabilities… Go to gbhackers.com

New DNS Malware ‘Detour Dog’ Uses TXT Records to Deliver Strela Stealer Detour Dog, a stealthy website malware campaign tracked since August 2023, has evolved from redirecting victims to tech-support scams into a sophisticated DNS-based command-and-control… Go to gbhackers.com

Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware Security researchers have uncovered a new macOS malware campaign in which threat actors are abusing Extended Validation (EV) code-signing certificates to distribute completely undetectable… Go to gbhackers.com

Red Hat OpenShift AI Vulnerability Lets Attackers Seize Infrastructure Control A serious vulnerability in the Red Hat OpenShift AI service (RHOAI) enables attackers with minimal access to escalate privileges and take control of entire… Go to gbhackers.com

Google Publishes Security Hardening Guide to Counter UNC6040 Threats Google’s Threat Intelligence Group (GTIG) has published a comprehensive guide to help organizations strengthen their SaaS security posture—particularly Salesforce—against UC6040’s sophisticated voice-phishing and malicious… Go to gbhackers.com

Battering RAM Exploit Bypasses Modern Protections in Intel, AMD Cloud Processors Cloud providers rely on hardware-based memory encryption to keep user data safe. This encryption shields sensitive information like passwords, financial records, and personal files… Go to gbhackers.com

CISA Issues Alert on Active Exploitation of Linux and Unix Sudo Flaw The Cybersecurity and Infrastructure Security Agency (CISA) has released an urgent alert for system administrators and IT teams worldwide. Researchers have confirmed that attackers are… Go to gbhackers.com

Researchers Publish Technical Analysis of Linux Sudo Privilege Escalation A team of security researchers has released an in-depth technical report on CVE-2025-32463, a critical local privilege escalation flaw in the widely used Linux… Go to gbhackers.com

Threat Actors Exploiting MS-SQL Servers to Deploy XiebroC2 Framework A surge in attacks targeting improperly managed MS-SQL servers, culminating in the deployment of the open-source XiebroC2 command-and-control (C2) framework. Similar in functionality to… Go to gbhackers.com

APT35 Hackers Targeting Government and Military to Steal Login Credentials Stormshield CTI researchers have identified two active phishing servers linked to APT35, revealing ongoing credential-stealing operations targeting government and military entities. In an active threat-hunting… Go to gbhackers.com

VMware Tools and Aria 0-Day Under Active Exploitation for Privilege Escalation Organizations using VMware hypervisors face an urgent threat as a local privilege escalation zero-day, tracked as CVE-2025-41244, is under active exploitation in the wild. Both VMware… Go to gbhackers.com

ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution Singapore, Singapore, September 29th, 2025, CyberNewsWire Analyzing over 14 billion cyber-attack records daily, ThreatBook ATI is a global solution enriched with granular, local insights; and… Go to gbhackers.com

Hackers Exploit Weaponized Microsoft Teams Installer to Deploy Oyster Malware A sophisticated malvertising campaign has been targeting organizations through a weaponized Microsoft Teams installer that delivers the dangerous Oyster malware, according to a recent… Go to gbhackers.com

Forensic-timeliner: A Windows Forensics Tool for DFIR Investigators Forensic-Timeliner is a fast, open-source command-line tool designed to help digital forensics and incident response (DFIR) teams quickly build a unified timeline of Windows… Go to gbhackers.com

New Olymp Loader Malware-as-a-Service Promises Defender Bypass with Auto Certificate Signing Olymp Loader, a newly emerged Malware-as-a-Service (MaaS) offering, has rapidly gained traction across underground forums and Telegram since its debut on June 5, 2025…. Go to gbhackers.com

Formbricks Signature Verification Flaw Lets Attackers Reset User Passwords A critical vulnerability in the open source Formbricks experience management toolbox allows attackers to reset any user’s password without authorization. Published three days ago as advisory GHSA-7229-q9pv-j6p4… Go to gbhackers.com

Top 10 Best AI Penetration Testing Companies in 2025 In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability analysis faster than traditional… Go to gbhackers.com

