Tag: gbhackers

Malware Campaign Uses YouTube and Discord to Harvest Credentials from Computers The Acronis Threat Research Unit (TRU) has uncovered a sophisticated malware campaign deploying infostealers like Leet Stealer, its modified variant RMC Stealer, and Sniffer… Go to gbhackers.com

Researchers Exploit Cursor Background Agents to Take Over Amazon EC2 Instance Security researchers have successfully exploited vulnerabilities in Cursor’s Background Agents to gain unauthorized access to an Amazon EC2 instance, demonstrating critical risks associated with… Go to gbhackers.com

AI-Driven Wi-Fi Biometrics WhoFi Tracks Humans Behind Walls with 95.5% Accuracy Researchers have introduced WhoFi, an AI-powered deep learning pipeline that leverages Wi-Fi Channel State Information (CSI) for person re-identification (Re-ID), achieving a remarkable 95.5%… Go to gbhackers.com

Chinese Hackers Launch Targeted Campaign to Infect Windows Systems with Ghost RAT and PhantomNet… Zscaler ThreatLabz, in collaboration with TibCERT, has uncovered two linked attack campaigns dubbed Operation GhostChat and Operation PhantomPrayers, attributed with high confidence to a… Go to gbhackers.com

Google Introduces OSS Rebuild to Boost Security in Open-Source Package Ecosystems Google has unveiled OSS Rebuild, a pioneering project designed to enhance trust in package registries by independently reproducing upstream artifacts. This initiative targets the escalating… Go to gbhackers.com

Metasploit Module Released to Exploit SharePoint 0-Day Vulnerabilities Security researchers have released a Metasploit exploitation module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server, marking a significant escalation in the threat landscape… Go to gbhackers.com

Coyote Malware Targets WILS, Abusing Microsoft UI Automation to Exfiltrate Logins Akamai security researchers have uncovered a novel variant of the Coyote banking trojan that marks the inaugural documented instance of malicious actors exploiting Microsoft’s… Go to gbhackers.com

Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network intrusions, persistence, lateral movement,… Go to gbhackers.com

CISA Alerts on Chinese Hackers Actively Exploiting SharePoint 0-Day The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of critical SharePoint vulnerabilities by threat actors, with security… Go to gbhackers.com

Windows 11 Introduces Black Screen of Death and Auto Recovery Microsoft has unveiled significant updates to Windows 11’s system recovery capabilities, introducing a redesigned “Black Screen of Death” interface alongside new automated recovery features… Go to gbhackers.com

Researchers Expose Russia’s Most Secretive FSB Spy Network Researchers have pierced the veil of secrecy surrounding the Federal Security Service’s (FSB) 16th Center, a unit inheriting the Soviet KGB’s primary signals intelligence… Go to gbhackers.com

Dark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card Data Dark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty… Go to gbhackers.com

Cybercriminals Merge Android Malware with Click Fraud Apps to Harvest Credentials Researchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package… Go to gbhackers.com

wolfSSL Security Update Addresses Apple Trust Store Bypass wolfSSL has released version 5.8.2 to address several critical security vulnerabilities, with the most significant being a high-severity Apple trust store bypass flaw that… Go to gbhackers.com

Cybercriminals from GLOBAL GROUP Target All Platforms with Golang Ransomware A notorious ransomware actor known by the alias $$$ has unveiled GLOBAL GROUP, positioning it as a cutting-edge Ransomware-as-a-Service (RaaS) operation. Promising automated negotiations, cross-platform… Go to gbhackers.com

Financial Institutions Under Siege by Greedy Sponge Hackers’ Modified AllaKore RAT A financially motivated threat actor, now identified as Greedy Sponge, has been relentlessly targeting Mexican organizations with a customized version of the AllaKore Remote… Go to gbhackers.com

CoinDCX Hack Leads to $44.2 Million Loss Major Indian cryptocurrency exchange CoinDCX has confirmed a significant security breach that resulted in approximately $44 million in losses, though company executives maintain that… Go to gbhackers.com

Microsoft AppLocker Flaw Lets Malicious Apps Bypass Security Restrictions Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to… Go to gbhackers.com

Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked… Go to gbhackers.com

CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is… Go to gbhackers.com

7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems A critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive files. The vulnerability, tracked as… Go to gbhackers.com

Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily during Chinese time zone… Go to gbhackers.com

New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise… Go to gbhackers.com

Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens, login credentials, cryptocurrency wallet… Go to gbhackers.com

New Surge of Crypto-Jacking Hits Over 3,500 Websites Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a startling return to crypto-jacking… Go to gbhackers.com

Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and… Go to gbhackers.com

Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware including MDifyLoader and Cobalt Strike… Go to gbhackers.com

Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged… Go to gbhackers.com

Lenovo Protection Driver Flaw Enables Privilege Escalation and Code Execution A critical security vulnerability has been discovered in Lenovo’s protection driver software, affecting millions of users across desktop and laptop systems. The flaw, identified as… Go to gbhackers.com

Microsoft Uncovers Scattered Spider Tactics, Techniques, and Procedures in Recent Attacks Microsoft has shed light on the sophisticated operations of Octo Tempest, a financially motivated cybercriminal group alternatively known as Scattered Spider, Muddled Libra, UNC3944,… Go to gbhackers.com

WAFFLED: New Technique Targets Web Application Firewall Weaknesses Cybersecurity researchers at Northeastern University and Dartmouth College have unveiled a groundbreaking attack technique that exploits fundamental parsing discrepancies in Web Application Firewalls (WAFs),… Go to gbhackers.com

Iranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Researchers and Academics Iranian state-backed Advanced Persistent Threat (APT) groups and their hacktivist allies have stepped up operations that could spark worldwide cyber retaliation in the wake… Go to gbhackers.com

Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity… Go to gbhackers.com

Threat Actors Deploy 28+ Malicious Packages to Spread Protestware Scripts Socket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major… Go to gbhackers.com

PyPI Blocks Inbox.ru Domains After 1,500+ Fake Package Uploads The Python Package Index (PyPI) has implemented an administrative block on the inbox.ru email domain, prohibiting its use for new user registrations and as… Go to gbhackers.com

Critical SharePoint RCE Vulnerability Exploited via Malicious XML in Web Part A severe remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint that allows attackers to execute arbitrary code through malicious XML content… Go to gbhackers.com

Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and… Go to gbhackers.com

Email Filters Defeated by Polyglot File Trick Used in Malware Campaigns Attackers are increasingly using advanced disguising techniques, such polyglot files, to get around email filters and successfully send phishing payloads in the constantly changing… Go to gbhackers.com

Hackers Launched Massive DDoS Attack with 7.3 Tbps and 4.8 Billion Packets Per Second Cloudflare’s latest DDoS Threat Report for the second quarter of 2025 reveals that the company autonomously mitigated the largest-ever recorded distributed denial-of-service (DDoS) attacks,… Go to gbhackers.com

Command-Line Editor Vim Hit by Vulnerability Allowing File Overwrites A critical security vulnerability has been discovered in Vim, the popular open-source command-line text editor, that could allow attackers to overwrite arbitrary files on… Go to gbhackers.com

Hackers Exploit Ivanti and Fortinet VPN Vulnerabilities in Attacks on Japanese Companies Cyber espionage campaigns against Japanese companies have increased in fiscal year 2024, which runs from April 2024 to March 2025, according to a thorough… Go to gbhackers.com

LaRecipe Tool with 2.3M Downloads Found Vulnerable to Full Server Takeover A critical security vulnerability has been discovered in LaRecipe, a popular Laravel documentation package with over 2.3 million downloads, that could allow attackers to… Go to gbhackers.com

North Korean Hackers Exploit Zoom Invites in Attacks on Crypto Companies Cybersecurity firm SentinelOne has exposed an ongoing malware campaign orchestrated by North Korean threat actors, known for their persistent “fake interview” scams. This operation… Go to gbhackers.com

British Citizen Sentenced for Islamophobic WiFi Hack at UK Train Stations John Andreas Wik, a 37-year-old resident of Limes Road in Beckenham, has been handed a 24-month prison sentence, suspended for two years, after admitting… Go to gbhackers.com

MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems The MITRE Corporation has unveiled its comprehensive AADAPT™ framework (Adversarial Actions in Digital Asset Payment Technologies), a specialized knowledge base designed to catalog and… Go to gbhackers.com

