Tag: gbhackers

Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks A shadowy group known as Keymous+ has emerged as a formidable force in the cyber landscape, claiming responsibility for over 700 Distributed Denial of… Go to gbhackers.com

International Criminal Court Hacked via Sophisticated Cyber Campaign The International Criminal Court (ICC), the global tribunal responsible for prosecuting serious international crimes, has been targeted by a sophisticated and highly focused cyberattack… Go to gbhackers.com

CISA Issues Alert on TeleMessage TM SGNL Flaws Actively Exploited The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert after adding two newly discovered vulnerabilities in the TeleMessage TM SGNL… Go to gbhackers.com

DCRat Targets Windows Systems for Remote Control, Keylogging, Screen Capture, and Data Theft A sophisticated email-based attack distributing a Remote Access Trojan (RAT) known as DCRat has been recently identified by the FortiMail IR team, specifically targeting… Go to gbhackers.com

Bots Now Account for 30% of Global Web Traffic, Surpassing Human Activity in Some… The Internet, once dominated by human interaction, is undergoing a seismic shift as bots now constitute approximately 30% of global web traffic, according to… Go to gbhackers.com

Microsoft Intune Update Wipes Custom Security Baseline Tweaks – Admins Alerted Microsoft has confirmed a significant issue affecting its Intune security baseline update process, causing concern among IT administrators worldwide. The problem, acknowledged by Microsoft in… Go to gbhackers.com

Stealthy WordPress Malware Uses PHP Backdoor to Deliver Windows Trojan A sophisticated malware campaign targeting WordPress websites has recently been uncovered, showcasing an intricate and stealthy approach to delivering a Windows-based trojan. This attack,… Go to gbhackers.com

Linux 6.16-rc4 Launches Out With Filesystem, Driver, and Hardware Fixes Linus Torvalds has officially announced the release of Linux 6.16-rc4, marking the halfway point in the development cycle for the upcoming 6.16 kernel. Despite a notably… Go to gbhackers.com

New C4 Bomb Attack Breaks Through Chrome’s AppBound Cookie Protections Cybersecurity researchers have unveiled a new attack—dubbed the “C4 Bomb” (Chrome Cookie Cipher Cracker)—that successfully bypasses Google Chrome’s much-touted AppBound Cookie Encryption. This breakthrough exposes… Go to gbhackers.com

Blind Eagle Hackers Leverage Open-Source RATs and Ciphers to Evade Static Detection Trustwave SpiderLabs has uncovered a chilling cyber threat targeting Latin American organizations, particularly in the financial sector, with a focus on Colombian institutions. The… Go to gbhackers.com

North Korean IT Workers Employ New Tactics to Infiltrate Global Organizations Microsoft Threat Intelligence has uncovered a sophisticated operation by North Korean remote IT workers who are leveraging cutting-edge artificial intelligence (AI) tools to infiltrate… Go to gbhackers.com

RIFT: Open-Source Rust Malware Analyzer Released by Microsoft As cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new… Go to gbhackers.com

Critical D-Link Router Flaws Allow Remote Code Execution by Attackers A series of critical security vulnerabilities have been identified in D-Link DIR-816 routers, exposing users worldwide to the risk of remote code execution and… Go to gbhackers.com

Scattered Spider Targets Tech Companies with Phishing Frameworks like Evilginx and Social Engineering Tactics The notorious hacking collective Scattered Spider, also known as UNC3944 or Octo Tempest, has emerged as a formidable threat to high-value industries, with a… Go to gbhackers.com

Threat Actors Impersonate WPS Office and DeepSeek to Spread Sainbox RAT A malicious campaign has emerged, targeting Chinese-speaking users through fake installers of popular software such as WPS Office, Sogou, and DeepSeek. This operation, attributed with… Go to gbhackers.com

Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers Ahold Delhaize USA Services, LLC, a major grocery retail operator, has confirmed a significant data breach that compromised the personal information of over 2.2… Go to gbhackers.com