Malicious MCP Server Discovered Stealing Sensitive Emails Using AI Agents Enterprises everywhere are embracing MCP servers—tools that grant AI assistants “god-mode” permissions to send emails, run database queries, and automate tedious tasks. But no… Go to gbhackers.com

Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to view sensitive connection details… Go to gbhackers.com

Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in… Go to gbhackers.com

New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks against SOHO routers, embedded… Go to gbhackers.com

Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters—three of the most… Go to gbhackers.com

Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of… Go to gbhackers.com

Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and… Go to gbhackers.com

Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild A critical zero-day vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software is being actively… Go to gbhackers.com

Hackers Use AI-Generated Code to Obfuscate Payloads and Bypass Traditional Defenses A recent credential phishing campaign detected by Microsoft Threat Intelligence used AI-generated code within an SVG file to disguise malicious behavior. While the novel… Go to gbhackers.com

New Phishing Scam Aims at PyPI Maintainers to Steal Login Information A fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI maintainers. As malicious actors… Go to gbhackers.com

Malware Deployment via Copyright Takedown Claims by Threat Actors Threat actors from the Lone None group are exploiting copyright takedown notices to distribute sophisticated malware, including Pure Logs Stealer and a newly identified… Go to gbhackers.com

SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack Setups Security researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in Windows installers and updaters. The… Go to gbhackers.com

Steam Confirms Malware Found in BlockBlasters Game Steam has officially confirmed that malware was discovered in the popular indie game BlockBlasters. The announcement follows widespread player reports and security scans that flagged… Go to gbhackers.com

Salesforce CLI Installer Flaw Lets Attackers Run Code and Gain SYSTEM-Level Access A serious security flaw in the Salesforce CLI installer (sf-x64.exe) has been assigned CVE-2025-9844. This weakness allows attackers to execute arbitrary code with SYSTEM-level privileges… Go to gbhackers.com

Banking Trojans Targeting Android Users Disguise as Government and Trusted Payment Apps Since August 2024, a financially motivated threat group has been targeting Android users in Indonesia and Vietnam with banking trojans disguised as official government… Go to gbhackers.com

CISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE Flaw Federal cybersecurity agency CISA has disclosed that attackers exploited a remote code execution vulnerability in GeoServer to breach a U.S. federal civilian executive branch… Go to gbhackers.com

Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts A severe Stored Cross-Site Scripting (XSS) vulnerability in the Prompt module of the DNN Platform enables low-privilege attackers to inject and execute arbitrary scripts… Go to gbhackers.com

RainyDay, Turian and Naikon Malwares Abuse DLL Search Order to Execute Malicious Loaders Cisco Talos has uncovered a sophisticated, long-running campaign active since 2022 that leverages DLL search order hijacking to deliver a novel PlugX variant with… Go to gbhackers.com

Beware of Fake Online Speedtest Apps with Hidden JavaScript Code These fake online speedtest applications prey on users seeking to measure their internet performance, yet they harbor hidden payloads that compromise system integrity and… Go to gbhackers.com

SolarWinds Web Help Desk Vulnerability Enables Privilege Escalation A critical vulnerability in SolarWinds Web Help Desk (WHD) could allow attackers to escalate privileges and execute arbitrary code on affected systems. SolarWinds has released… Go to gbhackers.com

Hackers Abuse IMDS Service for Cloud Initial Access Cloud environments rely on the Instance Metadata Service (IMDS) to provide virtual machines with temporary credentials and essential configuration data. IMDS allows applications to securely… Go to gbhackers.com

GitHub Introduces npm Security with Stronger Authentication and Trusted Publishing Open source software powers much of today’s technology, enabling developers around the world to build and share tools, libraries, and applications. However, the same openness… Go to gbhackers.com

Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground… Go to gbhackers.com

God Mode Vulnerability Lets Attackers Access Any Resource in Microsoft Cloud Tenants A recently disclosed flaw, tracked as CVE-2025-55241, allowed any attacker in possession of a single “Actor token” from a test or lab tenant to… Go to gbhackers.com

Kawa4096 Ransomware Targets Multinational Corporations to Steal Sensitive Data In June 2025, a previously unknown ransomware group dubbed Kawa4096 emerged, immediately drawing attention by targeting multinational organizations across diverse industries, including finance, education… Go to gbhackers.com

