Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been identified leveraging legitimate cloud services like Dropbox, Twitter, and Zimbra for command-and-control (C2) communications in their cyber espionage campaigns. Cisco Talos researchers attribute these sophisticated…

Read more →

In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that exploits a legitimate antivirus driver to bypass system protections. The malware, identified as “kill-floor.exe,” leverages the Avast Anti-Rootkit driver (aswArPot.sys) to gain kernel-level access, effectively…

Read more →

The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia, targeting a prominent real estate and construction company in Riyadh. This marks the first time the group has targeted a major enterprise in the Kingdom,…

Read more →

In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in social media, marketing, and related roles. The attackers impersonated Fortune 500 companies, including Meta, Coca-Cola, and PayPal, to lure victims into applying for fake job…

Read more →

Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of legitimate businesses, according to the CrowdStrike 2025 Global Threat Report. The report highlights a significant shift in the cyber threat landscape during 2024, with attackers…

Read more →

A newly identified malware, dubbed “Squidoor,” has emerged as a sophisticated threat targeting government, defense, telecommunications, education, and aviation sectors in Southeast Asia and South America. Attributed to a suspected Chinese threat actor under the activity cluster CL-STA-0049, Squidoor employs…

Read more →

A new wave of cyberattacks targeting WordPress websites has been uncovered, with attackers leveraging fake plugins to inject malicious links into site footers. These links, often promoting casino-related spam, compromise website integrity and can severely impact search engine optimization (SEO).…

Read more →

A new ransomware group, dubbed Anubis, has emerged as a significant threat in the cybersecurity landscape. Active since late 2024, Anubis employs advanced techniques and operates across multiple platforms, including Windows, Linux, NAS, and ESXi environments. The group is leveraging…

Read more →

Microsoft has removed two widely-used Visual Studio Code (VS Code) extensions, “Material Theme Free” and “Material Theme Icons Free,” from its marketplace after cybersecurity researchers discovered malicious code embedded within them. These extensions, developed by Mattia Astorino (also known as…

Read more →

The modern cybersecurity landscape is witnessing an unprecedented surge in sophisticated attack techniques, with adversaries increasingly exploiting legitimate command-line tools to execute malicious actions. To address this evolving threat, Microsoft Defender for Endpoint has enhanced its capabilities to detect and…

Read more →

A new wave of sophisticated cyberattacks targeting macOS systems has been identified, involving two malware strains, RustDoor and Koi Stealer. These attacks, attributed to North Korea-linked Advanced Persistent Threat (APT) groups, primarily aim at stealing sensitive login credentials and cryptocurrency…

Read more →

A newly identified cybercriminal group, LARVA-208, also known as EncryptHub, has successfully infiltrated 618 organizations globally since June 2024, leveraging advanced social engineering techniques to steal credentials and deploy ransomware. According to reports from cybersecurity firms CATALYST and Prodaft, the…

Read more →

Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s recent controversy over photo scanning. The app, silently installed on Android devices via system updates, enables on-device image analysis to detect sensitive content—a feature marketed…

Read more →

Security researchers have uncovered a novel Bluetooth tracking vulnerability in Apple’s Find My network – the system powering AirTags and device-finding capabilities across iPhones, iPads, and Macs. Dubbed “nRootTag,” the attack transforms nearly any Bluetooth-enabled computer or smartphone into an…

Read more →

Cybersecurity firm Group-IB, alongside the Royal Thai Police and Singapore Police Force, announced the arrest of a prolific hacker linked to over 90 major data breaches across 25 countries, including 65 attacks in the Asia-Pacific region. The cybercriminal, operating under aliases ALTDOS, DESORDEN,…

Read more →

Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability affecting its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Tracked as CVE-2025-20161 (CVSSv3 score: 5.1), the flaw enables authenticated attackers with administrative privileges…

Read more →

A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks with surgical precision, raising alarms across cybersecurity and telecommunications industries. Researchers from Northeastern University and the University of Chicago uncovered this vulnerability in IEEE 802.11…

Read more →

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass security mechanisms, execute malicious scripts, and access sensitive data. The patches, included in versions 17.9.1, 17.8.4, and 17.7.6 for both…

