Tag: gbhackers

Juniper Issues Warning About Critical Authentication Bypass Vulnerability Juniper Networks has issued an urgent security bulletin for its Session Smart Router, Session Smart Conductor, and WAN Assurance Router product lines, revealing a… Go to gbhackers.com

Indian Post Office Portal Leak Exposes Thousands of KYC Records The Indian Post Office portal recently exposed the sensitive Know Your Customer (KYC) data of thousands of users due to a critical vulnerability known… Go to gbhackers.com

Linux Kernel 6.14 rc3 Released With The Fixes for Critical Issues Linus Torvalds has announced the release of Linux Kernel 6.14-rc3, marking a critical milestone in stabilizing the upcoming 6.14 kernel version.This release candidate addresses… Go to gbhackers.com

Android’s New Security Feature Prevents Sensitive Setting Changes During Calls Phone scams are becoming more sophisticated with advancements in AI-driven speech tools, making it easier for scammers to manipulate victims.To combat these growing threats,… Go to gbhackers.com

Hackers Exploit Microsoft Teams Invites to Gain Unauthorized Access The Microsoft Threat Intelligence Center (MSTIC) has uncovered an ongoing and sophisticated phishing campaign leveraging Microsoft Teams invites to gain unauthorized access to user… Go to gbhackers.com

Meta’s Bug Bounty Initiative Pays $2.3 Million to Security Researchers in 2024 Meta’s commitment to cybersecurity took center stage in 2024 as the tech giant awarded over $2.3 million in payouts to global security researchers participating… Go to gbhackers.com

Fake BSOD Attack Launched via Malicious Python Script A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick to mimic a fake Blue Screen of Death (BSOD).The script,… Go to gbhackers.com

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using compromised websites to deliver malicious ZIP files disguised as legitimate… Go to gbhackers.com

North Korean IT Workers Penetrate Global Firms to Install System Backdoors In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global companies, posing as remote workers to introduce system backdoors and… Go to gbhackers.com

Lazarus Group Targets Developers Worldwide with New Malware Tactic North Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users.Dubbed Operation Marstech Mayhem,… Go to gbhackers.com

REF7707 Hackers Target Windows & Linux Systems with FINALDRAFT Malware Elastic Security Labs has uncovered a sophisticated cyber-espionage campaign, tracked as REF7707, targeting entities across South America and Southeast Asia.Central to this operation… Go to gbhackers.com

Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins A new phishing kit named Astaroth has emerged as a significant threat in the cybersecurity landscape by bypassing two-factor authentication (2FA) mechanisms.First advertised on… Go to gbhackers.com

CISA Publishes 20 Advisories on ICS Security Flaws and Exploits  The Cybersecurity and Infrastructure Security Agency (CISA) has issued 20 security advisories on February 13, 2025, warning about critical vulnerabilities in Industrial Control Systems… Go to gbhackers.com

Dutch Authorities Dismantle Network of 127 Command-and-Control Servers Dutch police and the Public Prosecution Service have taken down a network of 127 command-and-control servers.This network was operated by ZServers/XHost, a so-called bulletproof… Go to gbhackers.com

Device Code Phishing Attack Exploits Authentication Flow to Hijack Tokens A sophisticated phishing campaign leveraging the device code authentication flow has been identified by Microsoft Threat Intelligence, targeting a wide range of sectors, including… Go to gbhackers.com

Apache Fineract SQL Injection Vulnerability Allows Malicious Data Injection The Apache Software Foundation has disclosed a critical SQL injection vulnerability in its widely utilized financial platform, Apache Fineract.The flaw, tracked as CVE-2024-32838, affects multiple… Go to gbhackers.com

RedNote App Security Flaw Exposes User Files on iOS and Android Devices Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app, RedNote, compromising the privacy and security of millions of users… Go to gbhackers.com

Winnti Hackers Attacking Japanese Organisations with New Malware The China-based Advanced Persistent Threat (APT) group known as the Winnti Group, also referred to as APT41, has launched a new cyberattack campaign targeting… Go to gbhackers.com

