Tag: gbhackers

New Cyber Attack Exploits DeskSoft to Spread Malware via RDP Command Execution An emerging threat campaign has been identified that weaponizes a trojanized version of DeskSoft’s EarthTime application to deploy sophisticated malware, leveraging Remote Desktop Protocol… Go to gbhackers.com

SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations A novel AI-driven email attack toolkit named SpamGPT has surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an… Go to gbhackers.com

New Malware Exploits Exposed Docker APIs to Gain Persistent Root SSH Access The Akamai Hunt Team has uncovered a new strain of malware that targets exposed Docker APIs with expanded infection capabilities. First observed in August… Go to gbhackers.com

MostereRAT Exploits AnyDesk and TightVNC for Remote Access on Windows Systems Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated phishing campaign that deploys the MostereRAT remote access trojan to compromise Windows systems. The malware… Go to gbhackers.com

PgAdmin Vulnerability Allows Attackers to Gain Unauthorized Account Access A newly disclosed security flaw in pgAdmin4, the widely used open-source tool for managing PostgreSQL databases, has raised serious concerns among developers and database administrators… Go to gbhackers.com

Web Application Firewall Bypassed via JS Injection with Parameter Pollution In a recent autonomous penetration test, a novel cross-site scripting (XSS) bypass that sidesteps even highly restrictive Web Application Firewalls (WAFs). Security researchers uncovered… Go to gbhackers.com

U.S. Officials Investigating Cyber Threat Aimed at China Trade Talks According to the Wall Street Journal, the deceptive message, purporting to come from Representative John Moolenaar, was dispatched in July to multiple U.S. trade… Go to gbhackers.com

How Microsoft Azure Storage Logs Help Investigate Security Breaches When a security breach occurs, vital evidence often appears in unexpected places. One such source is Microsoft Azure Storage logs, which play a critical role… Go to gbhackers.com

macOS Under Attack: Atomic Stealer Hidden in Pirated Software The cybersecurity landscape for macOS users has taken a dangerous turn as cybercriminals increasingly target Apple’s ecosystem with sophisticated malware campaigns. Atomic macOS Stealer… Go to gbhackers.com

10 Best Web Application Penetration Testing Companies in 2025 Securing web applications is a top priority for businesses in 2025 as they’re a primary attack vector for cybercriminals. Web application penetration testing goes… Go to gbhackers.com

Microsoft Tapped China Engineers for SharePoint Support A new investigation has revealed that Microsoft relied on China-based engineers to provide technical support and bug fixes for SharePoint, the same collaboration software… Go to gbhackers.com

Over 143,000 Malware Files Target Android and iOS Users in Q2 2025 In the second quarter of 2025, users of Android and iOS devices faced relentless cyberthreats, with Kaspersky Security Network reporting nearly 143,000 malicious installation… Go to gbhackers.com

SafePay Ransomware Hits 73 Organizations in Just One Month SafePay, an emerging ransomware group, has rapidly ascended from obscurity to notoriety in 2025. In June alone, the group claimed responsibility for attacks on… Go to gbhackers.com

TAG-150 Hackers Escalate Attacks with Proprietary Malware Families A sophisticated threat actor, TAG-150, active since at least March 2025. Characterized by rapid malware development, technical sophistication, and a sprawling multi-tiered infrastructure, TAG-150… Go to gbhackers.com

Threat Actors Exploit ScreenConnect Installers for Initial Access A marked escalation in the abuse of ConnectWise ScreenConnect installers since March 2025, with U.S.-based businesses bearing the brunt of these incursions. Adversaries are… Go to gbhackers.com

New Exploit Bypasses Code Integrity to Backdoor Signal, 1Password, Slack, and More A new security exploit has been discovered that lets attackers slip malicious code into widely used desktop applications including Signal, 1Password, Slack, and Google… Go to gbhackers.com

CISA Issues Alert on Android 0-Day Use-After-Free Vulnerability Under Active Exploitation The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert for a newly discovered zero-day vulnerability in the Android Runtime component. This “use-after-free”… Go to gbhackers.com

New Malware Exploits Windows Character Map to Evade Defender and Mine Crypto A sophisticated cryptojacking campaign that hijacks Windows’ native Character Map utility (“charmap.exe”) to evade Windows Defender and covertly mine cryptocurrency on compromised machines. First… Go to gbhackers.com

North Korean Hackers Expose Their Playbook for Swapping Infrastructure A sophisticated North Korean cyber operation has been exposed, revealing how state-sponsored hackers systematically monitor cybersecurity intelligence platforms to detect when their malicious infrastructure… Go to gbhackers.com