Read more →

A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers discovered it could allow attackers to execute malicious files on Windows systems by exploiting hyperlink handling mechanisms. The flaw, which impacts versions…

Read more →

Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. The vulnerability enables unauthenticated attackers to trigger denial of service (DoS) conditions through crafted Ethernet frames. Rated 7.4 on…

Read more →

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection during malware distribution. Attackers are leveraging ephemeral port 60102, typically reserved for temporary communications, as a service port for covert malware transmission. This approach bypasses…

Read more →

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial appearance in November 2024. Known for encrypting files with the .lcryx extension and demanding $500 in Bitcoin for decryption, this ransomware has evolved with advanced…

Read more →

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has been detected, targeting government and military entities in Ukraine and opposition groups in Belarus. The campaign, active since late 2024, employs weaponized Excel (XLS) files…

Read more →

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox, has been uncovered, targeting healthcare services in North America. The attackers exploited Philips DICOM Viewer software to deploy malicious payloads, including a backdoor remote access…

Read more →

In a groundbreaking development, researchers have uncovered how attackers are exploiting Windows Virtualization-Based Security (VBS) enclaves to create malware that is highly evasive and difficult to detect. VBS enclaves, designed as isolated and secure regions of memory within a process,…

Read more →

A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan, is leveraging PKG files with preinstall scripts to infiltrate systems. This malware, weighing only 207 bytes, is currently undetected by VirusTotal and represents a significant…

Read more →

A financial management app named Finance Simplified has been revealed as a malicious tool for stealing sensitive user data and engaging in blackmail. Despite its fraudulent nature, the app managed to accumulate over 100,000 downloads from the Google Play Store…

Read more →

In a concerning new development, cybercriminals are exploiting the widespread popularity of the recently launched DeepSeek AI chatbot to distribute the Vidar Stealer malware. According to research by Zscaler ThreatLabz, attackers are using brand impersonation tactics to lure unsuspecting users…

Read more →

The cybersecurity landscape has witnessed a significant uptick in ransomware activity, with six new data-leak sites (DLSs) linked to emerging ransomware groups identified in early 2025. According to Cyjax, these groups include Kraken, Morpheus, GD LockerSec, Babuk2, Linkc, and the…

Read more →

In a significant breakthrough, cybersecurity firm Silent Push has uncovered sensitive infrastructure tied to the Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT). This discovery sheds light on the group’s involvement in the historic $1.4 billion cryptocurrency heist…

Read more →

MITRE has unveiled the Offensive Cyber Capability Unified LLM Testing (OCCULT) framework, a groundbreaking methodology designed to evaluate risks posed by large language models (LLMs) in autonomous cyberattacks. Announced on February 26, 2025, the initiative responds to growing concerns that…

Read more →

A significant cybersecurity breach at Genea, one of Australia’s largest in vitro fertilization (IVF) providers, has raised alarms among thousands of patients amid concerns that sensitive medical data and treatment schedules may be compromised. The clinic confirmed on Wednesday that…

Read more →

A critical set of 20 security vulnerabilities in GRUB2, the widely used bootloader for Linux systems, has been revealed, exposing millions of devices to potential secure boot bypass and remote code execution attacks. Discovered during a proactive hardening initiative, these…

Read more →

Telecommunications provider Orange Communication faces a potential data breach after a threat actor using the pseudonym “Rey” claimed responsibility for leaking 380,000 email records and sensitive corporate data on a dark web forum. The alleged breach, disclosed earlier this week, includes source code, internal invoices,…

Read more →

A series of critical security vulnerabilities in the widely-used Rsync file synchronization tool have been uncovered, exposing millions of servers to potential takeover by anonymous attackers.  The flaws, discovered in Rsync version 3.2.7 and earlier, enable remote code execution, sensitive…

Read more →

A critical security vulnerability in the Essential Addons for Elementor plugin, installed on over 2 million WordPress websites, has exposed sites to script injection attacks via malicious URL parameters. The flaw, tracked as CVE-2025-24752 and scoring 7.1 (High) on the CVSS scale, allowed attackers to execute…