Threat Actors Exploiting DeepSeek’s Popularity to Deploy Malware The meteoric rise of DeepSeek, a Chinese AI startup, has not only disrupted the AI sector but also attracted the attention of cybercriminals.Following… Go to gbhackers.com

APT43 Hackers Targeting Academic Institutions Using Exposed Credentials APT43, also known by aliases such as Black Banshee, Emerald Sleet, and Kimsuky, is a North Korean state-sponsored cyber threat actor linked to the… Go to gbhackers.com

Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated… Go to gbhackers.com

Windows Driver Zero-Day Vulnerability Let Hackers Remotely Gain System Access Microsoft has confirmed the discovery of a significant zero-day vulnerability, tracked as CVE-2025-21418, in the Windows Ancillary Function Driver for WinSock.This flaw, categorized as an Elevation… Go to gbhackers.com

FortiOS & FortiProxy Vulnerability Allows Attackers Firewall Hijacks to Gain Super Admin Access A critical vulnerability in Fortinet’s FortiOS and FortiProxy products has been identified, enabling attackers to bypass authentication and gain super-admin access.The flaw, classified… Go to gbhackers.com

Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack Fortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to… Go to gbhackers.com

0-Day Vulnerability in Windows Storage Allow Hackers to Delete the Target Files Remotely A newly discovered 0-day vulnerability in Windows Storage has sent shockwaves through the cybersecurity community.Identified as CVE-2025-21391, this critical flaw allows attackers to elevate privilege… Go to gbhackers.com

Ratatouille Malware Bypass UAC Control & Exploits I2P Network to Launch Cyber Attacks A newly discovered malware, dubbed “Ratatouille” (or I2PRAT), is raising alarms in the cybersecurity community due to its sophisticated methods of bypassing User Account… Go to gbhackers.com

FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials A new cybersecurity threat has emerged, targeting customers of a prominent Indian bank through fraudulent mobile applications.Dubbed “FinStealer,” this malware campaign employs advanced… Go to gbhackers.com

Evil Crow RF Tool Transforms Smartphones into Powerful RF Hacking Devices Innovative tools are continually appearing to enhance the capabilities of professionals and enthusiasts alike.One new entrant into the world of radio frequency (RF) tools… Go to gbhackers.com

Massive Facebook Phishing Attack Targets Hundreds of Companies for Credential Theft A newly discovered phishing campaign targeting Facebook users has been identified by researchers at Check Point Software Technologies.The attack, which began in late… Go to gbhackers.com

Researchers Found North Korean Hackers Advanced Tactics, techniques, and procedures Recent research has highlighted the increasingly sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean state-sponsored hackers.These cyber actors have demonstrated a… Go to gbhackers.com

DeepSeek Accused of Over-Collecting Personal Data, Says South Korea’s Spy Agency South Korea’s National Intelligence Service (NIS) has raised alarms over the Chinese artificial intelligence app, DeepSeek, accusing it of “excessively” collecting personal data from… Go to gbhackers.com

Marvel Game Vulnerability Exposes PCs & PS5s to Remote Takeover Attacks A severe security vulnerability has been uncovered in the popular video game Marvel Rivals, raising major concerns for both PC and PlayStation 5 players.The exploit,… Go to gbhackers.com

Massive Brute Force Attack Launched With 2.8 Million IPs To Hack VPN & Firewall… Massive brute force attacks targeting VPNs and firewalls have surged in recent weeks, with cybercriminals using as many as 2.8 million unique IP addresses… Go to gbhackers.com

Penetration Testers Arrested During Approved Physical Penetration Testing A routine physical penetration test conducted by cybersecurity professionals took an unexpected turn when armed police officers arrested two security experts during a simulated… Go to gbhackers.com

Cisco Data Breach – Ransomware Group Allegedly Breached Internal Network Sensitive credentials from Cisco’s internal network and domain infrastructure were reportedly made public due to a significant data breach.According to a Cyber Press Research… Go to gbhackers.com