Massive Lucid PhaaS Campaign: 17,500 Phishing Domains Mimic 316 Global Brands Cybersecurity researchers at Netcraft have uncovered two sophisticated phishing campaigns linked to the Lucid and Lighthouse Phishing-as-a-Service (PhaaS) platforms, revealing a massive operation that… Go to gbhackers.com

Canada Police Shuts Down TradeOgre After $56M Crypto Theft Montréal, Quebec, September 18, 2025 – In an unprecedented operation, the Royal Canadian Mounted Police (RCMP) Federal Policing – Eastern Region has executed the… Go to gbhackers.com

Threat Actors Fake FBI IC3 Portal to Steal Visitor Information The Federal Bureau of Investigation has issued a critical public service announcement warning citizens about cybercriminals creating sophisticated spoofed versions of the FBI’s Internet… Go to gbhackers.com

New Botnet Exploits Simple DNS Flaws That Leads to Massive Cyber Attack Cybersecurity researchers have uncovered a sophisticated Russian botnet operation that leveraged DNS misconfigurations and compromised MikroTik routers to deliver malware through massive spam campaigns. The… Go to gbhackers.com

HubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE Attacks A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The… Go to gbhackers.com

AI-Driven Phishing Attacks: Deceptive Tactics to Bypass Security Systems Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead… Go to gbhackers.com

Luxury Jeweler Tiffany Reports Data Breach Exposing User Personal Data Luxury jeweler Tiffany and Company has confirmed a data breach that exposed the personal information of 2,590 customers. The company discovered unauthorized access to an external… Go to gbhackers.com

UK Police Arrest Two Scattered Spider Hackers Over London Transport Breach UK law enforcement agencies have arrested two individuals linked to the notorious Scattered Spider cybercriminal group. The arrests, announced on Tuesday, pertain to a sophisticated… Go to gbhackers.com

Nokia CBIS/NCS Manager API Vulnerability Allows Attackers to Bypass Authentication On September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and NCS (Nokia Container Service)… Go to gbhackers.com

Splunk Publishes Guide to Spot Remote Work Fraud in Organizations Splunk today unveiled a comprehensive guide designed to empower security teams to detect Remote Employment Fraud (REF) during the critical onboarding phase—when imposters have… Go to gbhackers.com

Warlock Ransomware Deployed via Compromised GOLD SALEM Networks and Bypassed Security Solutions Counter Threat Unit™ (CTU) researchers are tracking a sophisticated threat actor known as Warlock Group, which CTU designates as GOLD SALEM. Since March 2025,… Go to gbhackers.com

Russian CopyCop Network Expands: 200+ Fake News Sites Target US, Canada, and France The Russian covert influence network known as CopyCop has significantly expanded its disinformation operations, creating over 200 new fake websites since March 2025 to… Go to gbhackers.com

PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections… Go to gbhackers.com

TP-Link Router Zero-Day Lets Attackers Execute Code by Bypassing ASLR Researchers have uncovered a zero-day vulnerability in TP-Link routers that allows attackers to bypass Address Space Layout Randomization (ASLR) and execute arbitrary code remotely. Tracked… Go to gbhackers.com

Hackers Exploit AdaptixC2, an Emerging Open-Source C2 Tool In early May 2025, Unit 42 researchers observed that AdaptixC2 was used to infect several systems. While many C2 frameworks garner public attention, AdaptixC2 has… Go to gbhackers.com

Google Play Flooded With 224 Malicious Apps, 38 Million Downloads Deliver Malware A global ad fraud and click fraud operation, dubbed SlopAds, comprising 224 Android apps that collectively amassed more than 38 million downloads across 228… Go to gbhackers.com

Palo Alto Networks and Microsoft Featured in MITRE ATT&CK Evaluations 2026 Two cybersecurity industry leaders have made significant announcements regarding their participation in the upcoming MITRE ATT&CK Evaluations, marking a notable shift in how major… Go to gbhackers.com

