Tag: gbhackers

CISA Alerts on Fortinet FortiWeb Vulnerability Exploited in Real-World Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical OS command injection vulnerability in Fortinet FortiWeb, warning that… Go to gbhackers.com

Chinese PlushDaemon Hackers Exploit EdgeStepper Tool to Hijack Legitimate Updates and Redirect to Malicious… ESET researchers have uncovered a sophisticated attack chain orchestrated by the China-aligned threat actor PlushDaemon, revealing how the group leverages a previously undocumented network… Go to gbhackers.com

Hackers Exploit Tuoni C2 Framework to Stealthily Deploy In-Memory Payloads In October 2025, Morphisec’s anti-ransomware prevention platform detected and neutralized a sophisticated cyberattack targeting a major U.S. real estate company. The campaign showcased the… Go to gbhackers.com

Single Click on CAPTCHA Triggers Destructive Akira Ransomware Attack on Malicious Website A sophisticated Akira ransomware attack orchestrated by the Howling Scorpius group recently left a global data storage and infrastructure company grappling with massive operational… Go to gbhackers.com

Critical FortiWeb WAF Flaw Actively Exploited to Establish Admin Access and Seize Total Control Fortinet has released urgent security updates to address a critical vulnerability in its FortiWeb Web Application Firewall (WAF) that is being actively exploited in… Go to gbhackers.com

Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges… Go to gbhackers.com

Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands,… Go to gbhackers.com

RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR Elastic Security Labs has uncovered a sophisticated campaign deploying a newly identified loader, dubbed RONINGLOADER, that weaponizes legitimately signed kernel drivers to systematically disable… Go to gbhackers.com

Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context… Go to gbhackers.com

W3 Total Cache Security Vulnerability Exposes One Million WordPress Sites to RCE A critical security flaw has been discovered in the widely used W3 Total Cache WordPress plugin, putting over 1 million websites at serious risk…. Go to gbhackers.com

Threat Actors Use Compromised RDP to Deploy Lynx Ransomware After Deleting Backups A sophisticated threat actor has orchestrated a multi-stage ransomware attack spanning nine days, leveraging compromised Remote Desktop Protocol (RDP) credentials to infiltrate a corporate… Go to gbhackers.com

Imunify AI-Bolit Flaw Allows Arbitrary Code Execution and Root Privilege Escalation A critical vulnerability was discovered in the AI-Bolit component of Imunify security products, raising concerns across the web hosting and Linux server communities. This… Go to gbhackers.com

Mapping Remcos RAT C2 Activity and Associated Communication Ports Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as “Remote Administration Software,” continues to pose a significant threat to organizations worldwide…. Go to gbhackers.com

Chrome Zero-Day Type Confusion Flaw Actively Exploited in the Wild Google has released an urgent security update for its Chrome browser to address a critical zero-day vulnerability actively exploited by threat actors. The flaw,… Go to gbhackers.com

Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware… Go to gbhackers.com

Critical Zoho Analytics Plus Flaw Allows Attackers to Run Arbitrary SQL Queries A critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise, posing a severe risk to organizations running affected versions.Tracked… Go to gbhackers.com

Washington Post Oracle E-Suite Breach Exposes Data of Over 9,000 Staff and Contractors The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite… Go to gbhackers.com

Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide.Hosting companies must… Go to gbhackers.com

Android Photo Frame App Infects Devices With Malware, Allows Full Remote Takeover A recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget… Go to gbhackers.com

Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history.Operation Endgame,… Go to gbhackers.com

Kibana Vulnerabilities Expose Systems to SSRF and XSS Attacks Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks.The vulnerability, tracked… Go to gbhackers.com

GitLab Vulnerabilities Expose Users to Prompt Injection Attacks and Data Theft GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt injection flaw in GitLab Duo… Go to gbhackers.com

Malicious Chrome Extension Grants Full Control Over Ethereum Wallet Security researchers have uncovered a sophisticated supply chain attack disguised as a legitimate cryptocurrency wallet.Socket’s Threat Research Team discovered a malicious Chrome extension… Go to gbhackers.com

New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across Windows and macOS platforms…. Go to gbhackers.com

Authentication Coercion: How Windows Machines Are Tricked into Leaking Credentials Cybersecurity researchers have identified a growing trend in Windows-targeted attacks that exploit fundamental operating system features to force machines into surrendering valuable credentials without… Go to gbhackers.com

English-Speaking Cybercriminal Network ‘The COM’ Drives Global Cyberattacks The English-speaking cybercriminal ecosystem known as “The COM” has evolved from a niche underground culture into a sophisticated, professional service-oriented economy that orchestrates some… Go to gbhackers.com

