Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the threat actor group SmartApeSG, also known as ZPHP or HANEYMANEY. This campaign exploits fake browser update notifications to deliver two potent malware strains: NetSupport RAT and StealC. The operation…

Read more →

A recent phishing campaign conducted by cybersecurity firm Hackmosphere has revealed alarming vulnerabilities among top decision-makers, including CEOs and CTOs. The study underscores how cybercriminals exploit social engineering tactics to target high-ranking executives, emphasizing the need for heightened vigilance and…

Read more →

Security researchers have uncovered a significant evolution in the ShadowPad malware family, which is now being used to deploy ransomware in highly targeted attacks. ShadowPad, modular malware linked to Chinese threat actors, has historically been associated with cyber espionage. However,…

Read more →

A newly discovered vulnerability in the Fedora Linux kernel, identified as CVE-2025-1272, has raised alarm bells in the open-source community. The flaw, stemming from Secure Boot’s failure to automatically enable kernel lockdown mode, could expose sensitive system data to potential…

Read more →

IBM recently disclosed multiple vulnerabilities in its OpenPages platform, a tool widely used for governance, risk, and compliance management. These vulnerabilities, if exploited, could allow attackers to access sensitive information, disrupt critical processes, or compromise authentication credentials. Below are the…

Read more →

AWS Key Hunter, a cutting-edge automated solution designed to identify exposed AWS keys in GitHub repositories. This powerful tool combines real-time monitoring, advanced scanning capabilities, and a seamless notification system to help developers and organizations protect sensitive cloud credentials from…

Read more →

The National Security Agency (NSA) has unveiled Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework, introducing transformative features that streamline vulnerability analysis and collaborative research. This release—coded internally as “NSA Adds Innovative Features to Ghidra 11.3…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the widespread impact of the Ghost ransomware, also known as Cring. Since its emergence in early 2021, this ransomware…

Read more →

Symantec, a division of Broadcom, has released a critical security update to address a high-severity vulnerability identified in its Symantec Diagnostic Tool (SymDiag). This vulnerability tracked as CVE-2025-0893, could enable unauthorized privilege escalation, posing significant security risks. The issue specifically…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the increasing threat posed by Ghost ransomware. This malicious campaign has already impacted more than 70 organizations across various…

Read more →

Microsoft has urgently addressed a high-severity privilege escalation vulnerability (CVE-2025-21420) in the Windows Disk Cleanup Utility (cleanmgr.exe) during its February 2025 Patch Tuesday updates. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM…

Read more →

Cloud Software Group has raced to address a severe security flaw in its widely used NetScaler management infrastructure that could enable authenticated attackers to execute malicious commands across enterprise networks. The vulnerability tracked as CVE-2024-12284 and scoring 8.8 on the…

Read more →

A critical security flaw in Microsoft Bing tracked as CVE-2025-21355, allowed unauthorized attackers to execute arbitrary code remotely, posing severe risks to organizations and users globally. The vulnerability, rooted in a missing authentication mechanism for a critical Bing function, enabled…

Read more →

The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated group is leveraging a ransomware strain named UxCryptor, which has gained notoriety…

Read more →

A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected targeting users of popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. FortiGuard Labs identified this threat using FortiSandbox v5.0 (FSAv5), a…

Read more →

Cybercriminal groups, primarily based in China, are leveraging advanced phishing techniques and mobile wallet technologies to convert stolen payment card data into fraudulent Apple and Google Wallet accounts. This innovative approach has revitalized the underground carding industry, which had been…

Read more →

Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a new campaign leveraging the legitimate JAR signing tool, jarsigner.exe, to distribute the XLoader malware. The attack employs a DLL side-loading technique, where malicious DLL files are placed alongside legitimate…

Read more →

Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept…

Read more →

Mozilla released Firefox 135.0.1 on February 18, 2025, as an emergency security update to patch multiple high-severity memory safety vulnerabilities. The update specifically addresses CVE-2025-1414, a critical flaw that could enable arbitrary code execution and compromise user systems. This marks the…