Apache Tomcat Coyote Flaw Allows Attackers to Launch DoS Attacks The Apache Software Foundation has revealed a vulnerability in the Tomcat Coyote module, specifically within the Maven artifact org.apache.tomcat:tomcat-coyote, that could enable malicious actors… Go to gbhackers.com

New Forensic Method Reveals Hidden Traces of RDP Exploits by Hackers Cybersecurity researchers have unveiled advanced techniques for tracking attackers who use Remote Desktop Protocol (RDP) to move laterally through compromised networks, turning the very… Go to gbhackers.com

Weaponized Games: Threat Actors Target Gen Z Gamers Through Popular Titles Kaspersky security researchers have discovered sophisticated threat actor activities that take advantage of the digitally native Gen Z population, which was born between 1997… Go to gbhackers.com

Hackers Weaponize Compiled HTML Help to Deliver Malicious Payload Threat actors have exploited Microsoft Compiled HTML Help (CHM) files to distribute malware, with a notable sample named deklaracja.chm uploaded to VirusTotal from Poland. This… Go to gbhackers.com

Louis Vuitton Suffers Data Breach—Customer Information Stolen Luxury fashion house Louis Vuitton has confirmed that customer data from its UK operations was compromised in a cyber-attack, marking the latest in a… Go to gbhackers.com

RenderShock 0-Click Exploit Executes Payloads Silently via Background Process A new class of cyberattack called RenderShock has been identified that can compromise enterprise systems without requiring any user interaction, exploiting the very productivity… Go to gbhackers.com

Fortinet FortiWeb Fabric Connector Flaw Enables Remote Code Execution Security researchers have identified a severe pre-authentication SQL injection vulnerability in Fortinet’s FortiWeb Fabric Connector, designated as CVE-2025-25257, that allows unauthenticated attackers to execute… Go to gbhackers.com

DPC Investigates TikTok Over Transfer of EU User Data to China The Data Protection Commission (DPC) has launched a formal inquiry into TikTok Technology Limited, scrutinizing the company’s practices regarding the transfer and storage of… Go to gbhackers.com

COMmander: Network-Based Tool for COM and RPC Exploitation The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges as a lightweight, C#-based utility… Go to gbhackers.com

Researchers Bypass Meta’s Llama Firewall Using Prompt Injection Vulnerabilities Researchers at Trendyol, a leading e-commerce platform, have uncovered multiple vulnerabilities in Meta’s Llama Firewall, a suite of tools designed to safeguard large language… Go to gbhackers.com

Fake Gaming and AI Companies Target Windows and macOS Users with Drainer Malware Attacks The cybersecurity company Darktrace has uncovered a persistent, intricate social engineering campaign that targets bitcoin users, building on earlier findings by Cado Security Labs… Go to gbhackers.com

SLOW#TEMPEST Hackers Adopt New Evasion Tactics to Bypass Detection Systems Security researchers have uncovered a sophisticated evolution in the SLOW#TEMPEST malware campaign, where threat actors are deploying innovative obfuscation methods to evade detection and… Go to gbhackers.com

Qilin Leads in Exploiting Unpatched Fortinet Vulnerabilities The Qilin group has surged to prominence by aggressively exploiting critical vulnerabilities in Fortinet devices, underscoring a broader trend of sophisticated cyber extortion tactics… Go to gbhackers.com

Arkana Ransomware Gang Claims Theft of 2.2 Million Customer Records The Arkana ransomware group burst onto the cybercrime scene with a high-profile attack on WideOpenWest (WOW!), a prominent U.S. internet service provider, in late… Go to gbhackers.com

Mis-scoped AWS Organizations Policy Allowed Hackers to Seize Full Control of AWS Environment Security professionals have uncovered serious vulnerabilities in AWS Organizations in a ground-breaking study by Cymulate Research Labs that might allow attackers to switch between… Go to gbhackers.com

Infostealers Targeting macOS Users in Active Campaigns to Steal Sensitive Data MacOS infostealers are becoming a powerful and underappreciated method of data exfiltration in a world where Windows-centric threats predominate. They act as predecessors to… Go to gbhackers.com

Wing FTP Server RCE Vulnerability Under Active Exploitation Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first… Go to gbhackers.com

CISA Alerts on Active Exploits Targeting Citrix NetScaler ADC and Gateway Flaw The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC… Go to gbhackers.com

