Category: gbhackers

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack. Cybersecurity researchers have uncovered a… Go to gbhackers.com

Printer Company Distributes Malicious Drivers Infected with XRed Malware Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code, including the notorious XRed backdoor malware. The issue came to… Go to gbhackers.com

Chinese Agent Impersonate as Stanford Student For Intelligence Gathering Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation into suspicious approaches made to students conducting China-related research…. Go to gbhackers.com

SSH Auth Key Reuse Uncovers Advanced Targeted Phishing Campaign A meticulously orchestrated phishing campaign targeting Kuwait’s fisheries, telecommunications, and insurance sectors has been exposed by Hunt.io researchers, revealing a sprawling network of over… Go to gbhackers.com

Ivanti Endpoint Manager Vulnerabilities Allow Unauthenticated Remote Code Execution Critical vulnerability chain in Ivanti Endpoint Manager Mobile (EPMM) has exposed enterprise mobile device management systems to pre-authenticated remote code execution (RCE) attacks. The… Go to gbhackers.com

Jenkins Released Security Updates – Multiple Vulnerabilities Fixed That Allow Attackers to Exploit CI/CD… Jenkins, the widely used automation server for CI/CD pipelines, has released a critical security advisory addressing several vulnerabilities in popular plugins. These flaws-ranging from… Go to gbhackers.com

Pwn2Own Day 1 – Windows 11, Red Hat Linux, & Oracle VirtualBox Hacked Security researchers successfully illustrated significant vulnerabilities across several platforms on the first day of Pwn2Own Berlin 2025, taking home a total of $260,000 in… Go to gbhackers.com

SonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems… SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability. The… Go to gbhackers.com

Critical BitLocker Flaw Exploited in Minutes: Bitpixie Vulnerability Proof of Concept Unveiled Security researchers have demonstrated a non-invasive method to bypass Microsoft BitLocker encryption on Windows devices in just five minutes without physically modifying the hardware…. Go to gbhackers.com

Google Chrome Zero-Day Vulnerability (CVE-2025-4664) Actively Exploited in The Wild Google has rolled out a fresh Stable Channel update for the Chrome browser across desktop platforms, including Windows, Mac, and Linux. This update elevates… Go to gbhackers.com

Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by threat actors deploying Horabot malware, predominantly targeting Spanish-speaking users in… Go to gbhackers.com

TA406 Hackers Target Government Entities to Steal Login Credentials The North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni, has set its sights on Ukrainian government entities. Proofpoint researchers have… Go to gbhackers.com

Google Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop Files Google Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect malicious .desktop files, a novel attack vector leveraged by threat… Go to gbhackers.com

Weaponized PyPI Package Targets Developers to Steal Source Code Security researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on developers working with the… Go to gbhackers.com

Microsoft Alerts on AD CS Flaw Enabling Remote Denial-of-Service Attacks Microsoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as CVE-2025-29968, which could allow… Go to gbhackers.com

Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure EclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat… Go to gbhackers.com

Researchers Unveil New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse A group of cybersecurity specialists from Hunters, working under the prestigious Team Axon, have presented sophisticated threat-hunting techniques in a ground-breaking research paper titled… Go to gbhackers.com

Windows CLFS Zero-Day Vulnerability Actively Exploited in the Wild Microsoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being exploited in the wild…. Go to gbhackers.com

PupkinStealer Targets Windows Users to Steal Browser Login Credentials A newly identified information-stealing malware dubbed PupkinStealer has emerged as a significant threat to Windows users, with its first sightings reported in April 2025…. Go to gbhackers.com

Repeated Firmware Key-Management Failures Undermine Intel Boot Guard and UEFI Secure Boot The security of fundamental technologies like Intel Boot Guard and UEFI Secure Boot has been seriously questioned due to persistent cryptographic key management issues… Go to gbhackers.com

INE Security Alert: Top 5 Takeaways from RSAC 2025 Comprehensive Training Platform Delivers Solutions for AI Security, Cloud Management, and Incident Response Readiness. Fresh from a high-impact presence at RSAC 2025, where INE Security welcomed thousands… Go to gbhackers.com

CISA Flags Hidden Functionality Flaw in TeleMessage TM SGNL on KEV List Cybersecurity and Infrastructure Security Agency (CISA) has escalated its advisory for TeleMessage TM SGNL, adding a critical hidden functionality vulnerability (CVE-2025-47729) to its Known… Go to gbhackers.com