Read more →

Textile and apparel conglomerate Raymond Limited confirmed a cybersecurity breach affecting portions of its IT infrastructure on Wednesday, February 19, 2025, according to regulatory filings submitted to the BSE and NSE stock exchanges.  The Mumbai-based company, whose operations span fabric…

Read more →

A critical vulnerability (CVE-2025-0366) in the Jupiter X Core WordPress plugin, actively installed on over 90,000 websites, was disclosed on January 6, 2025. The flaw enables authenticated attackers with contributor-level privileges to execute remote code via chained Local File Inclusion…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of critical remote code execution (RCE) vulnerability in SonicWall’s SonicOS, tracked as CVE-2024-53704. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 19,…

Read more →

CISA and Palo Alto Networks are scrambling to contain widespread exploitation of a critical authentication bypass vulnerability (CVE-2025-0108) affecting firewall devices running unpatched PAN-OS software. The Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities…

Read more →

The months of January through April, marking the U.S. tax season, have seen a sharp rise in malicious cyber activity targeting taxpayers. Broadcom’s Symantec Security Center has identified a surge in IRS and tax-themed phishing campaigns, smishing attacks, and fraudulent…

Read more →

The Russian government has unveiled sweeping legislative reforms aimed at curbing cybercrime, introducing stricter penalties, expansive law enforcement powers, and novel judicial measures. Approved on February 10, 2025, the amendments seek to modernize the nation’s cybersecurity framework amid rising digital…

Read more →

A severe security vulnerability (CVE-2024-52577) in Apache Ignite, the open-source distributed database and computing platform, has been disclosed. The flaw enables remote attackers to execute arbitrary code on vulnerable servers by exploiting insecure deserialization mechanisms in specific configurations. First reported…

Read more →

GitHub has launched GPT-4o Copilot, a refined code completion model now available to Visual Studio Code users. Built on the GPT-4o mini architecture and trained on over 275,000 high-quality public repositories, the update marks a leap in multi-language support, performance accuracy, and contextual understanding…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) escalated its cybersecurity alerts on February 18, 2025, releasing two critical Industrial Control Systems (ICS) advisories targeting vulnerabilities in Delta Electronics’ CNCSoft-G2 and Rockwell Automation’s GuardLogix controllers. These advisories flagged under ICSA-24-191-01…

Read more →

Google has rolled out an urgent security update for its Chrome browser, patching three vulnerabilities—including two critical heap buffer overflow flaws—that could enable attackers to execute arbitrary code and seize control of affected systems. The update (version 133.0.6943.126/.127 for Windows/Mac…

Read more →

SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using the .NET framework. This malware is notorious for its advanced obfuscation techniques, making it challenging to analyze and detect. Recently, cybersecurity researchers uncovered a new campaign…

Read more →

Cybersecurity researchers have uncovered a new MageCart malware campaign targeting e-commerce websites running on the Magento platform. This attack exploits <img> HTML tags to conceal malicious JavaScript skimmers, enabling cybercriminals to steal sensitive payment information while evading detection by security…

Read more →

A sophisticated malware campaign leveraging the Lumma InfoStealer has been identified, targeting educational institutions to distribute malicious files disguised as PDF documents. This campaign employs compromised school infrastructure to deliver weaponized LNK (shortcut) files masquerading as legitimate PDFs, initiating a…

Read more →

A significant vulnerability has been identified in large language models (LLMs) such as ChatGPT, raising concerns over their susceptibility to adversarial attacks. Researchers have highlighted how these models can be manipulated through techniques like prompt injection, which exploit their text-generation…

Read more →

A recent study by researchers from the National University of Singapore and NCS Cyber Special Ops R&D explores how the MITRE ATT&CK framework can be enhanced to address the rapidly evolving landscape of cyber threats. The research synthesizes findings from…