Beware of Trending TikTok Videos Promoting Pirated Apps That Deliver Stealer Malware A sophisticated social engineering campaign has surfaced on TikTok, leveraging the platform’s massive user base and algorithmic reach to distribute information-stealing malware, specifically Vidar… Go to gbhackers.com

Weaponized DeepSeek Installers Deploy Sainbox RAT and Hidden Rootkit Netskope Threat Labs has uncovered a malicious campaign exploiting fake software installers, including those mimicking popular tools like DeepSeek, Sogou, and WPS Office, to… Go to gbhackers.com

Cybercriminals Exploit CapCut Popularity to Steal Apple ID Credentials and Credit Card Data Threat actors have capitalized on the immense popularity of CapCut, the leading short-form video editing app, to orchestrate a highly deceptive phishing campaign. According to… Go to gbhackers.com

Malicious Passlib Python Package Triggers Windows Shutdowns with Invalid Inputs A deceptive and destructive Python package named psslib, uncovered by Socket’s Threat Research Team, poses a severe risk to developers by masquerading as a… Go to gbhackers.com

Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials A sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting macOS users through a deceptive method known as Clickfix tactics. This campaign leverages typosquatted… Go to gbhackers.com

ClickFix Attacks Soar by 500%: Hackers Intensify Use of This Manipulative Technique to Deceive… A novel social engineering technique dubbed “ClickFix” has surged by an alarming 517% between the second half of 2024 and the first half of… Go to gbhackers.com

APT-C-36 Hackers Launching Cyberattacks on Government Entities, Financial Sectors, and Critical Systems The cyber threat group APT-C-36, widely known as Blind Eagle, has been orchestrating sophisticated cyberattacks targeting a range of sectors across Latin America, with… Go to gbhackers.com

Windows Says Goodbye to Blue Screen of Death, Introduces Black Screen After nearly four decades as a symbol of frustration and failure for PC users worldwide, Microsoft is officially retiring the iconic Blue Screen of… Go to gbhackers.com

Mitsubishi Electric AC Flaw Lets Hackers Remotely Control Systems A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected… Go to gbhackers.com

Pre-Auth Flaw in MongoDB Server Allows Attackers to Cause DoS A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input validation in OIDC authentication. The… Go to gbhackers.com

HPE OneView for VMware vCenter Vulnerability Allows Elevated Access Hewlett Packard Enterprise (HPE) has issued a critical security bulletin warning customers of a significant vulnerability in its OneView for VMware vCenter (OV4VC) software. The… Go to gbhackers.com

Iranian Spear-Phishing Attack Impersonates Google, Outlook, and Yahoo Domains Check Point Research has uncovered a renewed global spear-phishing campaign orchestrated by the Iranian threat actor Educated Manticore, also known as APT42, Charming Kitten,… Go to gbhackers.com

Chinese Hackers Deploy Pubload Malware Using Tibetan Community Lures and Weaponized Filenames IBM X-Force researchers have uncovered a series of targeted cyberattacks orchestrated by the China-aligned threat actor Hive0154. Throughout 2025, this group has been deploying the… Go to gbhackers.com

US University Targeted by Androxgh0st Botnet Operators for C2 Logger Hosting CloudSEK’s TRIAD team has made the shocking discovery that the Androxgh0st botnet is a persistent and dynamic cyberthreat. It has targeted a subdomain of the… Go to gbhackers.com

Cybercriminals Use TeamFiltration Pentesting Framework to Breach Microsoft Teams, OneDrive, Outlook, and More Proofpoint threat researchers have exposed an active account takeover (ATO) campaign, dubbed UNK_SneakyStrike, exploiting the TeamFiltration pentesting framework to target Microsoft Entra ID user… Go to gbhackers.com

Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization A critical security vulnerability (CVE-2025-4563) in Kubernetes allows nodes to bypass authorization checks for dynamic resource allocation, potentially enabling privilege escalation in affected clusters. The… Go to gbhackers.com

NetNerve: AI-Powered Tool for Deep PCAP Threat Detection As cyber threats evolve in sophistication and volume, traditional packet capture (PCAP) analysis tools are struggling to keep pace. Enter NetNerve, an AI-powered platform designed… Go to gbhackers.com