Linux Kernel 6.14-rc2 Released – What’s Newly Added ! Linus Torvalds, lead developer of the Linux kernel, announced the second release candidate (rc2) of Linux Kernel 6.14, providing developers and enthusiasts with a… Go to gbhackers.com

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all encrypted content stored in its iCloud service.The demand, issued… Go to gbhackers.com

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning of data rather than… Go to gbhackers.com

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated cyberattacks.Recent research demonstrates… Go to gbhackers.com

Cybercriminals Target IIS Servers to Spread BadIIS Malware A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services (IIS) servers by threat actors deploying the BadIIS malware.This… Go to gbhackers.com

Hackers Leveraging Image & Video Attachments to Deliver Malware Cybercriminals are increasingly exploiting image and video files to deliver malware, leveraging advanced techniques like steganography and social engineering.These methods allow attackers to… Go to gbhackers.com

New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps A new wave of scareware attacks has emerged, targeting unsuspecting mobile users with fake antivirus applications designed to exploit fear and trick victims into… Go to gbhackers.com

Logsign Vulnerability Allows Remote Attackers to Bypass Authentication A critical security vulnerability has been identified and disclosed in the Logsign Unified SecOps Platform, allowing remote attackers to bypass authentication mechanisms.The vulnerability tracked… Go to gbhackers.com

Hackers Exploiting SimpleHelp Vulnerabilities to Deploy Malware on Systems Cybercriminals are actively exploiting vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software to infiltrate networks, create unauthorized administrator accounts, and deploy malware, including… Go to gbhackers.com

New Facebook Fake Copyright Notices to Steal Your FB Accounts A newly discovered phishing campaign is using fake Facebook copyright infringement notices to trick users into divulging their credentials, potentially compromising business accounts.Phishing… Go to gbhackers.com

Developers Beware! Malicious ML Models Found on Hugging Face Platform In a concerning development for the machine learning (ML) community, researchers from ReversingLabs have uncovered malicious ML models on the Hugging Face platform, a… Go to gbhackers.com

Hackers Exploit DeepSeek & Qwen AI Models for Malware Development Check Point Research (CPR) has revealed that cybercriminals are increasingly leveraging the newly launched AI models, DeepSeek and Qwen, to create malicious content.These… Go to gbhackers.com

F5 BIG-IP SNMP Flaw Allows Attackers to Launch DoS Attacks A recently disclosed vulnerability in F5’s BIG-IP systems has raised alarm within the cybersecurity community.The flaw, designated CVE-2025-21091, enables remote attackers to exploit SNMP configuration… Go to gbhackers.com

Cisco IOS SNMP Vulnerabilities Allow Attackers to Launch DoS Attacks” Cisco has disclosed multiple vulnerabilities in its Simple Network Management Protocol (SNMP) subsystem affecting Cisco IOS, IOS XE, and IOS XR software.These flaws,… Go to gbhackers.com

Cybercriminals Abusing ScreenConnect RMM Tool for Persistent Access Cybersecurity experts have identified an alarming trend of cybercriminals exploiting ConnectWise ScreenConnect, a widely-used Remote Monitoring and Management (RMM) tool, to establish persistent access… Go to gbhackers.com

North Korean Hackers Use custom-made RDP Wrapper to activate remote desktop on Hacked Machines In a concerning development, the North Korean-backed hacking group Kimsuky has intensified its use of custom-built tools to exploit Remote Desktop Protocol (RDP) for… Go to gbhackers.com

New Banking Attacking Users of Indian banks to Steal Aadhar, PAN, ATM & Credit… A sophisticated malware campaign, dubbed “FatBoyPanel,” has been uncovered by cybersecurity researchers, targeting users of Indian banks.This campaign, consisting of nearly 900 malware… Go to gbhackers.com