Asus One-Click Flaw Exposes Users to Remote Code Execution Attacks Critical security vulnerability in ASUS DriverHub software has been discovered that allowed attackers to execute arbitrary code with administrator privileges through a simple web… Go to gbhackers.com

Metasploit Update Adds Erlang/OTP SSH Exploit and OPNSense Scanner The open-source penetration testing toolkit Metasploit has unveiled a major update, introducing four new modules, including a highly anticipated exploit targeting Erlang/OTP SSH servers… Go to gbhackers.com

Google Researchers Use Mach IPC to Uncover Sandbox Escape Vulnerabilities Google Project Zero researchers have uncovered new sandbox escape vulnerabilities in macOS using an innovative approach that leverages Mach Interprocess Communication (IPC) mechanisms-core components… Go to gbhackers.com

Cybercriminals Hide Undetectable Ransomware Inside JPG Images A chilling new ransomware attack method has emerged, with hackers exploiting innocuous JPEG image files to deliver fully undetectable (FUD) ransomware, according to a recent… Go to gbhackers.com

Hackers Exploit Legacy Protocols in Microsoft Entra ID to Bypass MFA and Conditional Access A sophisticated and highly coordinated cyberattack campaign came to light, as tracked by Guardz Research. This operation zeroed in on legacy authentication protocols within… Go to gbhackers.com

Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data Microsoft’s Copilot for SharePoint, designed to streamline enterprise collaboration through generative AI, has become an unexpected weapon for cybercriminals targeting organizational secrets. Recent findings… Go to gbhackers.com

Sophisticated PhaaS Phish Toolkits are Now Genetrating Realistic Fake Phishing Pages Cybersecurity experts are raising alarms over the proliferation of increasingly sophisticated phishing techniques that leverage dedicated Phishing-as-a-Service (PhaaS) toolkits to create authentic-looking pages. These… Go to gbhackers.com

Critical Azure and Power Apps Vulnerabilities Allow Attackers to Exploit RCE Microsoft has patched four critical security vulnerabilities affecting its Azure cloud services and Power Apps platform that could allow attackers to escalate privileges, perform… Go to gbhackers.com

How to Detecting Backdoors in Enterprise Networks In today’s rapidly evolving cybersecurity landscape, enterprise networks face a particularly insidious threat: backdoors, making detecting backdoors crucial. These clandestine entry points allow attackers to… Go to gbhackers.com

Securing Windows Endpoints Using Group Policy Objects (GPOs): A Configuration Guide Securing Windows endpoints is a top priority for organizations seeking to protect sensitive data and maintain operational integrity. Group Policy Objects (GPOs) are among… Go to gbhackers.com

Bluetooth Core 6.1 Released – What’s New! Bluetooth SIG’s decision to transition to a bi-annual release cadence marks a strategic pivot toward fostering rapid iteration and market responsiveness. The organization seeks… Go to gbhackers.com

Cyberattackers Targeting IT Help Desks for Initial Breach Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into granting access to critical systems, according to recent analyses by… Go to gbhackers.com

New Stealthy .NET Malware Hiding Malicious Payloads Within Bitmap Resources Cybersecurity researchers at Palo Alto Networks’ Unit 42 have uncovered a novel obfuscation method employed by threat actors to conceal malware within bitmap resources… Go to gbhackers.com

Hackers Weaponizing Facebook Ads to Deploy Multi-Stage Malware Attacks A persistent and highly sophisticated malvertising campaign on Facebook has been uncovered by Bitdefender Labs, exploiting the trust associated with major cryptocurrency exchanges to… Go to gbhackers.com

Threat Actors Target Job Seekers with Three New Unique Adversaries Netcraft has uncovered a sharp rise in recruitment scams in 2024, driven by three distinct threat actors employing unique and highly technical strategies to… Go to gbhackers.com

Scattered Spider Malware Targets Klaviyo, HubSpot, and Pure Storage Platforms Silent Push researchers have identified that the notorious hacker collective Scattered Spider, also known as UNC3944 or Octo Tempest, continues to actively target prominent… Go to gbhackers.com

Hackers Exploit Host Header Injection to Breach Web Applications Cybersecurity researchers have reported a significant rise in web breaches triggered by a lesser-known technique: Host Header Injection. This sophisticated attack vector has enabled hackers… Go to gbhackers.com