Hackers Exploit Google Calendar API with Serverless MeetC2 Framework A novel serverless command-and-control (C2) technique that abuses Google Calendar APIs to obscure malicious traffic inside trusted cloud services. Dubbed MeetC2, this lightweight, cross-platform… Go to gbhackers.com

Frostbyte10 Vulnerabilities Let Hackers Gain Remote Access  Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC,… Go to gbhackers.com

Microsoft Confirms UAC Bug Disrupts App Installation on Windows 10 & 11 Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The… Go to gbhackers.com

US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits The U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers.  The officers are accused of… Go to gbhackers.com

Django Web Vulnerability Allows Attackers to Execute SQL Injection The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature. This flaw could allow attackers to run harmful… Go to gbhackers.com

Chinese APT Groups Exploit Router Flaws to Breach Enterprises Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router… Go to gbhackers.com

Empire Red Teaming Tool Updated With Enhanced Agents and API Support The BC-SECURITY team has released a major update to its flagship offensive security framework, Empire, introducing enhanced agent capabilities and comprehensive API support designed to… Go to gbhackers.com

MystRodX: Weaponizing DNS and ICMP for Data Theft A sophisticated backdoor, MystRodX, that exploits DNS and ICMP protocols to stealthily activate and exfiltrate data from compromised systems. Deployed via a dropper disguised… Go to gbhackers.com

Google Cloud & Cloudflare Missed 3-Year Phishing Campaign An industrial-scale phishing campaign exploiting Google Cloud and Cloudflare infrastructure operated in plain sight for more than three years, targeting Fortune 500 companies and… Go to gbhackers.com

New BruteForceAI Tool Automates Login Page Detection and Attacks A cutting-edge penetration testing tool called BruteForceAI has arrived, bringing automation and artificial intelligence to the art of login page detection and brute-force attacks. Designed for security… Go to gbhackers.com

CISA Alerts on Critical SunPower Vulnerability Allowing Full Device Takeover The Cybersecurity and Infrastructure Security Agency (CISA) yesterday issued a high-severity alert (ICSA-25-245-03) regarding a critical vulnerability in SunPower’s PVS6 solar inverter series that… Go to gbhackers.com

Prompt Injection Attacks Can Exploit AI-Powered Cybersecurity Tools Researchers have demonstrated that advanced prompt injection techniques can turn defensive AI agents into potent vectors for system compromise. The findings, detailed in a new… Go to gbhackers.com

Threat Hunting Guide Designed for SOC Analysts and MSSPs Proactive threat hunting has become an essential discipline for Security Operations Center (SOC) analysts and Managed Security Service Providers (MSSPs).  Traditional detection methods often miss… Go to gbhackers.com

Ukrainian Hackers Ramp Up Brute-Force and Password-Spraying Attacks on VPN and RDP Systems In mid-2025, a coalition of Ukraine-based autonomous systems orchestrated unprecedented brute-force and password-spraying campaigns against exposed SSL VPN and Remote Desktop Protocol (RDP) services,… Go to gbhackers.com

New WhatsApp Scam Poses Serious Risk: Hackers Can Hijack Your Chats Users of the popular messaging app WhatsApp are being targeted by a new, highly deceptive scam that grants attackers full access to victims’ contacts,… Go to gbhackers.com

Microsoft to Retire Popular Editor Extensions on Edge and Chrome Microsoft announced that its AI-powered Editor browser extensions for Microsoft Edge and Google Chrome will be retired effective October 31, 2025. With this move, the… Go to gbhackers.com

MediaTek Issues Security Update to Patch Multiple Chipset Flaws MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of critical and moderate vulnerabilities in its modem and system… Go to gbhackers.com

Hackers Register Domains to Target 2026 FIFA World Cup in Cyberattack A concerning surge in malicious domain registrations designed to exploit the upcoming 2026 FIFA World Cup, with threat actors already positioning themselves more than… Go to gbhackers.com

Salesforce Publishes Forensic Guide After Series of Cyberattacks Salesforce has published a comprehensive forensic investigation guide aimed at empowering organizations to detect, analyze, and remediate security incidents within their Salesforce environments. The new… Go to gbhackers.com

Fraudulent Scholarship Apps Target Students in “Defarud” Scam Campaign An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in Bangladesh. Disguised as applications from the Bangladesh Education Board,… Go to gbhackers.com