Read more →

A novel malware delivery framework employing advanced obfuscation techniques has evaded detection by security tools for over 48 hours. The attack chain centers around a Batch script that leverages PowerShell and Visual Basic Script (VBS) to deploy either the XWorm…

Read more →

DISA Global Solutions, a Houston-based provider of employee background checks and workplace safety services, disclosed a significant cybersecurity incident exposing the personal information of over 3.3 million individuals, including 15,198 Maine residents. The breach occurred on February 9, 2024, but was…

Read more →

A sweeping cybersecurity alert has emerged as researchers identify 2,850+ unpatched Ivanti Connect Secure devices worldwide, leaving organizations vulnerable to exploitation through the critical flaw designated CVE-2025-22467. The findings, published by cybersecurity watchdog Shadowserver Foundation, reveal systemic risks to virtual private network (VPN)…

Read more →

Cybersecurity service Have I Been Pwned (HIBP) has disclosed one of the largest data exposure events in its 11-year history, integrating 23 billion rows of stolen credentials from a malware operation dubbed “ALIEN TXTBASE.” The breach corpus contains 493 million unique website-email…

Read more →

A critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become a focal point for cybercriminals deploying webshells and advanced backdoor payloads. The vulnerability, caused by improper input validation in the routers’ web-based management interface, allows…

Read more →

The TgToxic Android malware, initially discovered in July 2022, has undergone significant updates, enhancing its ability to steal login credentials and financial data. Originally targeting Southeast Asian users through phishing campaigns and deceptive apps, the malware has now evolved to…

Read more →

Google, in collaboration with its Mandiant Threat Intelligence team, has issued a warning about a surge in phishing campaigns targeting higher education institutions in the United States. These campaigns, observed since August 2024, have exploited the academic calendar and institutional…

Read more →

Researchers at Palo Alto Networks have identified a new Linux malware, dubbed “Auto-Color,” that has emerged as a significant threat due to its advanced evasion techniques and ability to grant attackers full remote access to compromised systems. Discovered between November…

Read more →

The Socket Research Team has uncovered a malicious npm package@ton-wallet/create designed to steal sensitive cryptocurrency wallet keys from developers and users in the TON blockchain ecosystem. TON, originally developed by Telegram, is a growing platform for decentralized applications (dApps), smart…

Read more →

Cybersecurity researchers at Bitdefender Labs have uncovered a sophisticated scam targeting the Counter-Strike 2 (CS2) gaming community. Cybercriminals are hijacking popular YouTube gaming channels to impersonate professional players and lure unsuspecting fans into fraudulent schemes. These scams, timed to coincide…

Read more →

The Lumma Stealer malware, a sophisticated infostealer, is being actively distributed through malicious files disguised as video content on platforms like YouTube. Researchers at Silent Push have uncovered alarming patterns in the malware’s infrastructure, revealing its use of weaponized files…

Read more →

In a widespread cyberattack, over 35,000 websites have been compromised by a malicious campaign that injects harmful scripts into their codebase. The injected scripts redirect users to Chinese-language gambling platforms, primarily under the “Kaiyun” brand. This attack leverages obfuscated JavaScript…

Read more →

INE, the leading provider of networking and cybersecurity training and certifications, today announced its recognition as an enterprise and small business leader in online course providers and cybersecurity professional development, along with its designation as the recipient of G2’s 2025…

Read more →

Researchers from Duke University and Carnegie Mellon University have demonstrated successful jailbreaks of OpenAI’s o1/o3, DeepSeek-R1, and Google’s Gemini 2.0 Flash models through a novel attack method called Hijacking Chain-of-Thought (H-CoT). The research reveals how advanced safety mechanisms designed to…

Read more →

A sophisticated malware campaign dubbed GitVenom has infected over 200 GitHub repositories, targeting developers with fake projects masquerading as legitimate tools. The repositories, active for nearly two years, deploy stealers, remote access Trojans (RATs), and clippers to compromise systems and steal sensitive…

Read more →

In a significant cybersecurity revelation, researchers have uncovered a large-scale campaign exploiting a Windows policy loophole to deploy malware while evading detection. The attack hinges on the abuse of a legacy driver, Truesight.sys (version 2.0.2), which contains vulnerabilities that allow…