Microsoft Takes Down 300+ Websites Behind RaccoonO365 Phishing Scheme Microsoft’s Digital Crimes Unit (DCU) has seized control of 338 websites facilitating RaccoonO365, the rapidly expanding phishing-as-a-service platform that enables anyone to harvest Microsoft… Go to gbhackers.com

World’s Biggest Hacker Forum Admin Gets Resentenced to Serve Three More Years Conor Brian Fitzpatrick, the founder and operator of BreachForums, has been resentenced to three more years in prison after a federal appeals court vacated… Go to gbhackers.com

Apple Patches 18 Vulnerabilities in visionOS 26 Allowing Access to Sensitive User Data Apple has released visionOS 26, addressing eighteen security flaws that could allow unauthorized access to sensitive user data.  The update, issued on September 15, 2025,… Go to gbhackers.com

Threat Actors Exploit MCP Servers to Steal Sensitive Data Unvetted Model Context Protocol (MCP) servers introduce a stealthy supply chain attack vector, enabling adversaries to harvest credentials, configuration files, and other secrets without… Go to gbhackers.com

SmokeLoader Employs Optional Plugins to Steal Data and Launch DoS Attacks Active since 2011, SmokeLoader (also known as Smoke or Dofoil) has cemented its reputation as a versatile malware loader engineered to deliver second-stage payloads,… Go to gbhackers.com

New Phoenix Rowhammer Attack Bypasses DDR5 Chip Protections A new variation of the Rowhammer attack, named Phoenix, breaks through the built-in defenses of modern DDR5 memory modules. Researchers reverse-engineered the in-DRAM protections on SK… Go to gbhackers.com

AISURU Botnet Fuels Record-Breaking 11.5 Tbps DDoS Attack With 300,000 Hijacked Routers The newly identified AISURU botnet, leveraging an estimated 300,000 compromised routers worldwide, has been pinpointed as the force behind a record-shattering 11.5 Tbps distributed… Go to gbhackers.com

Hackers using generative AI “ChatGPT” to evade anti-virus defenses The Kimsuky APT group has begun leveraging generative AI ChatGPT to craft deepfake South Korean military agency ID cards. Phishing lures deliver batch files… Go to gbhackers.com

BlackNevas Ransomware Encrypts Files, Exfiltrates Corporate Data Countries with most cyberattacks stopped highlighting global cyber defense efforts, including key regions in Asia-Pacific and North America.  BlackNevas has released a comprehensive attack strategy… Go to gbhackers.com

LangChainGo Vulnerability Allows Malicious Prompt Injection to Access Sensitive Data A recently discovered flaw in LangChainGo, the Go implementation of the LangChain framework for large language models, permits attackers to read arbitrary files on… Go to gbhackers.com

FBI Releases IOCs on Cyber Threats Exploiting Salesforce for Data Theft The Federal Bureau of Investigation (FBI) has released a detailed flash advisory disclosing indicators of compromise (IOCs) and tactics used by two cybercrime groups—UNC6040… Go to gbhackers.com

AppSuite-PDF, PDF Editor Operators Exploited 26 Code-Signing Certificates to Fake Legitimacy Analysis reveals that the developers behind the AppSuite-PDF and PDF Editor campaigns have abused at least 26 distinct code-signing certificates over the past seven… Go to gbhackers.com

Mustang Panda Uses SnakeDisk USB Worm and Toneshell Backdoor to Target Air-Gap Systems IBM X-Force researchers have uncovered sophisticated new malware campaigns orchestrated by the China-aligned threat actor Hive0154, also known as Mustang Panda. The discovery includes… Go to gbhackers.com

AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Security Attacks Security researchers at Straiker’s AI Research (STAR) team have uncovered Villager, an AI-native penetration testing framework developed by Chinese-based group Cyberspike that has already… Go to gbhackers.com

HybridPetya Exploits UEFI Vulnerability to Bypass Secure Boot on Legacy Systems ESET Research has uncovered a sophisticated new ransomware variant called HybridPetya, discovered on the VirusTotal sample sharing platform. This malware represents a dangerous evolution… Go to gbhackers.com

Microsoft Windows Defender Firewall Vulnerabilities Allow Privilege Escalation Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on… Go to gbhackers.com