Critical Netgear Vulnerabilities Allow Hackers to Execute Remote Code Netgear has addressed critical security vulnerabilities in several of its popular router models that could allow hackers to execute remote code without authentication.If not… Go to gbhackers.com

Hackers Can Exploit GPU Flaws to Gain Full Control of Your Device Several critical vulnerabilities affecting Mali Graphics Processing Units (GPUs) have surfaced, allowing hackers to exploit flaws in GPU drivers to gain full control of… Go to gbhackers.com

Threat Actors Exploiting DeepSeek’s Rise to Fuel Cyber Attacks Amid the surging popularity of DeepSeek, a cutting-edge AI reasoning model from an emerging Chinese startup, cybercriminals have wasted no time leveraging the widespread… Go to gbhackers.com

CISA Adds Actively Exploited Apache and Microsoft Vulnerabilities to its Database The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with several critical security flaws, prompting heightened vigilance among organizations… Go to gbhackers.com

Chinese Hackers Attacking Linux Devices With New SSH Backdoor A sophisticated cyber espionage campaign attributed to the Chinese hacking group DaggerFly has been identified, targeting Linux systems through an advanced Secure Shell (SSH)… Go to gbhackers.com

Apple Service Ticket Portal Vulnerability Leaks Sensitive Information Apple, one of the most trusted technology brands in the world, recently faced a critical security exposure in its service ticket portal.The vulnerability, discovered… Go to gbhackers.com

AsyncRAT Abusing Python and TryCloudflare For Stealthy Malware Delivery In a significant finding, Forcepoint’s X-Labs research team has uncovered a new malware campaign that uses AsyncRAT, a notorious remote access trojan (RAT), along… Go to gbhackers.com

Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware A newly identified zero-day vulnerability in the widely used 7-Zip archiving software, designated as CVE-2025-0411.This critical flaw, which was exploited in the wild, is… Go to gbhackers.com

Beware of Fake DeepSeek PyPI packages that Delivers Malware The Positive Technologies Expert Security Center (PT ESC) recently uncovered a malicious campaign targeting the Python Package Index (PyPI) repository.The campaign involved two packages,… Go to gbhackers.com

FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections A new macOS malware variant, dubbed “FlexibleFerret,” has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign…. Go to gbhackers.com

INDOHAXSEC Hacker Group Allegedly Breaches Malaysia’s National Tuberculosis Registry The Indonesian hacker group “INDOHAXSEC” has allegedly breached the National Tuberculosis Registry (NTBR) of Malaysia, managed by the Ministry of Health.The group announced their… Go to gbhackers.com

Devil-Traff: Emerging Malicious SMS Platform Powering Phishing Attacks In the ever-evolving landscape of cybercrime, bulk SMS platforms like Devil-Traff have emerged as powerful tools for phishing campaigns, exploiting trust and compromising security… Go to gbhackers.com

ChatGPT’s Deep Research Breakthrough Enables Faster-Than-Human Task Handling OpenAI has introduced “Deep Research,” a cutting-edge feature within ChatGPT that promises to revolutionize the way people handle complex and time-intensive tasks.Designed to synthesize… Go to gbhackers.com

Alibaba Cloud Storage Flaw Exposes Data to Unauthorized Uploads A significant vulnerability has been discovered in the Alibaba Cloud Object Storage Service (OSS) that allows unauthorized users to upload data, posing critical security… Go to gbhackers.com

Parrot 6.3 Release, What’s New The cybersecurity realm received an exciting update this week with the release of Parrot 6.3, the latest version of the Parrot Security operating system.As one… Go to gbhackers.com

New ‘SHIELD’ Platform Leverages FPGA and Off-Host Monitoring to Tackle Advanced Ransomware Threats In a significant advancement against increasingly sophisticated ransomware threats, researchers from NYU Tandon School of Engineering have introduced SHIELD (Secure Host-Independent Extensible Logging), an… Go to gbhackers.com

Researchers Launch Open-Source UEFI Memory Forensics Framework to Counter Advanced Bootkits A team of researchers from Ben Gurion University of the Negev has pioneered a novel memory forensics framework for analyzing Unified Extensible Firmware Interface… Go to gbhackers.com

