Threat intelligence researchers at CloudSEK have uncovered a sophisticated phishing campaign targeting Indian entities using Income Tax-themed lures, attributed to the Chinese-aligned Silver Fox APT group. The campaign employs an advanced multi-stage malware chain delivering Valley RAT, a modular remote…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Bluetooth Headphone Vulnerabilities Allow Hackers to Hijack Connected Smartphones
Security researchers have disclosed critical vulnerabilities in Airoha-based Bluetooth headphones that enable attackers to compromise connected smartphones through chained exploits. The three vulnerabilities CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702 affect dozens of popular headphone models from Sony, Marshall, Jabra, Bose, and other…
Critical Zero-Day RCE Flaw in Networking Devices Exposes Over 70,000 Hosts
A severe unauthenticated remote code execution vulnerability has been discovered in XSpeeder networking devices, potentially affecting more than 70,000 publicly accessible hosts worldwide. Tracked as CVE-2025-54322, the flaw allows attackers to gain root-level access without any authentication credentials. CVE ID…
Hackers Launch 2.5 Million+ Malicious Requests Targeting Adobe ColdFusion Servers
Security researchers have uncovered a massive coordinated exploitation campaign where threat actors launched over 2.5 million malicious requests against vulnerable systems during the Christmas 2025 holiday period. The campaign represents a sophisticated, multi-faceted initial access broker operation targeting Adobe ColdFusion…
Hacker Dumped MacBook in River in Attempt to Destroy Digital Evidence
A former employee of South Korean e-commerce giant Coupang attempted to destroy evidence of a massive data theft by throwing his MacBook Air into a river, investigators revealed this week. The desperate act failed spectacularly, with forensic experts recovering the…
MongoBleed Detector Launched to Identify Critical MongoDB Flaw (CVE-2025-14847)
Security researchers have released an open-source detection tool to help organizations identify potential exploitation of MongoBleed (CVE-2025-14847), a critical memory disclosure vulnerability affecting multiple MongoDB versions. The MongoBleed Detector, developed by Neo23x0, provides incident responders with an offline analysis capability…
Hacktivist Proxies and the Normalization of Cyber Pressure Campaigns
A significant shift in the cyber threat landscape has been identified in a new research report, distinguishing modern “Hacktivist Proxy Operations” from traditional digital protests or criminal schemes. The findings suggest that hacktivism has evolved into a repeatable, model-driven instrument…
Hackers Compromise Trust Wallet Chrome Extension, Users Claim Millions Stolen
Trust Wallet users suffered devastating losses exceeding $7 million after cybercriminals compromised the Chrome browser extension version 2.68.0, released on December 24, 2025. The breach, which targeted desktop users exclusively, left hundreds of wallets completely drained within hours of the…
Google Introduces Option to Change @gmail.com Email Addresses
For years, Google users have been stuck with the email addresses they created when they first signed up. If you picked an embarrassing username years ago or simply want a more professional handle, the only previous solution was to create…
Critical LangChain Vulnerability Allows Attackers to Steal Sensitive Secrets
A critical security vulnerability in LangChain, one of the world’s most widely deployed AI frameworks, enables attackers to extract environment variable secrets and, through a serialization injection flaw, potentially achieve code execution. The vulnerability, identified as CVE-2025-68664, affects the core…
Unpatched FortiGate Security Flaw Allows Attackers to Bypass 2FA Controls
A critical authentication bypass vulnerability in FortiGate devices enables threat actors to circumvent two-factor authentication (2FA) protections through case-sensitive username manipulation. The flaw, tracked as CVE-2020-12812, affects organizations with specific LDAP integration configurations and remains exploitable on unpatched systems. The…
M-Files Vulnerability Allows Attackers to Steal Active User Session Tokens
A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation and unauthorized access to sensitive information. The flaw, tracked as CVE-2025-13008, was disclosed on December…
Israeli Organizations Targeted by AV-Themed Malicious Word and PDF Files
SEQRITE Labs’ Advanced Persistent Threat (APT) Team has uncovered a sophisticated campaign targeting Israeli organizations through weaponized Microsoft Word and PDF documents disguised as legitimate antivirus software. The operation, tracked as UNG0801 or “Operation IconCat,” exploits the trusted branding of…
NVIDIA Isaac Vulnerabilities Enable Remote Code Execution Attacks
NVIDIA released critical security updates for its Isaac Launchable platform on December 23, 2025, addressing three severe vulnerabilities that could allow unauthenticated attackers to execute arbitrary code remotely. All three flaws carry a maximum CVSS score of 9.8, placing them…
Microsoft Enhances BitLocker with Hardware Acceleration Support
Microsoft has officially announced a major upgrade to its encryption technology with the introduction of hardware-accelerated BitLocker. Revealed by Microsoft’s Rafal Sosnowski following the Ignite conference, this new feature is designed to solve performance bottlenecks that have plagued high-speed storage…
Evasive Panda APT: Malware Delivery via AitM and DNS Poisoning
Evasive Panda, a sophisticated threat actor known by the aliases Bronze Highland, Daggerfly, and StormBamboo, has escalated its offensive capabilities through a two-year campaign that has deployed advanced attack techniques,, including adversary-in-the-middle (AitM) attacks and DNS poisoning. According to June…
Critical MongoDB Flaw Leaks Sensitive Data Through zlib Compression
MongoDB has disclosed a critical security vulnerability tracked as CVE-2025-14847 that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw, affecting multiple MongoDB versions dating back to v3.6, stems from a client-side exploit in…
WebRAT Malware Campaign Leveraging GitHub-Hosted Proof-of-Concept Code
Cybersecurity specialists from the Solar 4RAYS cyberthreat research center, a division of the Solar Group, have uncovered a dangerous new malware strain dubbed “Webrat.” This sophisticated threat has been identified as a multi-functional remote access tool (RAT) and information stealer…
Operation PCPcat Exploits Next.js and React, Impacting 59,000+ Servers
A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at industrial scale. Security researchers discovered the campaign through honeypot monitoring and gained…
HardBit 4.0 Ransomware Abuses Unsecured RDP and SMB for Access Persistence
HardBit ransomware continues its evolution with the release of version 4.0, introducing sophisticated mechanisms to establish persistence through vulnerable network services. The latest variant leverages open Remote Desktop Protocol (RDP) and Server Message Block (SMB) services as entry points, enabling…