Read more →

A sophisticated malware campaign was launched by cybercriminals, targeting users through trojanized versions of popular games. Exploiting the holiday season’s heightened torrent activity, the attackers distributed compromised game installers via torrent trackers. The campaign, which lasted for a month, primarily…

Read more →

A sophisticated cyber espionage campaign leveraging the EagerBee malware has been targeting government agencies and Internet Service Providers (ISPs) across the Middle East. This advanced backdoor malware, attributed to the Chinese-linked threat group CoughingDown, demonstrates cutting-edge stealth capabilities and persistence…

Read more →

Intel by Intruder now uses AI to contextualize NVD descriptions, helping security teams assess risk faster. Intruder, a leader in attack surface management, has launched AI-generated descriptions for Common Vulnerabilities and Exposures (CVEs) within its free vulnerability intelligence platform, Intel.…

Read more →

A cybersecurity incident at Zacks Investment Research has exposed sensitive data belonging to 12 million users, marking the second major breach for the financial services firm since 2022. The compromised information includes email addresses, phone numbers, names, IP addresses, physical…

Read more →

The Directorate of Enforcement (ED) in Ahmedabad has dealt a significant blow to one of history’s largest cryptocurrency frauds, recovering Rs. 1,646 crore (approx. $219 million) in illicit crypto assets linked to the BitConnect Ponzi scheme during coordinated raids on 11 and…

Read more →

A sophisticated black-hat SEO poisoning campaign has compromised over 150 Indian government websites and financial institutions, redirecting millions of users to fraudulent gambling platforms promoting rummy and high-risk “investment” games. The operation, exploits vulnerabilities in government portals (.gov.in) and educational…

Read more →

The popular file compression and archiving tool, WinRAR 7.10, has released with new features, interface enhancements, and improved performance. WinRAR 7.10 represents a landmark update that modernizes core components while addressing evolving user needs in data management and system security.…

Read more →

A novel persistence mechanism exploiting Microsoft’s Text Services Framework (TSF) has been uncovered by researchers at Praetorian Labs, revealing a sophisticated method for maintaining long-term access to compromised systems. While requiring administrative privileges for initial deployment, this technique enables stealthy…

Read more →

Cybersecurity researchers have uncovered a novel phishing campaign distributing the notorious Tycoon 2FA phishing kit through fraudulent timesheet notification emails, marking a concerning evolution in multi-layered credential theft operations.  The operation utilizes Pinterest’s visual bookmarking service as an intermediary redirector,…

Read more →

Juniper Networks has issued an urgent security bulletin for its Session Smart Router, Session Smart Conductor, and WAN Assurance Router product lines, revealing a critical API authentication bypass vulnerability (CVE-2025-21589) that enables unauthenticated attackers to gain full administrative control over…

Read more →

According to recent findings by cybersecurity researcher Johann Rehberger, OpenAI’s ChatGPT Operator, an experimental agent designed to automate web-based tasks, faces critical security risks from prompt injection attacks that could expose users’ private data. In a demonstration shared exclusively with…

Read more →

Researchers from Trend Micro’s Threat Hunting team have uncovered a sophisticated cyberattack campaign by the advanced persistent threat (APT) group Earth Preta, also known as Mustang Panda. The group has been leveraging new techniques to infiltrate systems and evade detection,…

Read more →

Two critical vulnerabilities in LibreOffice (CVE-2024-12425 and CVE-2024-12426) expose millions of users to file system manipulation and sensitive data extraction attacks. These flaws affect both desktop users opening malicious documents and server-side systems using LibreOffice for headless document processing. CVE-2024-12425:…

Read more →

Ransomware gangs are accelerating their operations, with the average time-to-ransom (TTR), the period between initial system compromise and the deployment of encryption, now standing at just 17 hours, according to recent cybersecurity analyses. This marks a significant shift from earlier…