Microsoft SQL Server Vulnerability Allows Privilege Escalation Microsoft has disclosed a critical SQL injection vulnerability in SQL Server that could allow authenticated attackers to escalate their privileges over a network.Tracked… Go to gbhackers.com

Chrome Security Update Fixes Improper Implementation in V8 JavaScript Engine Google has released a new stable Chrome update that addresses a serious flaw in its V8 JavaScript engine.The update, now available as version… Go to gbhackers.com

GitHub Copilot and Visual Studio Flaws Let Attackers Bypass Security Protections Microsoft has disclosed two critical security vulnerabilities affecting GitHub Copilot and Visual Studio Code that could allow attackers to bypass important security protections.Both… Go to gbhackers.com

Attackers Use Quantum Route Redirect to Launch Instant Phishing on M365 KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with… Go to gbhackers.com

Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The… Go to gbhackers.com

New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape.First observed on March 7, 2025,… Go to gbhackers.com

Researchers Expose Deep Connections Between Maverick and Coyote Banking Malware Security researchers at CyberProof have uncovered critical connections between two sophisticated banking trojans Maverick and Coyote that are actively targeting Brazilian users through WhatsApp…. Go to gbhackers.com

WatchGuard Firebox Flaw Allows Attackers to Gain Unauthorized SSH Access A security vulnerability has been discovered in WatchGuard Firebox devices that could allow attackers to bypass authentication mechanisms and gain unauthorized SSH access to… Go to gbhackers.com

HackGPT Launches as AI-Driven Penetration Testing Suite Using GPT-4 and Other Models HackGPT Enterprise has officially launched as a production-ready, cloud-native AI-powered penetration testing platform designed specifically for enterprise security teams.Created by Yashab Alam, Founder… Go to gbhackers.com

Ransomware Operators Exploit RMM Tools to Deploy Medusa and DragonForce Cybersecurity researchers at Zensec have exposed a sophisticated supply-chain attack campaign that weaponised trusted Remote Monitoring and Management (RMM) infrastructure to deploy ransomware across… Go to gbhackers.com

Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting… Go to gbhackers.com

Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case An extract from “The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy” by Francesco Cancellato, published by Rizzoli on… Go to gbhackers.com

APT Groups Target Construction Firms to Steal RDP, SSH, and Citrix Credentials The construction industry has emerged as a primary target for sophisticated cyber adversaries in 2025, with threat actors including state-sponsored APT groups, ransomware operators,… Go to gbhackers.com

AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector A comprehensive new report reveals that manufacturing organizations are grappling with a dual challenge: rapidly adopting generative AI technologies while simultaneously defending against attackers… Go to gbhackers.com

New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices.The… Go to gbhackers.com

New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks Microsoft is poised to roll out a significant update to Teams, enabling users to initiate chats with anyone using just an email address even… Go to gbhackers.com

German ISP aurologic GmbH Identified as Key Hub for Malicious Hosting Infrastructure German hosting provider aurologic GmbH has emerged as a critical hub within the global malicious infrastructure ecosystem, according to recent intelligence reporting.The Langen-based… Go to gbhackers.com

Threat Actors Use Stolen RDP Credentials to Deploy Cephalus Ransomware A new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP) accounts.First detected in… Go to gbhackers.com

Over 15 Malicious npm Packages Exploiting Windows to Deploy Vidar Malware Datadog Security Research has uncovered a sophisticated supply chain attack targeting the npm ecosystem, involving 17 malicious packages across 23 releases designed to deliver… Go to gbhackers.com

OPNsense Firewall Update Addresses Multiple Security Issues and Enhances Features The OPNsense project has released version 25.7.7, delivering critical security improvements and performance enhancements to strengthen enterprise firewall deployments.This update represents a significant step… Go to gbhackers.com

Researchers Bypass Elastic EDR Call-Stack Signatures Using Call Gadgets Security researchers have developed a new technique that leverages call gadgets to insert arbitrary modules into the call stack during module loading, successfully bypassing… Go to gbhackers.com

New Phishing Campaign Targets Travelers via Compromised Hotel Booking.com Accounts Cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits compromised hotel booking accounts to defraud travellers worldwide.The campaign, which has been active… Go to gbhackers.com

Influence of Chinese Hacker Organizations on U.S. Foreign Policy Chinese cyber-espionage groups have once again demonstrated their determination and technical prowess in targeting U.S. organizations with ties to international policy-making, highlighting the persistent… Go to gbhackers.com

Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits…. Go to gbhackers.com

ValleyRAT Campaign Targets Windows via WeChat and DingTalk A sophisticated Windows remote-access trojan known as ValleyRAT has emerged as a high-confidence indicator of targeted intrusions against Chinese-language users and organizations.ValleyRAT’s operational… Go to gbhackers.com