Cybercriminals Exploit GitHub Infrastructure to Distribute Lumma Stealer In a recent investigation, Trend Micro’s Managed XDR team identified a sophisticated malware campaign exploiting GitHub’s release infrastructure to distribute Lumma Stealer, along with… Go to gbhackers.com

Google Blocks 2.28 Million Malicious Apps from Play Store in Security Crackdown In a continued commitment to enhancing user safety and trust, Google has outlined significant strides made in 2023 to mitigate malicious activities across the… Go to gbhackers.com

GitHub Copilot Vulnerability Exploited to Train Malicious AI Models GitHub Copilot, the popular AI-powered code-completion tool, has come under scrutiny after Apex Security’s research unveiled two major vulnerabilities.The findings highlight weaknesses in… Go to gbhackers.com

Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks Authorities have seized 39 websites allegedly used to sell hacking tools and fraud-enabling software.The crackdown targeted a Pakistan-based network of online marketplaces operated by… Go to gbhackers.com

Cisco Webex Chat Vulnerabilities Expose Organization Chat Histories to Attackers A major cybersecurity vulnerability in Cisco Webex Chat (previously known as IMI Chat) has raised alarming concerns after it was revealed that unauthenticated attackers… Go to gbhackers.com

Yeti Forensic Platform Vulnerability Allows Attackers to Execute Remote Code A critical security flaw has been identified in the popular Yeti Forensic Intelligence platform, exposing its users to unauthenticated remote code execution (RCE) attacks.Two… Go to gbhackers.com

VMware Aria Operations Vulnerabilities Allow Attackers to Perform Admin-Level Actions VMware has released a critical security advisory, VMSA-2025-0003, addressing multiple vulnerabilities in VMware Aria Operations for Logs, VMware Aria Operations, and VMware Cloud Foundation.These vulnerabilities—tracked… Go to gbhackers.com

Malware Discovered in Healthcare Patient Monitors, Traced to Chinese IP Address The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding multiple vulnerabilities identified in Contec Health’s CMS8000 Patient Monitor.These flaws… Go to gbhackers.com

Hackers Sell Compromised Emails and Google Ads Accounts on Dark Web A new wave of cybercrime is surfacing as hackers exploit compromised emails and digital advertising platforms to create a thriving underground economy.This illegal marketplace,… Go to gbhackers.com

Cybercriminals Hijack Government Sites to Lauch Phishing Attacks Cybersecurity researchers have identified a persistent trend in which threat actors exploit vulnerabilities in government websites to further phishing campaigns.Based on data spanning… Go to gbhackers.com

10,000 WordPress Websites Hacked to Distributing MacOS and Microsoft Malware Over 10,000 WordPress websites have been hijacked to deliver malicious software targeting both macOS and Windows users.Researchers revealed this week how attackers leveraged vulnerabilities… Go to gbhackers.com

Hackers Can Exploit AI Platform to Achieve Root Access via RCE Vulnerability In a critical development within the AI industry, researchers at Noma Security have disclosed the discovery of a high-severity Remote Code Execution (RCE) vulnerability… Go to gbhackers.com

New RDP Exploit Allows Attackers to Take Over Windows and Browser Sessions Cybersecurity experts have uncovered a new exploit leveraging the widely used Remote Desktop Protocol (RDP).This vulnerability enables attackers to gain unauthorized control over Windows… Go to gbhackers.com

Researchers Jailbreaked DeepSeek R1 to Generate Malicious Scripts Researchers have successfully jailbroken DeepSeek R1, a cutting-edge reasoning model originating from China.Dubbed a potential challenger to tech giants like OpenAI, DeepSeek R1 has… Go to gbhackers.com

Google Researchers Breakdowns Scatterbrain Behind PoisonPlug Malware Google’s Threat Intelligence Group (GTIG) in collaboration with Mandiant has revealed critical insights into ScatterBrain, a sophisticated obfuscation tool utilized by China-nexus cyber espionage… Go to gbhackers.com