Read more →

Telekom Security has recently uncovered a significant vishing (voice phishing) campaign targeting individuals and organizations across Germany. This operation appears to be linked to a ransomware group employing sophisticated social engineering tactics. The attackers impersonate Microsoft Outlook support personnel, aiming…

Read more →

Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking its first update since 2022. This sophisticated malware continues to target macOS users by infecting Xcode projects, a critical tool for Apple developers. The latest variant…

Read more →

A critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered, exposing enterprise networks to credential theft and lateral attacks. The flaw, discovered by Rapid7 Principal IoT Researcher Deral Heiland, enables malicious actors to intercept Lightweight Directory…

Read more →

Security researchers have uncovered sophisticated malware targeting WordPress websites, leveraging hidden backdoors to enable remote code execution (RCE). These attacks exploit vulnerabilities in WordPress core features and plugins, allowing hackers to gain unauthorized access, execute arbitrary code, and maintain control…

Read more →

Threat actors are leveraging a modified version of the SharpHide tool to create hidden registry entries, significantly complicating detection and removal efforts. This technique exploits vulnerabilities in Windows registry handling, using null-terminated strings to obscure malicious entries. The modified SharpHide…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning of active exploitation of a critical security flaw in Apple’s iOS and iPad operating systems. Tracked as CVE-2025-24200, the vulnerability permits attackers with physical access to bypass critical…

Read more →

A security researcher recently uncovered a high-risk Insecure Direct Object Reference (IDOR) vulnerability in ExHub, a cloud hosting and collaboration platform used by over 2 million developers. The flaw enabled attackers to manipulate web hosting configurations for any project hosted…

Read more →

Linus Torvalds has announced the release of Linux Kernel 6.14-rc3, marking a critical milestone in stabilizing the upcoming 6.14 kernel version. This release candidate addresses architectural vulnerabilities and introduces the lightweight “Faux Bus” framework to streamline driver development. The update…

Read more →

The Indian Post Office portal recently exposed the sensitive Know Your Customer (KYC) data of thousands of users due to a critical vulnerability known as Insecure Direct Object References (IDOR). This alarming flaw allowed unauthorized individuals to access private user…

Read more →

Phone scams are becoming more sophisticated with advancements in AI-driven speech tools, making it easier for scammers to manipulate victims. To combat these growing threats, Google has introduced a groundbreaking security feature in Android 16 that prevents users from making certain sensitive…

Read more →

The Microsoft Threat Intelligence Center (MSTIC) has uncovered an ongoing and sophisticated phishing campaign leveraging Microsoft Teams invites to gain unauthorized access to user accounts and sensitive data. The campaign, attributed to a threat actor known as Storm-2372, has been…

Read more →

Meta’s commitment to cybersecurity took center stage in 2024 as the tech giant awarded over $2.3 million in payouts to global security researchers participating in its bug bounty program. Since its inception in 2011, the initiative has grown into a…

Read more →

Google has taken a significant step in enhancing internet safety by integrating artificial intelligence (AI) into its “Safe Browsing” feature in Google Chrome. This innovative update, which has successfully rolled out to the Stable version of Chrome, leverages AI technology…

Read more →

North Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users. Dubbed Operation Marstech Mayhem, this operation leverages the group’s latest implant, “Marstech1,” to infiltrate the software supply chain and exfiltrate…

Read more →

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using compromised websites to deliver malicious ZIP files disguised as legitimate browser updates. This campaign, active since at least 2017, continues to exploit unsuspecting users by embedding…

Read more →

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick to mimic a fake Blue Screen of Death (BSOD). The script, which has a low detection rate of 4/59 on VirusTotal (SHA256: d716c2edbcdb76c6a6d31b21f154fee7e0f8613617078b69da69c8f4867c9534), drew the attention…

Read more →

Elastic Security Labs has uncovered a sophisticated cyber-espionage campaign, tracked as REF7707, targeting entities across South America and Southeast Asia. Central to this operation is the deployment of a novel malware family named FINALDRAFT, which has been engineered to exploit…