Hackers Exploit Windows Remote Management to Evade Detection in AD Networks A new wave of cyberattacks is targeting Active Directory (AD) environments by abusing Windows Remote Management (WinRM), a legitimate administrative tool, to move laterally… Go to gbhackers.com

Researchers Uncover Remote Code Execution Flaw in macOS – CVE-2024-44236 Security researchers Nikolai Skliarenko and Yazhi Wang of Trend Micro’s Research Team have disclosed critical details about CVE-2024-44236, a memory corruption vulnerability in Apple’s… Go to gbhackers.com

Apache ActiveMQ Vulnerability Allows Attackers to Induce DoS Condition Critical vulnerability in Apache ActiveMQ (CVE-2024-XXXX) exposes brokers to denial-of-service (DoS) attacks by allowing malicious actors to exhaust system memory through specially crafted OpenWire… Go to gbhackers.com

Kaspersky Alerts on AI-Driven Slopsquatting as Emerging Supply Chain Threat Cybersecurity researchers at Kaspersky have identified a new supply chain vulnerability emerging from the widespread adoption of AI-generated code. As AI assistants increasingly participate… Go to gbhackers.com

Cisco IOS, XE, and XR Vulnerability Allows Remote Device Reboots  Cisco has issued an urgent security advisory (cisco-sa-twamp-kV4FHugn) warning of a critical vulnerability in its widely used IOS, IOS XE, and IOS XR software. The… Go to gbhackers.com

OpenCTI: Free Cyber Threat Intelligence Platform for Security Experts OpenCTI (Open Cyber Threat Intelligence) stands out as a free, open source platform specifically designed to address this need-delivering robust capabilities for cyber threat… Go to gbhackers.com

LockBit Ransomware Group Breached: Internal Chats and Data Leaked Online The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber extortion rings, has itself become the victim of a major… Go to gbhackers.com

Cisco IOS XE Wireless Controllers Vulnerability Lets Attackers Seize Full Control A critical security flaw has been discovered in Cisco IOS XE Wireless LAN Controllers (WLCs), potentially allowing unauthenticated remote attackers to gain full control… Go to gbhackers.com

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged as a prime target for cyber threat actors, with… Go to gbhackers.com

Researchers Simulate DPRK’s Largest Cryptocurrency Heist Through Compromised macOS Developer and AWS Pivoting Security researchers at Elastic have recreated the intricate details of the February 21, 2025, ByBit cryptocurrency heist, where approximately 400,000 ETH-valued at over a… Go to gbhackers.com

Lampion Banking Malware Uses ClickFix Lures to Steal Banking Credentials Unit 42 researchers at Palo Alto Networks, a highly targeted malicious campaign orchestrated by the threat actors behind the Lampion banking malware has been… Go to gbhackers.com

DragonForce: Emerging Hybrid Cyber Threat in the 2025 Ransomware Landscape DragonForce has swiftly risen as a formidable player in 2025, embodying a hybrid threat that blends ideological ambiguity with ruthless opportunism. First identified in December… Go to gbhackers.com

Mirai Botnet Actively Targeting GeoVision IoT Devices for Command Injection Exploits The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices…. Go to gbhackers.com

IBM Cognos Analytics Security Vulnerability Allowed Unauthorized File Uploads  IBM has issued a security bulletin addressing two newly discovered, high-severity vulnerabilities in its Cognos Analytics platform. These flaws, tracked as CVE-2024-40695 (Malicious File Upload) and CVE-2024-51466 (Expression Language… Go to gbhackers.com

Google’s NotebookLM Introduces Voice Summaries in Over 50 Languages Google has significantly expanded the capabilities of NotebookLM, its AI-powered research tool, by introducing Audio Overviews in more than 50 languages. This enhancement builds… Go to gbhackers.com

Android Security Update -A Critical RCE Vulnerability Actively Exploited in the Wild  Google has released critical security patches for Android devices to address 57 vulnerabilities across multiple subsystems, including an actively exploited remote code execution flaw… Go to gbhackers.com

Hackers Exploit Fake Chrome Error Pages to Deploy Malicious Scripts on Windows Users Hackers are leveraging a sophisticated social engineering technique dubbed “ClickFix” to trick Windows users into executing malicious scripts on their systems. This method capitalizes on… Go to gbhackers.com

New ClickFix Attack Imitates Ministry of Defence Website to Target Windows & Linux Systems A newly identified cyberattack campaign has surfaced, leveraging the recognizable branding of India’s Ministry of Defence to distribute cross-platform malware targeting both Windows and… Go to gbhackers.com