Read more →

Cybersecurity researchers uncovered a sophisticated malware campaign targeting macOS users through a fraudulent DeepSeek.ai interface. Dubbed “Poseidon Stealer,” this information-stealing malware employs advanced anti-analysis techniques and novel infection vectors to bypass Apple’s latest security protocols, marking a significant escalation in…

Read more →

A new wave of cyberattacks, dubbed “DeceptiveDevelopment,” has been targeting freelance developers through fake job interview challenges, according to ESET researchers. These attacks, linked to North Korea-aligned threat actors, involve malicious software disguised as coding tasks or projects. The primary…

Read more →

A new phishing campaign targeting Amazon Prime users has been identified, aiming to steal login credentials and other sensitive information, including payment details and personal verification data. The attack, analyzed by the Cofense Phishing Defense Center (PDC), uses a carefully…

Read more →

The LightSpy surveillance framework has significantly evolved its operational capabilities, now supporting over 100 commands to infiltrate Android, iOS, Windows, macOS, and Linux systems, and routers, according to new infrastructure analysis. First documented in 2020, this modular malware has shifted…

Read more →

A critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework. The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks. Attackers can exploit…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of a severe deserialization vulnerability (CVE-2024-20953) in Oracle Agile Product Lifecycle Management (PLM) software. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February…

Read more →

Researchers at Graz University of Technology have uncovered a groundbreaking software-based side-channel attack, KernelSnitch, which exploits timing variances in Linux kernel data structures. Unlike hardware-dependent attacks, KernelSnitch targets hash tables, radix trees, and red-black trees, enabling unprivileged attackers to leak sensitive…

Read more →

A newly discovered technique allows threat actors to circumvent Microsoft Outlook’s spam filters to deliver malicious ISO files, exposing organizations to sophisticated phishing campaigns. The bypass leverages hyperlink obfuscation to disguise malicious links as benign URLs, enabling attackers to distribute…

Read more →

A significant breakthrough in bypassing Windows activation has been achieved with the introduction of TSforge, a powerful exploit developed by researchers. This tool is capable of activating every edition of Windows since Windows 7, as well as all Windows add-ons…

Read more →

A significant vulnerability has been discovered in the Sliver C2 server, a popular open-source cross-platform adversary emulation and red team framework. This vulnerability, identified as CVE-2025-27090, allows attackers to hijack TCP connections, enabling them to intercept and manipulate traffic. The…

Read more →

A recent cybersecurity investigation has uncovered a cluster of 16 malicious Chrome extensions that have compromised at least 3.2 million users. These extensions, which include functionalities like screen capture, ad blocking, and emoji keyboards, were found to inject code into…

Read more →

In a recent escalation of cyber threats, hackers have launched a targeted campaign, identified as UAC-0212, aimed at compromising critical infrastructure facilities in Ukraine. This campaign, which began in the second half of 2024, involves sophisticated tactics to infiltrate the…

Read more →

The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread malware and steal cryptocurrency. This campaign involves creating hundreds of fake GitHub repositories that appear legitimate but contain malicious code. These repositories are designed to lure…

Read more →

A recent investigation by Kaspersky ICS CERT has uncovered a sophisticated cyberattack targeting industrial organizations across the Asia-Pacific region, particularly those in Taiwan, Malaysia, China, Japan, Thailand, South Korea, Singapore, the Philippines, Vietnam, and Hong Kong. The attackers are using…

Read more →

A malicious Android application, Finance Simplified (package: com.someca.count), has been identified on the Google Play Store, targeting Indian users under the guise of a financial management tool. The app, which claims to offer an EMI calculator, is instead a sophisticated…

Read more →

A security researcher has uncovered critical vulnerabilities in Eight Sleep’s internet-connected smart beds, revealing exposed Amazon Web Services (AWS) credentials, remote SSH backdoors, and potential access to users’ entire home networks. The findings underscore growing concerns about IoT device security…