Akamai Reveals New Strategies for Defenders to Combat Cryptominer Attacks Akamai has unveiled two proactive strategies to disrupt malicious cryptominer operations, as detailed in the final installment of their Cryptominers’ Anatomy blog series. These techniques… Go to gbhackers.com

APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications The Trellix Advanced Research Center has exposed a highly sophisticated Advanced Persistent Threat (APT) malware campaign dubbed “OneClik,” specifically targeting the energy, oil, and… Go to gbhackers.com

Google Plans to Remove Chrome’s Tab Scrolling Feature Google has decided to deprecate the “Tab Scrolling” feature in its Chrome browser, marking the end of a tool that many users relied on… Go to gbhackers.com

OPPO Clone Phone Vulnerability Leaks Sensitive Data via Weak WiFi Hotspot A newly disclosed security vulnerability in OPPO’s widely used Clone Phone app has raised significant concerns over user privacy, as it exposes sensitive data… Go to gbhackers.com

DHS Warns of Pro-Iranian Hacktivists Targeting U.S. Networks The Department of Homeland Security (DHS) has raised alarms over an increasing wave of low-level cyberattacks targeting U.S. networks, orchestrated by pro-Iranian hacktivist groups. This… Go to gbhackers.com

North Korean Hackers Use Malicious Zoom Apps to Execute System-Takeover Attacks Cybersecurity researchers and targeted individuals have reported a highly sophisticated scam orchestrated by suspected North Korean hackers. This attack, disguised as a legitimate Zoom… Go to gbhackers.com

LapDogs Hackers Compromise 1,000 SOHO Devices Using Custom Backdoor for Stealthy Attacks Security researchers at SecurityScorecard have uncovered a sprawling cyber-espionage campaign orchestrated by the LapDogs Operational Relay Box (ORB) Network, a sophisticated infrastructure compromising over… Go to gbhackers.com

Advanced Malware Campaign Targets WordPress and WooCommerce Sites with Hidden Skimmers The Wordfence Threat Intelligence Team uncovered a sophisticated malware campaign during a routine site cleanup, revealing a family of malicious code targeting WordPress and… Go to gbhackers.com

Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Dark Web Forums A threat actor has reportedly put up for sale a previously unknown, or “zero-day,” exploit targeting Intelbras routers on dark web forums, raising significant… Go to gbhackers.com

Microsoft Family Safety Now Blocking All Versions of Google Chrome In a development that has left students, parents, and educators frustrated, Microsoft’s Family Safety feature is now blocking all versions of Google Chrome from… Go to gbhackers.com

Former JBLM Soldier Admits Attempting to Leak U.S. Military Network Details to China  A former U.S. Army sergeant who served at Joint Base Lewis-McChord (JBLM) in Washington has pleaded guilty to federal charges after admitting he tried… Go to gbhackers.com

Windows Snipping Tool Now Lets Users Export Captures as GIFs Microsoft has rolled out a significant update to its popular Snipping Tool, introducing the ability to export screen recordings as animated GIFs—a feature long… Go to gbhackers.com

Amazon EKS Flaws Expose AWS Credentials and Enable Privilege Escalation Recent research has uncovered critical security flaws in Amazon Elastic Kubernetes Service (EKS) that could expose sensitive AWS credentials and enable privilege escalation within… Go to gbhackers.com

OpenVPN Driver Vulnerability Let Attackers Crash Windows Systems Network administrators and cybersecurity experts will be pleased to learn that OpenVPN 2.7_alpha2 will be released on June 19, 2025, according to the OpenVPN… Go to gbhackers.com

Israeli Social Media Users Targeted in Covert Iranian Influence Campaign A covert Iranian social media operation has been uncovered, targeting Israeli users on platform X with a psychological campaign designed to sow discord and… Go to gbhackers.com