Read more →

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global companies, posing as remote workers to introduce system backdoors and exfiltrate sensitive data. These activities, which generate critical revenue for the heavily sanctioned regime, also pose…

Read more →

NVIDIA has issued a critical security update to address a high-severity vulnerability discovered in the NVIDIA® Container Toolkit for Linux. The flaw, tracked as CVE-2025-23359, could allow attackers to exploit a time-of-check time-of-use (TOCTOU) vulnerability to gain unauthorized access to the…

Read more →

A sophisticated phishing campaign leveraging the device code authentication flow has been identified by Microsoft Threat Intelligence, targeting a wide range of sectors, including government, NGOs, IT services, and critical industries such as defense and energy. The campaign, attributed to…

Read more →

 The Cybersecurity and Infrastructure Security Agency (CISA) has issued 20 security advisories on February 13, 2025, warning about critical vulnerabilities in Industrial Control Systems (ICS) and medical devices. These disclosures are part of ongoing efforts to address the growing risks…

Read more →

A new phishing kit named Astaroth has emerged as a significant threat in the cybersecurity landscape by bypassing two-factor authentication (2FA) mechanisms. First advertised on cybercrime networks in January 2025, Astaroth employs advanced techniques such as session hijacking and real-time…

Read more →

Dutch police and the Public Prosecution Service have taken down a network of 127 command-and-control servers. This network was operated by ZServers/XHost, a so-called bulletproof hosting provider offering cybercriminals a safe haven to facilitate illegal activities, such as spreading malware…

Read more →

The Apache Software Foundation has disclosed a critical SQL injection vulnerability in its widely utilized financial platform, Apache Fineract. The flaw, tracked as CVE-2024-32838, affects multiple API endpoints and poses a significant risk to applications built on this platform. This vulnerability…

Read more →

A security vulnerability has been identified in the AMD Ryzen™ Master Utility, a performance-tuning tool for AMD Ryzen™ processors. This flaw, discovered by a security researcher, allows for privilege escalation and arbitrary code execution via DLL hijacking. AMD has confirmed the issue and issued a patch to mitigate the risk. The Vulnerability…

Read more →

Threat actors actively exploit a new high-severity vulnerability, CVE-2025-0108, in Palo Alto Networks’ PAN-OS. This exploit allows attackers to bypass authentication, execute certain PHP scripts, and potentially gain unauthorized access to affected systems. With the widespread use of PAN-OS in…

Read more →

A newly discovered vulnerability in WinZip, a popular file compression and archiving utility, has raised alarms among cybersecurity experts. Identified as CVE-2025-1240, this critical flaw allows remote attackers to execute arbitrary code on a victim’s system under specific conditions. Users…

Read more →

A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat (APT) group Mustang Panda. The vulnerability, which affects the Windows Explorer graphical user interface (GUI), has…

Read more →

PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API, enhancing the capabilities for building smarter, AI-powered extensions. Bug Fixes and Browser Updates: A notable bug…

Read more →

A newly uncovered cyber campaign, dubbed “BadPilot,” has been linked to a subgroup of the Russian state-sponsored hacking collective Seashell Blizzard, also known as Sandworm. This operation, active since at least 2021, represents a significant expansion in Russia’s cyber activities,…

Read more →

A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot. This multi-year initiative has targeted critical infrastructure worldwide, expanding the group’s reach beyond its traditional focus…

Read more →

Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its…

Read more →

A recent ransomware attack leveraging a vulnerability in Palo Alto Networks’ PAN-OS firewall software (CVE-2024-0012) has raised significant concerns within the cybersecurity community. The attack, which targeted a medium-sized software and services company in South Asia in late 2024, is…