Read more →

Apple has discontinued its Advanced Data Protection (ADP) feature for UK users following a legal demand from the British government to access encrypted user data. The move marks a pivotal moment in the ongoing global debate over privacy rights and…

Read more →

The Wireshark Foundation has announced the release of Wireshark 4.4.4, the latest iteration of the world’s most widely used network protocol analyzer. This update focuses on enhancing stability, refining protocol dissectors, and addressing critical security vulnerabilities, cementing Wireshark’s position as…

Read more →

The cryptocurrency sector faced one of its most significant security breaches this year as stablecoin banking platform @0xinfini fell victim to a sophisticated cyberattack. Hackers drained 49.5 million USD Coin ($USDC) from the platform’s reserves, triggering immediate market turbulence and…

Read more →

In a swift and highly coordinated attack, LockBit ransomware operators exploited a critical remote code execution vulnerability (CVE-2023-22527) in Atlassian Confluence servers, targeting an exposed Windows server. This vulnerability, rated CVSS 10.0, enabled unauthenticated attackers to execute arbitrary commands by…

Read more →

GhostSocks, a Golang-based SOCKS5 backconnect proxy malware, has emerged as a significant threat within the cybercrime ecosystem. First identified in October 2023 on Russian-language forums, its distribution expanded to English-speaking criminal platforms by mid-2024. This malware operates as part of…

Read more →

A sophisticated phishing campaign impersonating OpenAI’s ChatGPT Premium subscription service has surged globally, targeting users with fraudulent payment requests to steal credentials. Cybersecurity firm Symantec recently identified emails spoofing ChatGPT’s branding, urging recipients to renew a fictional $24 monthly subscription.…

Read more →

A critical zero-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed after seven months of unresolved reporting, enabling attackers to escalate privileges to the root level on macOS systems. The proof-of-concept (PoC) exploit code demonstrates two distinct bypass…

Read more →

A newly disclosed vulnerability in the Exim mail transfer agent (CVE-2025-26794) has sent shockwaves through the cybersecurity community, revealing a critical SQL injection flaw that enables attackers to compromise email systems and manipulate underlying databases.  The vulnerability, confirmed in Exim…

Read more →

In what has become the largest cryptocurrency theft in history, hackers infiltrated Bybit’s Ethereum cold wallet on February 21, 2025, siphoning approximately 401,346 ETH valued at $1.46 billion. The breach, attributed to North Korea’s Lazarus Group, exploited vulnerabilities in Bybit’s…

Read more →

Security researchers have disclosed critical details about CVE-2025-20029, a command injection vulnerability in F5’s BIG-IP Traffic Management Shell (TMSH) command-line interface. The flaw enables authenticated attackers with low privileges to bypass security restrictions, execute arbitrary commands, and gain root-level access to vulnerable systems.…

Read more →

Google Cloud has unveiled a critical cybersecurity upgrade: quantum-safe digital signatures via its Key Management Service (Cloud KMS), now available in preview. This move aligns with the National Institute of Standards and Technology’s (NIST) 2024 post-quantum cryptography (PQC) standards, offering developers tools…

Read more →

A newly identified malware, dubbed Zhong Stealer, has emerged as a significant threat to the fintech and cryptocurrency sectors. Any.run researchers discovered zhong malware during a phishing campaign between December 20 and 24, 2024, the malware exploits customer support platforms…

Read more →

In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect Secure, as confirmed by JPCERT/CC. This vulnerability, disclosed in January 2025, had already been actively exploited since late December 2024,…

Read more →

The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has seen a significant increase in its distribution since the beginning of 2025. Initially distributed in limited volumes in mid-2024, this malware has now gained traction,…

Read more →

Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a cyberattack on Northwestern Polytechnical University, a prominent Chinese institution specializing in aerospace and defense research. The allegations, published by organizations such as Qihoo 360 and the…

Read more →

A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing attackers to extract private keys used for signing SAML authentication requests. The flaw, tracked as CVE-2022-35202, stems from the use of a Java keystore accessible via…

Read more →

Ubiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities in its UniFi Protect camera ecosystem, including a high-severity remote code execution (RCE) flaw that could allow attackers to hijack devices and infiltrate network infrastructure.…