EndClient RAT Leverages Compromised Code-Signing to Slip Past Antivirus A sophisticated Remote Access Trojan (RAT) is actively targeting North Korean Human Rights Defenders (HRDs) through a campaign leveraging stolen code-signing certificates to evade… Go to gbhackers.com

Authorities Dismantle Large-Scale Credit Card Fraud Scheme Affecting 4.3 Million Users  Authorities across nine countries executed a coordinated crackdown on one of the largest credit card fraud networks ever dismantled.Operation Chargeback, led by German… Go to gbhackers.com

Google Warns of PROMPTFLUX Malware That Uses Gemini API for Self-Rewriting Attacks Cybersecurity researchers at Google Threat Intelligence Group (GTIG) have identified a significant shift in how threat actors are leveraging artificial intelligence in their operations…. Go to gbhackers.com

CISA Alerts of Control Web Panel Command Injection Flaw Actively Exploited The Cybersecurity and Infrastructure Security Agency has issued an urgent alert about a critical command-injection vulnerability in Control Web Panel that is currently being… Go to gbhackers.com

Hackers Exploit AI Tools to Intensify Ransomware Attacks on European Organizations European organizations are facing an unprecedented surge in ransomware attacks as cybercriminals increasingly adopt artificial intelligence and sophisticated social engineering tactics to breach defenses… Go to gbhackers.com

Swedish IT Company Data Breach Exposes Personal Details of 1.5 Million Users Swedish authorities have launched formal investigations into a significant data breach affecting Miljödata, a prominent IT company whose security lapse exposed the personal information… Go to gbhackers.com

AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks A critical vulnerability discovered in the AI Engine WordPress plugin threatens over 100,000 active installations worldwide. On October 4th, 2025, security researchers identified a… Go to gbhackers.com

Jupyter Misconfiguration Exposes Systems to Root Privilege Escalation Security researchers have uncovered a vulnerability in commonly misconfigured Jupyter notebook servers that allows attackers to gain root-level access on Linux systems.The flaw doesn’t… Go to gbhackers.com

Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform, which emerged in August… Go to gbhackers.com

Microsoft Plans to Remove Entra Accounts from Authenticator on Jailbroken Devices Microsoft is rolling out a significant security enhancement for its Authenticator app starting February 2026, introducing jailbreak and root detection capabilities that will automatically… Go to gbhackers.com

RondoDox Botnet Swells Its Arsenal — 650% Jump in Enterprise-Focused Exploits The cybersecurity threat landscape shifted dramatically on October 30, 2025, when security researchers monitoring honeypot infrastructure detected a significantly evolved variant of the RondoDox… Go to gbhackers.com

Balancer DeFi Platform Hit by Major Exploit Resulting in $100M+ in Losses The decentralised finance (DeFi) ecosystem was rocked by a significant exploit targeting Balancer, one of the leading DeFi platforms.The breach specifically impacted Balancer’s V2… Go to gbhackers.com

‘SleepyDuck’ Malware in Open VSX Lets Attackers Remotely Control Windows PCs Security researchers have identified a dangerous remote access trojan called SleepyDuck lurking in the Open VSX IDE extension marketplace, targeting developers who use code… Go to gbhackers.com

New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie… Go to gbhackers.com

Conti Ransomware Operator Extradited to the United States A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges… Go to gbhackers.com

EDR-Redir V2 Evades Detection on Windows 11 by Faking Program Files Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions… Go to gbhackers.com

Windows 11 24H2/25H2 Flaw Keeps Task Manager Running After You Close It Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the… Go to gbhackers.com

OpenAI Introduces Aardvark, an AI Security Agent Powered by GPT-5 OpenAI has announced the launch of Aardvark, an autonomous AI security agent powered by GPT-5 that aims to revolutionize how organizations discover and fix… Go to gbhackers.com

New Email Security Technique Prevents Phishing Attacks Behind NPM Breach The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical first line of defense… Go to gbhackers.com

Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a… Go to gbhackers.com

Hackers Hide SSH–Tor Backdoor Inside Weaponized Military Documents In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP archives disguised as military… Go to gbhackers.com

CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors… Go to gbhackers.com

Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices, deploying a malicious implant… Go to gbhackers.com

Threat Actors Exploit LANSCOPE Endpoint Manager Zero-Day Vulnerability to Steal Confidential Data In mid-2025, Secureworks Counter Threat Unit (CTU) researchers uncovered a sophisticated cyber campaign where Chinese state-sponsored threat actors from the BRONZE BUTLER group exploited… Go to gbhackers.com

WhatsApp Implements Passkey System to Boost Backup Privacy WhatsApp has announced a significant security upgrade that makes protecting your chat backups simpler and more secure than ever before.The messaging platform is introducing… Go to gbhackers.com

Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads Threat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration… Go to gbhackers.com

Progress Releases Patch for MOVEit Transfer Resource Consumption Flaw Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025.The flaw, tracked as CVE-2025-10932,… Go to gbhackers.com

Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384.Central to this… Go to gbhackers.com

Critical RediShell RCE Vulnerability Threatens 8,500+ Redis Deployments Worldwide A critical security vulnerability in Redis’s Lua scripting engine has left thousands of database instances vulnerable to remote code execution attacks.The RediShell… Go to gbhackers.com

New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide.Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks… Go to gbhackers.com

Privilege Escalation Exploit Targets Windows Cloud Files Minifilter Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025.The flaw, assigned CVE-2025-55680, was originally discovered in… Go to gbhackers.com

Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution Google has released Chrome version 142 to the stable channel, addressing multiple critical security vulnerabilities that could allow attackers to execute malicious code on… Go to gbhackers.com

New Malware Infects WooCommerce Sites Through Fake Plugins to Steal Credit Card Data A sophisticated malware campaign is actively targeting WordPress e-commerce websites using the WooCommerce plugin, according to recent findings from the Wordfence Threat Intelligence Team…. Go to gbhackers.com

Docker Compose Flaw Lets Attackers Overwrite Arbitrary Files A path traversal vulnerability discovered in Docker Compose allows attackers to write arbitrary files to host systems through specially crafted OCI artifacts.Tracked as CVE-2025-62725,… Go to gbhackers.com

Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information Tata Motors, India’s largest automaker and a major player in the global automotive industry, suffered a catastrophic data exposure that revealed over 70 terabytes… Go to gbhackers.com

CISA Issues Alert on Active Exploitation of Dassault Systèmes Security Flaws The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding two severe vulnerabilities discovered in Dassault Systèmes DELMIA Apriso, a… Go to gbhackers.com

10 NPM Packages That Automatically Run on Install and Steal Credentials A sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential theft operation.The malware… Go to gbhackers.com

Beast Ransomware Targets Active SMB Connections to Infect Entire Networks A sophisticated ransomware operation known as Beast has emerged as a significant cybersecurity threat, employing aggressive network propagation tactics that leverage Server Message Block… Go to gbhackers.com

Zero-Click Exploit Targets MCP and Linked AI Agents to Stealthily Steal Data Operant AI’s security research team has uncovered Shadow Escape, a dangerous zero-click attack that exploits the Model Context Protocol to steal sensitive data through… Go to gbhackers.com

New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert cryptocurrency mining with comprehensive… Go to gbhackers.com

BlueNoroff Shifts Tactics: Targets C-Suite and Managers with New Infiltration Methods The North Korean-linked threat group BlueNoroff, also known by aliases including Sapphire Sleet, APT38, and Alluring Pisces, continues to evolve its attack tactics while… Go to gbhackers.com

Critical QNAP .NET Flaw Lets Attackers Bypass Security Protections A significant security vulnerability has emerged affecting QNAP’s NetBak PC Agent software through a critical flaw in Microsoft ASP.NET Core.The vulnerability, tracked as CVE-2025-55315,… Go to gbhackers.com

Sweden’s Power Grid Operator Admits Data Breach Linked to Everest Ransomware Gang Svenska kraftnät, Sweden’s national power grid operator, has confirmed it suffered a significant data breach that exposed certain information to unauthorized parties.The incident, disclosed… Go to gbhackers.com

Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Critical Infrastructure A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the… Go to gbhackers.com

Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files In the latter half of 2025, the Qilin ransomware group has solidified its standing as a formidable threat, continuing to post details of more… Go to gbhackers.com

Critical CoPhish Exploit Uses Copilot Studio to Hijack OAuth Tokens Security researchers at Datadog have uncovered a sophisticated phishing technique that weaponizes Microsoft Copilot Studio to conduct OAuth token theft attacks.Dubbed “CoPhish,” this… Go to gbhackers.com

Microsoft Adds Wi-Fi-Based Work Location Auto-Detection to Teams Microsoft is preparing to introduce a groundbreaking feature in Teams that will revolutionise how hybrid workers manage their presence information.The new capability will automatically… Go to gbhackers.com

North Korean Chollima Actors Added BeaverTail and OtterCookie to its Arsenal Famous Chollima, a DPRK-aligned threat group, has evolved its arsenal, with BeaverTail and OtterCookie increasingly merging functionalities to steal credentials and cryptocurrency via deceptive… Go to gbhackers.com

Hackers Use ClickFix Technique to Deploy NetSupport RAT Loaders Cybercriminals are increasingly using a technique known as “ClickFix” to deploy the NetSupport remote administration tool (RAT) for malicious purposes.According to a new… Go to gbhackers.com