CISA Issues 13 New Advisories on Industrial Control System Vulnerabilities and Exploits The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen new Industrial Control Systems (ICS) advisories, spotlighting a range of security vulnerabilities and potential exploits… Go to gbhackers.com

IT Giant Ingram Micro Restores Operations After Ransomware Attack Ingram Micro Holding Corporation (NYSE: INGM), a global leader in IT distribution and technology solutions, has announced that it has successfully restored operations across… Go to gbhackers.com

New eSIM Hack Allows Attackers to Clone Your eSIM Profile A critical vulnerability has been identified in the GSMA TS.48 Generic Test Profile versions 6.0 and earlier, which are widely used across the eSIM… Go to gbhackers.com

Four Hackers Arrested by UK Police After Attacks on M&S Co‑op and Harrods UK law enforcement authorities have made significant progress in their investigation into cyber attacks targeting some of Britain’s most prominent retailers, with four individuals… Go to gbhackers.com

ServiceNow Platform Vulnerability Enables Attackers to Exfiltrate Sensitive Data Security researchers have identified a critical vulnerability in ServiceNow’s widely-used enterprise platform that could enable attackers to extract sensitive data including personally identifiable information… Go to gbhackers.com

CISA Warns ValveLink Products May Expose Sensitive System Information The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning that multiple vulnerabilities in Emerson ValveLink Products could allow attackers… Go to gbhackers.com

Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed “PerfektBlue” that affect millions of vehicles and other devices using OpenSynergy’s BlueSDK framework. The… Go to gbhackers.com

Brave Browser For Android via F‑Droid: Now Fully Available Brave has taken a significant step toward empowering privacy-conscious Android users by making its browser fully available through its own F-Droid repository, providing an… Go to gbhackers.com

XwormRAT Hackers Leverage Code Injection for Sophisticated Malware Deployment A sophisticated new distribution method for XwormRAT malware that leverages steganography techniques to hide malicious code within legitimate files. This discovery highlights the evolving… Go to gbhackers.com

Anatsa Android Banking Malware Targets Users in the U.S. and Canada via Google Play A sophisticated new campaign involving the Anatsa Android banking trojan, marking its third major offensive against mobile banking customers in the United States and… Go to gbhackers.com

Windows BitLocker Vulnerability Lets Attackers Bypass Security Protections Microsoft has disclosed a significant security vulnerability in Windows BitLocker that allows attackers to bypass critical security protections through a physical attack vector. The vulnerability,… Go to gbhackers.com

Splunk SOAR Addresses Vulnerabilities in Third-Party Packages – Update Now Splunk has published a critical security advisory revealing that its Security Orchestration, Automation and Response (SOAR) platform was shipping vulnerable versions of more than… Go to gbhackers.com

Splunk Enterprise Addresses Vulnerabilities in Bundled Third-Party Packages – Update Now Splunk has released critical security updates for its Enterprise platform, addressing multiple vulnerabilities in bundled third-party packages across several product versions. The company issued Advisory… Go to gbhackers.com

Atomic macOS Info-Stealer Updated with New Backdoor for Persistent Access The Atomic macOS Stealer (AMOS), a notorious piece of info-stealing malware targeting Apple users, has undergone a significant update, introducing an embedded backdoor for… Go to gbhackers.com

DNN Vulnerability Exposes NTLM Credentials via Unicode Normalization Bypass Security researchers have discovered a critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems, that allows attackers to steal… Go to gbhackers.com

SAP July 2025 Patch Day: Fixes for 27 Flaws, Including 7 Critical SAP released critical security updates on July 8, 2025, addressing 27 vulnerabilities across its enterprise software portfolio, with seven classified as critical-severity flaws. The monthly… Go to gbhackers.com

Call of Duty Gamers Hacked via RCE Exploit Allowing Player-to-Player Attacks The Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after numerous allegations of a… Go to gbhackers.com

NordDragonScan Targets Windows Users to Steal Login Credentials FortiGuard Labs has discovered a current campaign that targets Microsoft Windows users with the NordDragonScan infostealer, which is a worrying trend for cybersecurity. This high-severity… Go to gbhackers.com