Hackers Exploit macOS Security Features to Spread Malware A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for malware distribution, according to recent security research. As macOS continues… Go to gbhackers.com

Google Urges 2.5B Gmail Users to Reset Passwords After Salesforce Breach A sophisticated voice phishing operation has emerged as a significant threat to organizations worldwide, with cybercriminals successfully infiltrating Salesforce environments to steal sensitive data… Go to gbhackers.com

Amazon Takes Down Russian APT29 Infrastructure Targeting Users Amazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service…. Go to gbhackers.com

Citrix 0-Day Flaw Under Active Exploitation Since May Security researcher Kevin Beaumont has revealed alarming details about CVE-2025-6543, a critical Citrix NetScaler vulnerability that was actively exploited as a zero-day attack for… Go to gbhackers.com

QNAP Flaw Allows Attackers to Bypass Authentication QNAP Systems has released security patches to address multiple vulnerabilities affecting QVR firmware in legacy VioStor Network Video Recorder (NVR) systems. The company disclosed… Go to gbhackers.com

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click… Go to gbhackers.com

Weaponized PDFs and LNK Files Used in Windows Attacks A clandestine campaign in which threat actors are weaponizing a legitimate-looking PDF document, titled “국가정보연구회 소식지 (52호)” (National Intelligence Research Society Newsletter – Issue… Go to gbhackers.com

Popular Nx Packages Compromised by Credential-Stealing Malware A widespread supply chain attack on the popular Nx build system has compromised dozens of high-traffic packages, exposing sensitive credentials and demonstrating a frighteningly… Go to gbhackers.com

Microsoft Teams Abused in Cyberattack Delivering PowerShell-Based Remote Access Malware In a concerning development for enterprise security, cybercriminals have begun exploiting Microsoft Teams—long trusted as an internal messaging and collaboration tool—to deliver PowerShell-based malware… Go to gbhackers.com

TransUnion Data Breach Compromises Over 4 Million Customers In a significant data breach disclosed by TransUnion LLC, more than 4.4 million consumers had sensitive personal information compromised in late July 2025. The… Go to gbhackers.com

DPRK Remote Work Tactics: Leveraging Code-Sharing Platforms DPRK IT workers have leveraged popular code-sharing platforms such as GitHub, CodeSandbox, and Medium to cultivate convincing developer portfolios and land remote positions under… Go to gbhackers.com

Threat Actors Use Facebook Ads to Deliver Android Malware Cybercriminals are increasingly turning their sights from desktop to mobile, exploiting Meta’s advertising platform to distribute a sophisticated Android banking trojan disguised as a… Go to gbhackers.com

Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks Cisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches that could allow attackers… Go to gbhackers.com

New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-depth analysis by cybersecurity… Go to gbhackers.com

First AI-Powered Ransomware “PromptLock” Uses OpenAI gpt-oss-20b for Encryption PromptLock, a novel ransomware strain discovered by the ESET Research team, marks the first known instance of malware harnessing a local large language model… Go to gbhackers.com

BadSuccessor After Patch: Using dMSAs for Credential Theft and Lateral Movement in AD Akamai researchers evaluated Microsoft’s patch for the BadSuccessor vulnerability (CVE-2025-53779) to determine its scope and limitations. While the update effectively blocks the original direct escalation… Go to gbhackers.com

Microsoft Unveils Storm-0501’s Cloud-Based Ransomware Deployment Tactics Microsoft Threat Intelligence has detailed the evolving tactics of the financially motivated threat actor Storm-0501, which has transitioned from traditional on-premises ransomware deployments to… Go to gbhackers.com

Spotify Launches Direct Messaging Feature Amid Security Concerns Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the move promises streamlined recommendations and… Go to gbhackers.com

Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS Nagios has addressed a significant cross-site scripting (XSS) vulnerability in its enterprise monitoring platform Nagios XI that could allow remote attackers to execute arbitrary… Go to gbhackers.com

Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated… Go to gbhackers.com

ShadowCaptcha Exploit: Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying… Go to gbhackers.com

IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection A critical vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi) allows authenticated administrators to inject persistent JavaScript code, leading to session hijacking, unauthorized actions,… Go to gbhackers.com

Users of WhatsApp Desktop on Windows Face Code Execution Risk Via Python A critical security risk has emerged for Windows users of WhatsApp Desktop who also have Python installed. Attackers can exploit a flaw in how WhatsApp… Go to gbhackers.com

Chinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade Detection Google Threat Intelligence Group (GTIG) has uncovered a multifaceted cyber espionage operation attributed to the PRC-nexus threat actor UNC6384, believed to be associated with… Go to gbhackers.com

Maryland Transportation Systems Disrupted Following Cyberattack Maryland’s transit network experienced widespread disruption this week after a sophisticated cyberattack targeted critical information systems, forcing the Maryland Transit Administration (MTA) and the… Go to gbhackers.com

X/Twitter Found to Be Most Aggressive Social Media App in Tracking User Location Data A comprehensive study examining the location data practices of the top 10 social media platforms has uncovered concerning patterns of user tracking that extend… Go to gbhackers.com

French Retailer Auchan Hit by Cyberattack, Customer Data Compromised French retail giant Auchan announced on August 21 that it fell victim to a cyberattack that resulted in the theft of loyalty account information belonging to several… Go to gbhackers.com

Threat Actors Exploit Windows Scheduled Tasks for Stealthy Persistence Without Additional Tools Threat actors continue to use Scheduled Tasks and other built-in Windows features to create persistence in the ever-changing world of cybersecurity threats, frequently avoiding… Go to gbhackers.com

Microsoft Confirms August 2025 Patch Slows Down Windows 11 24H2 and Windows 10 Microsoft has acknowledged that the August 2025 security update—KB5063878—can cause significant performance degradation on both Windows 11, version 24H2, and supported Windows 10 releases. The… Go to gbhackers.com

Chinese Hacker Sentenced for Kill Switch Attack on Ohio Firm’s Global Network A federal court has handed down a four-year prison term to a former software developer who sabotaged his employer’s global network with a custom… Go to gbhackers.com

Unmasking KorPlug Malware: TTPs, Control Flow, and Exposed IOCs As part of the ongoing analysis of the KorPlug malware family, this second installment focuses on the complex second-stage payload, expanding on earlier discoveries… Go to gbhackers.com

Hackers Abuse Python eval/exec Calls to Run Malicious Code Threat actors are increasingly abusing native evaluation and execution functions to conceal and execute malicious payloads within innocent-looking packages on PyPI. Security researchers warn that… Go to gbhackers.com

10 Best Network Monitoring Tools in 2025 The digital landscape in 2025 is more complex than ever, with organizations relying on intricate hybrid, cloud, and on-premises networks to power their operations…. Go to gbhackers.com

Hackers Hijack VPS Servers to Breach Software-as-a-Service Accounts Virtual Private Servers (VPS) have long served as versatile tools for developers and businesses, offering dedicated resources on shared physical hardware with enhanced control… Go to gbhackers.com

Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised… Go to gbhackers.com

Lumma Operators Deploy Cutting-Edge Evasion Tools to Maintain Stealth and Persistence Lumma infostealer affiliates’ complex operating framework was revealed by Insikt Group in a ground-breaking report published on August 22, 2025, underscoring their reliance on… Go to gbhackers.com

BQTLOCK Ransomware-as-a-Service Emerges, Boasting Sophisticated Evasion Tactics Ransomware-as-a-Service (RaaS) models continue to democratize sophisticated attacks in the ever-changing world of cybercrime by allowing affiliates with little technical know-how to distribute ransomware… Go to gbhackers.com

ClickFix Exploit Emerges: Microsoft Flags Cross-Platform Attacks Targeting Windows and macOS Microsoft Threat Intelligence has spotlighted the escalating adoption of the ClickFix social engineering technique, a sophisticated method that manipulates users into executing malicious commands… Go to gbhackers.com

Hackers Target Phones of Military-Linked Individuals in South Asia Using New Spy Tools Cyber threat actors have launched sophisticated phishing operations aimed at military and government personnel in South Asia, leveraging defense-related lures to distribute malicious archives… Go to gbhackers.com

Malicious PDFs in Play: UAC-0057 Leveraging Invitations to Trigger Shell Script Attacks The Belarusian-affiliated threat actor UAC-0057, also known as UNC1151, FrostyNeighbor, or Ghostwriter, has been using weaponized archives that contain phony PDFs that are posing… Go to gbhackers.com

Stealth Threat Unpacked: Weaponized RAR Files Deliver VShell Backdoor on Linux Systems Trellix Advanced Research Center has exposed an infection chain that weaponises nothing more than a filename to compromise Linux hosts. A spam message masquerading as… Go to gbhackers.com

Azure Default API Connection Flaw Enables Full Cross-Tenant Compromise A critical security vulnerability in Microsoft Azure’s API Connection architecture has been discovered that could allow attackers to completely compromise resources across different tenant… Go to gbhackers.com