Mattermost Vulnerabilities Let Attackers Execute Remote Code Via Path Traversal Mattermost, a widely-used open-source collaboration platform, has recently disclosed critical vulnerabilities in its software that could allow attackers to execute remote code through path… Go to gbhackers.com

Aflac Cyber Attack – Hackers May Have Stolen Personal And Health Information Aflac Incorporated, a Georgia-based insurance giant, identified unauthorized access to its network infrastructure, raising alarms over a potential data breach. The company swiftly activated… Go to gbhackers.com

CyberWarfare on the Rise With Surge in Hacktivist Activity Following Israel-Iran Cyberspace has become a crucial battlefield in addition to conventional combat since the open conflict between Israel and Iran broke out. Following Israeli airstrikes on… Go to gbhackers.com

Hackers Target 700+ ComfyUI AI Image Generation Servers to Spread Malware China’s National Cybersecurity Notification Center has issued an urgent warning about critical vulnerabilities in ComfyUI, a widely used image-generation framework for large AI models. These… Go to gbhackers.com

Cyberattack Disrupts Russian Dairy Supply Chain by Targeting Animal Certification System In a Russia’s dairy supply chain, a suspected cyberattack has targeted the Mercury component of the national veterinary certification system, forcing it into emergency… Go to gbhackers.com

Prometei Botnet Targets Linux Servers for Cryptocurrency Mining Operations Unit 42 researchers from Palo Alto Networks have identified a renewed wave of attacks by the Prometei botnet, specifically targeting Linux servers, as of… Go to gbhackers.com

Beware of Weaponized MSI Installer Masquerading as WhatsApp to Deliver XWorm RAT A newly identified cyber threat linked to a China-based threat actor has emerged, targeting users across East and Southeast Asia with a trojanized MSI… Go to gbhackers.com

Mocha Manakin Uses Paste-and-Run Technique to Deceive Users into Downloading Malware A malicious campaign tracked as Mocha Manakin has been identified employing the deceptive “paste-and-run” technique to trick unsuspecting users into executing harmful scripts. First observed… Go to gbhackers.com

Versa Director Flaws Let Attackers Execute Arbitrary Commands A newly disclosed set of vulnerabilities in Versa Networks’ SD-WAN orchestration platform, Versa Director, with the flaws enabling authenticated attackers to upload malicious files… Go to gbhackers.com

GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps Zimperium zLabs has uncovered a highly advanced iteration of the GodFather Android banking malware, which employs a groundbreaking on-device virtualization technique to compromise legitimate… Go to gbhackers.com

Microsoft Introduces Enhanced Security Defaults for Windows 365 Cloud PCs Microsoft has announced a significant update to the security posture of its Windows 365 Cloud PCs, introducing new secure-by-default capabilities designed to fortify virtual… Go to gbhackers.com

Dover Fueling Solutions Flaw Lets Attackers Control Fueling Operations A newly disclosed critical vulnerability in Dover Fueling Solutions’ ProGauge MagLink LX consoles has sent shockwaves through the global fuel infrastructure sector. The flaw, tracked… Go to gbhackers.com

16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online A staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet… Go to gbhackers.com

Sophisticated Phishing Attack Uses ASP Pages to Target Prominent Russia Critics – Google Google Threat Intelligence Group (GTIG), in collaboration with external partners, has uncovered a sophisticated phishing campaign orchestrated by a Russia state-sponsored cyber threat actor,… Go to gbhackers.com

ClamAV 1.4.3 and 1.0.9 Released with Fixes for Critical Remote Code Execution Vulnerability The ClamAV development team has rolled out two crucial security patch releases, versions 1.4.3 and 1.0.9, aimed at resolving significant vulnerabilities that could compromise… Go to gbhackers.com

Hackers Exploit Cloudflare Tunnels to Infect Windows Systems With Python Malware A sophisticated malware campaign dubbed SERPENTINE#CLOUD has emerged, leveraging Cloudflare Tunnel infrastructure to deliver Python-based malware to Windows systems across Western nations, including the… Go to gbhackers.com