Threat Actor Evades SentinelOne EDR to Deploy Babuk Ransomware Aon’s Stroz Friedberg Incident Response Services has uncovered a method used by a threat actor to bypass SentinelOne Endpoint Detection and Response (EDR) protections,… Go to gbhackers.com

Hackers Exploit Email Fields to Launch XSS and SSRF Attacks Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site scripting (XSS) and server-side request forgery (SSRF) attacks. These vulnerabilities, often overlooked in web… Go to gbhackers.com

Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed a surge in malicious activity tied to the Luna Moth… Go to gbhackers.com

SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the “SonicBoom Attack Chain,” which allows hackers to bypass authentication and seize administrative control… Go to gbhackers.com

Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis A researcher has unveiled a novel integration between AI-powered Copilot and Microsoft’s WinDbg, dramatically simplifying Windows crash dump analysis. For decades, debugging Windows crash dumps… Go to gbhackers.com

Apache Parquet Java Vulnerability Enables Remote Code Execution A high-severity vulnerability (CVE-2025-46762) has been discovered in Apache Parquet Java, exposing systems using the parquet-avro module to remote code execution (RCE) attacks. The flaw,… Go to gbhackers.com

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S. citizens, according to a detailed report from Seqrite Labs…. Go to gbhackers.com

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious financially motivated threat actor Golden Chickens, also known as… Go to gbhackers.com

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in the arsenal of multiple threat actors, including the notorious… Go to gbhackers.com

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging reverse proxies to intercept sensitive data. As phishing tactics… Go to gbhackers.com

Threat Actors Target Critical National Infrastructure with New Malware and Tools A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term cyber intrusion targeting critical national infrastructure (CNI) in the… Go to gbhackers.com

Hundreds of Fortune 500 Companies Have Unknowingly Employed North Korean IT Operatives North Korean nationals have successfully infiltrated the employee ranks of major global corporations at a scale previously underestimated, creating a pervasive threat to IT… Go to gbhackers.com

Stealthy New NodeJS Backdoor Infects Users Through CAPTCHA Verifications Security researchers have uncovered a sophisticated malware campaign utilizing fake CAPTCHA verification screens to deploy a stealthy NodeJS backdoor. The attack, part of the… Go to gbhackers.com

State-Sponsored Hacktivism on the Rise, Transforming the Cyber Threat Landscape Global cybersecurity landscape is undergoing a significant transformation, as state-sponsored hacktivism gains traction amid ongoing conflicts. In 2024, Forescout Technologies Inc. documented 780 hacktivist… Go to gbhackers.com

NVIDIA Riva AI Speech Flaw Let Hackers Gain Unauthorized Access to Abuse GPU Resources… Researchers have uncovered significant security vulnerabilities in NVIDIA Riva, a breakthrough AI speech technology platform used for transcription, voice assistants, and conversational AI. The… Go to gbhackers.com

Tsunami Malware Surge: Blending Miners and Credential Stealers in Active Attacks Security researchers have recently discovered a sophisticated malware operation called the “Tsunami-Framework” that combines credential theft, cryptocurrency mining, and potential botnet capabilities. The framework… Go to gbhackers.com

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists Multiple Dutch organizations have experienced significant service disruptions this week due to a series of coordinated Distributed Denial-of-Service (DDoS) attacks. These attacks, which have also… Go to gbhackers.com

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands A major supply chain security incident has rocked the Python open-source community as researchers at Socket’s Threat Research Team uncovered seven interconnected malicious packages… Go to gbhackers.com

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical vulnerabilities found in widely used Industrial Control Systems (ICS). Released on… Go to gbhackers.com

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its popular TensorRT-LLM framework, urging all users to update to… Go to gbhackers.com

CISA Issues Alert on Actively Exploited Apache HTTP Server Escape Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered and actively exploited vulnerability in the widely used… Go to gbhackers.com

Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code A critical security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own hacking competition, allows attackers to execute malicious code remotely via… Go to gbhackers.com

Quantum Computing and Cybersecurity – What CISOs Need to Know Now As quantum computing transitions from theoretical research to practical application, Chief Information Security Officers (CISOs) face an unprecedented challenge to cryptographic security. The emergence… Go to gbhackers.com

Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered, enabling remote attackers to execute arbitrary code on unpatched systems. Tracked… Go to gbhackers.com