EvilAI: Leveraging AI to Steal Browser Data and Evade Detection EvilAI, a new malware family tracked by Trend™ Research, has emerged in recent weeks disguised as legitimate AI-driven utilities. These trojans sport professional user… Go to gbhackers.com

New Malware Abuses Azure Functions to Host Command and Control Infrastructure A malicious ISO image named Servicenow-BNM-Verify.iso was uploaded to VirusTotal from Malaysia with almost no detections. The image contains four files—two openly visible and two… Go to gbhackers.com

New Malvertising Campaign Exploits GitHub Repositories to Distribute Malware A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for… Go to gbhackers.com

Buterat Backdoor Campaigns Targeting Enterprise Endpoint Control Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access to compromised systems. Unlike… Go to gbhackers.com

Malware Campaign Uses SVG Email Attachments to Deploy XWorm and Remcos RAT Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans (RATs), including XWorm and Remcos. These campaigns typically… Go to gbhackers.com

Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted a novel delivery mechanism… Go to gbhackers.com

Axios Vulnerability Enables Attackers to Crash Node.js Applications via Data Handle Abuse A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data… Go to gbhackers.com

LAPSUS$ Hunters 4.0 Announce Permanent Shutdown In a startling development on September 8, the Telegram channel “scattered LAPSUS$ hunters 4.0” declared its intention to “go dark” after taunting law enforcement… Go to gbhackers.com

PoisonSeed Threat Actor Strengthens Credential Theft Operations with New Domains Spoof the email delivery platform SendGrid and employ fake Cloudflare CAPTCHA interstitials to lend legitimacy before redirecting unsuspecting users to credential harvesting pages. Since… Go to gbhackers.com

ZynorRAT Exploits Windows and Linux Systems to Gain Remote Access During a recent threat hunting exercise, the Sysdig Threat Research Team (TRT) identified a new sample dubbed ZynorRAT. This Go-based Remote Access Trojan (RAT)… Go to gbhackers.com

NVIDIA NVDebug Tool Vulnerability Lets Attackers Gain Elevated System Access A critical vulnerability in NVIDIA’s NVDebug tool could allow attackers to gain elevated system access, execute code, or tamper with data. NVIDIA released a security… Go to gbhackers.com

Wyden Urges FTC to Investigate Microsoft Over Weak RC4 Encryption Enabling Kerberoasting Senator Ron Wyden has formally requested the Federal Trade Commission investigate Microsoft for cybersecurity negligence that has enabled ransomware attacks against critical infrastructure organizations… Go to gbhackers.com

Cursor AI Code Editor RCE Flaw Allows Malicious Code to Autorun on Machines A critical vulnerability in the Cursor AI Code Editor exposes developers to stealthy remote code execution (RCE) attacks when opening code repositories, security researchers… Go to gbhackers.com

Amp’ed RF BT-AP 111 Bluetooth Access Point Vulnerability Enables Admin Takeover The Amp’ed RF BT-AP 111 Bluetooth Access Point has been discovered to expose its HTTP-based administrative interface entirely without authentication controls, enabling unauthenticated attackers… Go to gbhackers.com

Google Drive Desktop for Windows Flaw Lets Users Gain Full Access to Others’ Drives Millions of people and businesses trust Google Drive every day to store important files like contracts, reports, photos, and research papers. The desktop app for… Go to gbhackers.com

Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage…. Go to gbhackers.com

HackerOne Data Breach, Hackers Illegally Access Salesforce Environment HackerOne, a leading vulnerability coordination platform, has confirmed that its Salesforce environment was compromised in a recent third-party data breach. The incident stemmed from an… Go to gbhackers.com

Critical Flaws in Microsoft Office Enable Remote Code Execution by Attackers Microsoft has disclosed two serious security vulnerabilities in its Office suite that allow attackers to execute arbitrary code on affected systems. Both flaws were publicly… Go to gbhackers.com

SAP Security Patch Day Addresses 21 Vulnerabilities, 4 Classified as Critical SAP’s Security Patch Day on September 9, 2025, introduced fixes for 21 newly discovered vulnerabilities across its product portfolio and provided updates to four… Go to gbhackers.com