Microsoft Entra ID Adds Passkey (FIDO2) Support in Public Preview Microsoft has announced a significant update to its identity platform, Microsoft Entra ID, with the introduction of expanded passkey (FIDO2) support in public preview. Set… Go to gbhackers.com

LogMeIn Remote Access Abused in Targeted System Compromise A sophisticated cyberattack campaign has been uncovered, leveraging LogMeIn Resolve remote access software to gain unauthorized control over user systems. Security researchers report that the… Go to gbhackers.com

Google Chrome Vulnerabilities Enable Arbitrary Code Execution – Update Now! Google has released a crucial security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could allow attackers to execute arbitrary code on… Go to gbhackers.com

BlackHat AI Tool WormGPT Enhanced with Grok and Mixtral The rapid evolution of large language models (LLMs) has not only transformed legitimate industries but has also found its way into the hands of… Go to gbhackers.com

Qilin Ransomware Emerges as a Major Threat Targeting Windows, Linux, and ESXi Systems Qilin ransomware has emerged as a formidable force, rapidly ascending to prominence amid the collapse of once-dominant groups like RansomHub and LockBit in 2025. Active… Go to gbhackers.com

Cybercriminals Leverage ClickFix Strategy to Deploy RATs and Data-Stealing Malware Cybercriminals are increasingly exploiting a deceptive social engineering technique known as ClickFix to initiate multi-stage cyberattacks, delivering remote access trojans (RATs) and data-stealing malware… Go to gbhackers.com

Critical Privilege Escalation Flaws Grant Full Root Access on Multiple Linux Distros The Qualys Threat Research Unit (TRU) has uncovered two interconnected local privilege escalation (LPE) vulnerabilities—CVE-2025-6018 and CVE-2025-6019—that together enable attackers to gain full root… Go to gbhackers.com

ASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on Windows A critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a… Go to gbhackers.com

Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware A newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute… Go to gbhackers.com

Critical sslh Vulnerabilities Allow Remote Denial-of-Service Attacks Security researchers disclosed two critical vulnerabilities in sslh, a widely used protocol multiplexer that enables multiple services—such as SSH, HTTPS, and OpenVPN—to share a… Go to gbhackers.com

150K+ Users Affected by Malicious Loan Apps on iOS and Google Play Over 150,000 users across Google Play and the Apple App Store have fallen victim to a malicious SpyLoan application named “RapiPlata,” which was identified… Go to gbhackers.com

Hackers Exploiting Chrome Zero‑Day Vulnerability in the Wild A newly discovered zero-day vulnerability in Google Chrome, tracked as CVE-2025-2783, is being actively exploited by hackers in sophisticated cyber-espionage campaigns. Security researchers have observed… Go to gbhackers.com

Hackers Compromise Discord Invite to Inject Malicious Links Delivering AsyncRAT Threat actors have exploited Discord’s invite system to distribute malicious links, ultimately delivering AsyncRAT and other harmful payloads. Discord, a widely trusted platform for gamers,… Go to gbhackers.com

GrayAlpha Hackers Group Exploits Browser Updates to Deploy PowerNet Loader and NetSupport RAT A new infrastructure linked to GrayAlpha, a cybercriminal entity overlapping with the notorious FIN7 group, has been exposed. This financially motivated threat actor, active since… Go to gbhackers.com

Over 20 Malicious Google Play Apps Steal Users’ Login Credentials A major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store… Go to gbhackers.com

Microsoft Purview DLP Now Controls Copilot’s Access to Sensitive Email Data Microsoft is set to enhance data security in Microsoft 365 by extending Purview Data Loss Prevention (DLP) controls to Copilot’s handling of sensitive email… Go to gbhackers.com

Anubis Ransomware Introduces Irreversible File Destruction Feature A new and menacing player has emerged in the cybercrime landscape with the introduction of Anubis, a Ransomware-as-a-Service (RaaS) operation that blends traditional file… Go to gbhackers.com

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in June. This update introduces… Go to gbhackers.com

Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth 2.0 Device Code Flow. … Go to gbhackers.com

HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through… Go to gbhackers.com