Colt Confirms Ransomware Attack Resulted in Customer Data Theft Industrial technology company Colt has confirmed that a recent ransomware attack on its business support systems resulted in the theft of customer data, marking… Go to gbhackers.com

UNC5518 Group Hacks Legitimate Sites with Fake Captcha to Deliver Malware The financially motivated threat group UNC5518 has been infiltrating trustworthy websites to install ClickFix lures, which are misleading phony CAPTCHA pages, as part of… Go to gbhackers.com

MITM6 + NTLM Relay Attack Enables Full Domain Compromise Cybersecurity researchers are highlighting a dangerous attack technique that combines rogue IPv6 configuration with NTLM credential relay to achieve complete Active Directory domain compromise,… Go to gbhackers.com

New Campaign Uses Active Directory Federation Services to Steal M365 Credentials Researchers at Push Security have discovered a new phishing campaign that targets Microsoft 365 (M365) systems and uses Active Directory Federation Services (ADFS) to… Go to gbhackers.com

QUIC-LEAK Vulnerability Allows Attackers to Drain Server Memory and Cause DoS Security researchers at Imperva have disclosed a critical pre-handshake memory exhaustion vulnerability in the widely-used LSQUIC QUIC implementation that enables remote attackers to crash… Go to gbhackers.com

22-year-old Operator of ‘Rapper Bot’ Botnet Charged for Launching 3 Tbps DDoS Attack Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant… Go to gbhackers.com

Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts on corporate systems and… Go to gbhackers.com

Microsoft Issues Emergency Patch for Windows Reset and Recovery Bug Microsoft has released an emergency out-of-band security update to address a critical issue affecting Windows reset and recovery operations across multiple versions of the… Go to gbhackers.com

Kubernetes Capsule Vulnerability Enables Attackers to Inject Arbitrary Labels Security researchers have disclosed a critical vulnerability in Kubernetes Capsule v0.10.3 and earlier versions that allows authenticated tenant users to inject arbitrary labels into… Go to gbhackers.com

Hackers Exploit Apache ActiveMQ Flaw to Breach Cloud Linux Servers Cybersecurity researchers have uncovered a sophisticated attack campaign where hackers exploiting a critical Apache ActiveMQ vulnerability are taking the unusual step of patching the… Go to gbhackers.com

CodeRabbit RCE Flaw Gives Attackers Write Access to 1M Repositories A critical remote code execution vulnerability in CodeRabbit, one of GitHub’s most popular AI-powered code review tools, could have allowed attackers to gain read… Go to gbhackers.com

Microsoft Defender AI Can Detect Plaintext Credentials in Active Directory Microsoft has unveiled a new AI-powered security capability that addresses one of cybersecurity’s most persistent vulnerabilities: plaintext credentials stored in Active Directory systems. The enhanced… Go to gbhackers.com

PyPI Blocks Expired Domain Access to Prevent Resurrection Attacks The Python Package Index (PyPI) has implemented new security measures to protect against domain resurrection attacks, a sophisticated supply-chain threat where attackers purchase expired… Go to gbhackers.com

Lockbit Linux ESXi Ransomware Variant Reveals Evasion Techniques and File Encryption Process A recent reverse engineering analysis of a Lockbit ransomware variant targeting Linux-based ESXi servers has uncovered several sophisticated evasion techniques and operational details. The… Go to gbhackers.com

Malicious npm Packages Target Crypto Developers to Steal Login Credentials A sophisticated threat campaign dubbed “Solana-Scan” has emerged, deploying malicious npm packages aimed at infiltrating the Solana cryptocurrency ecosystem. Identified by the Safety research… Go to gbhackers.com

PipeMagic Malware Imitates ChatGPT App to Exploit Windows Vulnerability and Deploy Ransomware The PipeMagic malware, which is credited to the financially motivated threat actor Storm-2460, is a remarkable illustration of how cyber dangers are always changing…. Go to gbhackers.com

PoC Released for Fortinet FortiSIEM Command Injection Flaw Security researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise enterprise security monitoring systems… Go to gbhackers.com

Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed… Go to gbhackers.com

Chinese Hackers Exploit Web Hosting Infrastructure for Cyberattacks Cisco Talos researchers have uncovered a sophisticated Chinese-speaking advanced persistent threat (APT) group, designated UAT-7237, that has been actively targeting web hosting infrastructure in… Go to gbhackers.com