Read more →

A critical security vulnerability in the “Security & Malware scan by CleanTalk” plugin has left over 30,000 WordPress websites exposed to exploitation. The vulnerability, identified as CVE-2024-13365, allows unauthenticated attackers to conduct arbitrary file uploads, potentially leading to remote code execution…

Read more →

Netskope Threat Labs has uncovered a sophisticated phishing campaign targeting users across various industries, including technology, manufacturing, and banking. This campaign, active since mid-2024, exploits search engine optimization (SEO) techniques to lure victims into downloading malicious PDFs hosted on the…

Read more →

Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States. These campaigns, once primarily focused on national-level politics, have increasingly targeted state and local governments, community groups,…

Read more →

Microsoft’s ongoing efforts to enhance user experience in Windows 11 have introduced native support for a variety of new archive formats via the KB5031455 update. While these changes have streamlined user workflows, they have also inadvertently opened Pandora’s box in…

Read more →

 GreyNoise has detected a significant surge in exploitation activity targeting two vulnerabilities — CVE-2022-47945 and CVE-2023-49103. The alarming uptick in attacks underscores critical issues in vulnerability management and patch prioritization. Cybercriminals are actively scanning and exploiting both vulnerabilities, though they…

Read more →

A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control (C2) communication channel through the Microsoft Graph API. This sophisticated malware was uncovered by Elastic Security Labs during an investigation targeting a foreign ministry. The…

Read more →

Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary…

Read more →

Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app, RedNote, compromising the privacy and security of millions of users globally. Researchers revealed critical flaws allowing attackers to intercept sensitive user data, access device files, and…

Read more →

A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control (C2) communication channel through the Microsoft Graph API. This sophisticated malware was uncovered by Elastic Security Labs during an investigation targeting a foreign ministry. The…

Read more →

The meteoric rise of DeepSeek, a Chinese AI startup, has not only disrupted the AI sector but also attracted the attention of cybercriminals. Following the release of its open-source model, DeepSeek-R1, on January 20, 2025, the platform experienced exponential growth,…

Read more →

The China-based Advanced Persistent Threat (APT) group known as the Winnti Group, also referred to as APT41, has launched a new cyberattack campaign targeting Japanese organizations in the manufacturing, materials, and energy sectors. Dubbed “RevivalStone,” this campaign employs a novel…

Read more →

In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows systems. This operation, active since…

Read more →

APT43, also known by aliases such as Black Banshee, Emerald Sleet, and Kimsuky, is a North Korean state-sponsored cyber threat actor linked to the Reconnaissance General Bureau (RGB). This group is primarily motivated by espionage and has recently expanded its…

Read more →

 A new security vulnerability targeting Amazon Machine Images (AMIs) has emerged, exposing organizations and users to potential exploitation. Dubbed the “whoAMI name confusion attack,” this flaw allows attackers to publish malicious virtual machine images under misleading names, tricking unsuspecting users…

Read more →

Google has released an urgent update for its Chrome browser to address a critical security vulnerability that could allow attackers to remotely execute malicious code on vulnerable systems. The flaw, identified as CVE-2025-0995, is categorized as a “Use-After-Free” vulnerability in…

Read more →

A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials, device information, and user details, raising global concerns over IoT (Internet of Things) security. Cybersecurity researcher Jeremiah Fowler uncovered this unprotected database, linked to Mars Hydro,…

Read more →

Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS software (CVE-2025-0108), allowing attackers to bypass authentication on the management web interface. With a CVSS score of 7.8 (HIGH), the flaw has been flagged as a significant security issue…

Read more →

SonicWall firewalls running specific versions of SonicOS are vulnerable to a critical authentication bypass flaw, tracked as CVE-2024-53704, which allows attackers to hijack active SSL VPN sessions. This vulnerability has been classified as high-risk, with a CVSS score of 8.2.…

Read more →

The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has intensified its operations by employing advanced techniques to remain undetected within compromised networks. Known for its association with the TA505 threat group, Cl0p has shifted its…

Read more →