Zyxel CPE Zero-Day (CVE-2024-40891) Exploited in the Wild Security researchers have raised alarms about active exploitation attempts targeting a newly discovered zero-day command injection vulnerability in Zyxel CPE Series devices, tracked as CVE-2024-40891.This… Go to gbhackers.com

FleshStealer: A new Infostealer Attacking Chrome & Mozilla Users A newly identified strain of information-stealing malware, FleshStealer, is making headlines in 2025 due to its advanced evasion techniques and targeted data extraction capabilities…. Go to gbhackers.com

Windows 11 24H2 Update Bug: Users Report Disruptions in Web Camera and USB Devices Windows 11 KB5050009 for version 24H2 has sparked widespread frustrations among users due to a slew of compatibility and functionality issues.Reports indicate that the… Go to gbhackers.com

Apple Security Update – Patch for iOS Zero-day, MacOS & More Apple has responded to a newly discovered zero-day vulnerability affecting its operating systems by releasing an array of security updates to protect users from… Go to gbhackers.com

Stratoshark – A New Wireshark Tool Released for Cloud The masterminds behind the revolutionary network analyzer Wireshark have unveiled a new tool, Stratoshark, designed to bring their proven methodology to system call analysis…. Go to gbhackers.com

Hackers Mimic USPS To Deliver Malicious PDF In Attack Targeted Mobile Devices In a detailed analysis published on January 27, 2025, Zimperium’s zLabs team uncovered a sophisticated phishing campaign targeting mobile devices through malicious PDF files…. Go to gbhackers.com

New Hacker Group Using 7z & UltraVNC Tool to Deploy Malware Evading Detection A sophisticated cyber campaign targeting Russian-speaking entities has been identified by cybersecurity researchers, unveiling a deceptive operation imitating the Tactics, Techniques, and Procedures (TTPs)… Go to gbhackers.com

Hackers Use Hidden Text Salting to Bypass Spam Filters and Evade Detection In the latter half of 2024, Cisco Talos identified a significant increase in email threats leveraging “hidden text salting,” also referred to as HTML… Go to gbhackers.com

Weaponised XWorm RAT Builder Attacking Script Kiddies To Hack 18,000 Devices A recent cybersecurity attack involving a Trojanized version of the XWorm Remote Access Trojan (RAT) builder has compromised over 18,000 devices worldwide.This sophisticated malware,… Go to gbhackers.com

LockBit Ransomware: 11-Day Timeline from Initial Compromise to Deployment A well-coordinated cyber intrusion, spanning 11 days, culminated in the deployment of LockBit ransomware across a corporate environment.The attack, which began with the… Go to gbhackers.com

Apache Solr For Windows instances Vulnerability Allows Arbitrary Path Write-Access A critical security vulnerability (CVE-2024-52012) affecting Apache Solr instances on Windows has been identified, allowing attackers to gain arbitrary file path write access using… Go to gbhackers.com

Researchers Exploited Windows Charset Conversion Feature to Execute Remote Code Researchers have exposed a systemic vulnerability within the Windows operating system, leveraging its “Best-Fit” charset conversion feature to bypass security checks and execute remote… Go to gbhackers.com

New SCAVY Framework to Detect Memory Corruption Privilege Escalation in Linux Kernel  A breakthrough framework named SCAVY has been introduced to proactively detect memory corruption targets that could potentially lead to privilege escalation in the Linux kernel.Presented at… Go to gbhackers.com

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave vulnerability, potentially allowing attackers to control air conditioning, lighting,… Go to gbhackers.com

CISA Releases Six ICS Advisories Details Security Issues The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range of critical systems.These… Go to gbhackers.com

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor A sophisticated cyber campaign dubbed “J-magic” has been discovered targeting enterprise-grade Juniper routers with a backdoor attack that leverages a passive monitoring agent.The… Go to gbhackers.com