Unpatched IT Tool Opens Door – Hackers Breach Billing Software Firm via SimpleHelp RMM Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in… Go to gbhackers.com

Graphite Spyware Uses iOS Zero-Click Flaw to Target Journalists Security researchers at Citizen Lab have uncovered the first forensic evidence linking Paragon’s Graphite mercenary spyware to zero-click attacks on journalists’ iPhones. The campaigns… Go to gbhackers.com

Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff… Go to gbhackers.com

Cybercriminals Advertise Advanced MaaS Botnet with Blockchain C2 on Hacking Forums Cybersecurity researchers have uncovered the alleged sale of a sophisticated Malware-as-a-Service (MaaS) botnet that combines legitimate development frameworks with cutting-edge evasion techniques. The threat… Go to gbhackers.com

Hackers Launch Coordinated Attack on Apache Tomcat Manager from 400 Unique IPs Cybersecurity researchers at GreyNoise Intelligence have identified a significant coordinated attack campaign targeting Apache Tomcat Manager interfaces across the globe. On June 5, 2025,… Go to gbhackers.com

New Campaign Targets Entra ID User Accounts Using Pentesting Tool for Account Takeover Proofpoint Threat Intelligence has uncovered a large-scale Account Takeover (ATO) campaign, internally tracked as UNK_SneakyStrike, that leverages the open-source penetration testing framework TeamFiltration to… Go to gbhackers.com

Windows SMB Client Zero-Day Vulnerability Exploited via Reflective Kerberos Relay Attack A newly disclosed vulnerability, CVE-2025-33073, dubbed the “Reflective Kerberos Relay Attack,” has shaken the Windows security landscape. Discovered by RedTeam Pentesting and patched by… Go to gbhackers.com

0-Click Vulnerability in Microsoft 365 Copilot Exposes Sensitive Data via Teams Security researchers have uncovered the first-ever zero-click vulnerability in an AI agent, targeting Microsoft 365 Copilot and potentially exposing sensitive organizational data through a… Go to gbhackers.com

Apache CloudStack Flaw Allows Attackers to Execute Privileged Actions Apache CloudStack, a leading open-source cloud management platform, has announced the immediate availability of new Long-Term Support (LTS) releases—version 4.19.3.0 and 4.20.1.0—to address multiple… Go to gbhackers.com

HPE Aruba Network Flaw Exposes Sensitive Data to Potential Hackers HPE Aruba Networking has issued a critical security advisory regarding a high-severity vulnerability in its Private 5G Core Platform. Tracked as CVE-2025-37100, the flaw… Go to gbhackers.com

Insyde UEFI Flaw Enables Digital Certificate Injection via NVRAM Variable A critical vulnerability (CVE-2025-4275) in Insyde H2O UEFI firmware allows attackers to bypass Secure Boot protections by injecting malicious digital certificates via an unprotected… Go to gbhackers.com

Multiple Chrome Flaws Enable Remote Code Execution by Attackers Google Chrome’s Stable channel is being updated to version 137.0.7151.103 for Windows and Mac, with Linux receiving version 137.0.7151.103 as well. The rollout will… Go to gbhackers.com

Microsoft Windows WebDAV 0-Day RCE Vulnerability Actively Exploited in The Wild A critical zero-day vulnerability in Microsoft Windows, designated CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon. The flaw, enabling… Go to gbhackers.com

CISA Issues Alert on Erlang/OTP SSH Server RCE Vulnerability Under Active Exploitation The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH server implementations that allows attackers… Go to gbhackers.com

Indian Authorities Bust Cybercriminals Posing as Microsoft Tech Support India’s Central Bureau of Investigation (CBI), the nation’s federal law enforcement agency, launched a sweeping operation targeting cyber-enabled financial fraud networks. Raids at 19… Go to gbhackers.com

Malicious Actors Exploit SoraAI’s Popularity & GitHub to Distribute Malware Threat actors are leveraging the growing popularity of OpenAI’s Sora, a cutting-edge video generation model, to distribute malicious software. Disguised as a legitimate shortcut file… Go to gbhackers.com