Commvault Confirms Zero-Day Attack Breached Its Azure Cloud Environment Commvault, a global leader in data protection and information management, has confirmed that a sophisticated cyberattack involving a zero-day vulnerability breached its Azure cloud… Go to gbhackers.com

FBI Uncovers 42,000 Phishing Domains Tied to LabHost PhaaS Operation The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains associated with the notorious LabHost phishing-as-a-service (PhaaS) platform. This operation, which… Go to gbhackers.com

Microsoft Telnet Server Flaw Lets Attackers Bypass Guest Login Restrictions A newly disclosed vulnerability in Microsoft’s Telnet Server component is making headlines after researchers revealed that attackers could exploit the flaw to bypass established… Go to gbhackers.com

Firefox 138 Launches with Patches for Several High-Severity Flaws Mozilla has officially released Firefox 138, marking a significant update focused on user security. The new version addresses multiple high-severity vulnerabilities, following the Mozilla… Go to gbhackers.com

Anthropic Report Reveals Growing Risks from Misuse of Generative AI Misuse A recent threat report from Anthropic, titled “Detecting and Countering Malicious Uses of Claude: March 2025,” published on April 24, has shed light on… Go to gbhackers.com

JokerOTP Platform Linked to 28,000+ Phishing Attacks Dismantled Law enforcement agencies from the UK and the Netherlands have dismantled the notorious JokerOTP cybercrime platform, which is allegedly linked to more than 28,000… Go to gbhackers.com

Windows Server 2025 Gets Hotpatching Support Beginning July 1, 2025 Microsoft announced that hotpatching support for Windows Server 2025 will become generally available as a subscription service starting July 1, 2025. This move expands a… Go to gbhackers.com

Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2025-21756 and dubbed “Attack of the Vsock,” has sent ripples through the cybersecurity community. The flaw enables… Go to gbhackers.com

Massive Attack: 4,800+ IPs Used to Target Git Configuration Files A recent surge in cyber reconnaissance has put thousands of organizations at risk after GreyNoise, a global threat intelligence platform, detected an alarming spike… Go to gbhackers.com

CISA Adds Broadcom Brocade Fabric OS Flaw to Known Exploited Vulnerabilities List The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security advisory after adding a critical Broadcom Brocade Fabric OS vulnerability to… Go to gbhackers.com

Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server communication been disclosed, threatening countless embedded and IoT devices with… Go to gbhackers.com

Viasat Modems Zero-Day Vulnerabilities Let Attackers Execute Remote Code A severe zero-day vulnerability has been uncovered in multiple Viasat satellite modem models, including the RM4100, RM4200, EM4100, RM5110, RM5111, RG1000, RG1100, EG1000, and… Go to gbhackers.com

Obfuscation Techniques: A Key Weapon in the Ongoing War Between Hackers and Defenders Obfuscation stands as a powerful weapon for attackers seeking to shield their malicious code from defenders. This technique, which deliberately makes code hard to understand… Go to gbhackers.com

React Router Vulnerabilities Allow Attackers to Spoof Content and Alter Values The widely used React Router library, a critical navigation tool for React applications, has resolved two high-severity vulnerabilities (CVE-2025-43864 and CVE-2025-43865) that allowed attackers… Go to gbhackers.com

CISA Alerts Users to Security Flaws in Planet Technology Network Products The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple severe vulnerabilities discovered in several Planet Technology… Go to gbhackers.com

How To Use Digital Forensics To Strengthen Your Organization’s Cybersecurity Posture Digital forensics has become a cornerstone of modern cybersecurity strategies, moving beyond its traditional role of post-incident investigation to become an essential proactive defense… Go to gbhackers.com

Building A Strong Compliance Framework: A CISO’s Guide To Meeting Regulatory Requirements In the current digital landscape, Chief Information Security Officers (CISOs) are under mounting pressure to ensure their organizations meet a growing array of regulatory… Go to gbhackers.com

Two Systemic Jailbreaks Uncovered, Exposing Widespread Vulnerabilities in Generative AI Models Two significant security vulnerabilities in generative AI systems have been discovered, allowing attackers to bypass safety protocols and extract potentially dangerous content from multiple… Go to gbhackers.com

New AI-Generated ‘TikDocs’ Exploits Trust in the Medical Profession to Drive Sales AI-generated medical scams across TikTok and Instagram, where deepfake avatars pose as healthcare professionals to promote unverified supplements and treatments. These synthetic “doctors” exploit… Go to gbhackers.com