Threat Actors Use AV/EDR Evasion Framework in the Wild to Deploy Malware Payloads Elastic Security Labs has uncovered multiple campaigns leveraging SHELLTER, a commercial AV/EDR evasion framework originally designed for offensive security evaluations by red teams. Since late… Go to gbhackers.com

Microsoft to Remove PowerShell 2.0 from Windows 11 Due to Security Risks Microsoft has announced a significant change for Windows 11 users: the removal of Windows PowerShell 2.0, a legacy scripting platform, from upcoming builds. This move,… Go to gbhackers.com

Qwizzserial Android Malware Masquerades as Legit Apps to Steal Banking Data and Intercept 2FA… A new and alarming Android malware family, dubbed Qwizzserial, has emerged as a significant threat, particularly targeting users in Uzbekistan. Discovered by Group-IB in… Go to gbhackers.com

Windows Update Revamped with Smarter Interface for Security Notifications Microsoft has announced a significant update to the Windows Update experience, introducing a smarter and more responsive interface designed to keep users better informed… Go to gbhackers.com

RingReaper: New Linux EDR Evasion Tool Exploits io_uring Kernel Feature A new tool named RingReaper is raising eyebrows among defenders and red teamers alike. By leveraging the legitimate, high-performance Linux kernel feature known as io_uring,… Go to gbhackers.com

Malicious SEO Plugins on WordPress Can Lead to Site Takeover A new wave of cyberattacks is targeting WordPress websites through malicious SEO plugins that can lead to complete site takeover. Security analysts have uncovered sophisticated… Go to gbhackers.com

Apache APISIX Vulnerability Enables Cross-Issuer Access Under Misconfigurations A newly disclosed vulnerability, CVE-2025-46647, has been identified in the openid-connect plugin of Apache APISIX, a widely used open-source API gateway. This flaw, rated as important, could… Go to gbhackers.com

Instagram Now Rotating TLS Certificates Daily with 1-Week Validity Instagram has begun rotating its TLS certificates on a daily basis, with each certificate valid for just over a week. This approach, which goes far… Go to gbhackers.com

SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s research reveals that Browser… Go to gbhackers.com

Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially motivated cybercriminal group since… Go to gbhackers.com

Next.js Vulnerability Allows Attackers to Trigger DoS via Cache Poisoning A critical vulnerability, tracked as CVE-2025-49826, has been discovered and addressed in the popular React-based web framework, Next.js. The flaw, present in versions >=15.1.0 and Go to gbhackers.com

Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles for malicious payloads. Originally designed… Go to gbhackers.com

Writable File in Lenovo Path Lets Attackers Evade AppLocker Restrictions A security researcher has uncovered a significant vulnerability affecting Lenovo computers: a writable file within the Windows directory that can be exploited to bypass… Go to gbhackers.com

Researchers Discover New Method to Identify Azure Arc in Enterprise Environments and Maintain Persistence Security researchers have discovered novel ways to identify and take advantage of Microsoft Azure Arc in business settings, which is a major advancement in… Go to gbhackers.com

Critical HIKVISION applyCT Flaw Allows Remote Code Execution A newly disclosed vulnerability, tracked as CVE-2025-34067, has been identified in HIKVISION’s widely deployed security management platform, applyCT (also known as HikCentral).  This critical flaw allows… Go to gbhackers.com

Microsoft to Lay Off 9,000 Employees, Affecting 4% of Workforce Microsoft announced that it will lay off approximately 9,000 employees worldwide, representing nearly 4% of its global workforce of 228,000 as of June 2024. This… Go to gbhackers.com

AI Tools Like GPT, Perplexity Misleading Users to Phishing Sites A new wave of cyber risk is emerging as AI-powered tools like ChatGPT and Perplexity become default search and answer engines for millions. Recent research… Go to gbhackers.com

Anthropic MCP Server Flaw Allows Sandbox Escape and Code Execution Two newly disclosed vulnerabilities in Anthropic’s Filesystem Model Context Protocol (MCP) Server—CVE-2025-53110 and CVE-2025-53109—have exposed AI-powered environments to severe risks, including sandbox escapes, unauthorized file access,… Go to gbhackers.com

Ransomware Attacks on Organizations Surge 213% in Q1 of 2025 Ransomware assaults on businesses around the world have increased by 213% in the first quarter of 2025, with 2,314 victims reported over 74 distinct… Go to gbhackers.com