Read more →

A security vulnerability in Nagios XI 2024R1.2.2, tracked as CVE-2024-54961, has been disclosed, allowing unauthenticated attackers to retrieve sensitive user information, including usernames and email addresses, from the network monitoring platform. This high-severity flaw (CVSSv3 score: 6.5) exposes organizations to…

Read more →

A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF), has exposed enterprise cloud infrastructures to denial-of-service (DoS) attacks. Designated as CVE-2024-50608 and CVE-2024-50609, these vulnerabilities—scoring…

Read more →

The cybercriminal group behind the notorious “darcula-suite” platform has unveiled its latest iteration, darcula 3.0, which introduces groundbreaking capabilities for creating phishing kits targeting any brand globally. This “Phishing-as-a-Service” (PhaaS) platform lowers the technical barrier for bad actors by automating…

Read more →

Cybercriminals are increasingly leveraging sophisticated Adversary-in-the-Middle (AiTM) phishing techniques, enabled by the rise of Phishing-as-a-Service (PhaaS) ecosystems. These operations target financial institutions globally, bypassing multi-factor authentication (MFA) by intercepting live authentication sessions. Threat actors use reverse proxy servers to relay…

Read more →

The notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics, the group has exploited zero-day vulnerabilities to infiltrate systems, steal sensitive data, and extort victims.…

Read more →

A highly advanced threat actor, dubbed “Salt Typhoon,” has been implicated in a series of cyberattacks targeting major U.S. telecommunications networks, according to a report by Cisco Talos. The campaign, which began in late 2024 and was confirmed by the…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released seven Industrial Control Systems (ICS) advisories on February 20, 2025, addressing critical vulnerabilities in products from ABB, Siemens, Mitsubishi Electric, and other industrial technology providers. These advisories underscore escalating risks to…

Read more →

The once-shadowy realm of Pegasus spyware has breached new frontiers, with forensic analyses revealing a stark pivot from targeting journalists and activists to infiltrating the private sector. In December 2024, mobile security firm iVerify detected 11 new Pegasus infections among…

Read more →

Cybersecurity researchers from Palo Alto Networks’ Unit 42 disclosed the resurgence of the Bookworm malware, which has been linked to the Stately Taurus threat actor group. This malware employs a sophisticated DLL sideloading technique that enables it to infiltrate Windows…

Read more →

ESET researchers have uncovered a series of malicious activities orchestrated by a North Korea-aligned group known as DeceptiveDevelopment, active since early 20241. The cybercriminals pose as company recruiters, enticing freelance software developers with fake employment offers. As part of the…

Read more →

As of February 2025, ransomware remains a formidable cyber threat, evolving in complexity and scale. The ransomware ecosystem has adapted to previous law enforcement disruptions, showcasing a resilient business model that continues to attract financially motivated cybercriminals. The proliferation of…

Read more →

A recent investigation into Ivanti Endpoint Manager (EPM) has uncovered four critical vulnerabilities that could allow unauthenticated attackers to exploit machine account credentials for relay attacks, potentially leading to server compromise. These vulnerabilities, identified in the C:\Program Files\LANDesk\ManagementSuite\WSVulnerabilityCore.dll, were patched…

Read more →

Check Point Software Technologies Ltd. has announced plans to establish its inaugural Asia-Pacific Research and Development (R&D) Centre in Bengaluru, India. This initiative, unveiled during the CPX Bangkok 2025 conference, aims to drive innovation in cybersecurity solutions while strengthening global…

Read more →

Cybersecurity experts have raised alarms about the Rhadamanthys Infostealer, a sophisticated malware now being distributed through Microsoft Management Console (MMC) files with the MSC extension. This new tactic, confirmed by the AhnLab Security Intelligence Center (ASEC), exploits the flexibility of…

Read more →

Cybersecurity researchers at Palo Alto Networks’ Unit 42 disclosed nine vulnerabilities in NVIDIA’s Compute Unified Device Architecture (CUDA) Toolkit, specifically in the cuobjdump and nvdisasm utilities. These tools, integral to analyzing CUDA binary files for GPU programming, were found to…

Read more →