Aggregator
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently […]
The post Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Interlock
You must login to view this content
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
Russian alcohol retailer WineLab closes stores after ransomware attack
Китаю не нужен взлом — ему нужны кабели. США впервые ставят под сомнение физическую надёжность всего глобального интернета
Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Safepay
You must login to view this content
Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish businesses, especially those in the defense and aerospace sectors. The campaign distributes malicious emails masquerading as contractual documents, such as the file “TEKLİF İSTEĞİ – TUSAŞ TÜRK HAVACILIK UZAY SANAYİİ_xlsx.exe” with SHA256 hash 0cb819d32cb3a2f218c5a17c02bb8c06935e926ebacf1e40a746b01e960c68e4. This […]
The post Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Good Hardening Tor Browser Article on Dread
CVE-2025-7824 | Jinher OA 1.1 XmlHttp.aspx xml external entity reference (EUVD-2025-21962)
CVE-2025-7823 | Jinher OA 1.2 ProjectScheduleDelete.aspx xml external entity reference (EUVD-2025-21963)
Submit #616842: Jinhe OA V1.1 XML External Entity Reference [Accepted]
Submit #616841: Jinhe OA V1.2 XML External Entity Reference [Accepted]
CVE-2025-7819 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /create-pass.php visname cross site scripting (EUVD-2025-21957)
CVE-2025-7818 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /category.php categoryname cross site scripting (EUVD-2025-21958)
CVE-2025-7817 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /bwdates-reports.php visname cross site scripting (EUVD-2025-21960)
CVE-2025-7816 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /visitor-detail.php visname cross site scripting (EUVD-2025-21956)
“LameHug” 恶意软件利用 AI 大模型实时生成 Windows 数据窃取指令
New Wave of Crypto-Hijacking Infects 3,500+ Websites
A stealth Monero-mining campaign has quietly compromised more than 3,500 websites by embedding an innocuous-looking JavaScript file called karma.js. The operation leverages WebAssembly, Web Workers, and WebSockets to siphon CPU cycles while keeping resource usage low enough to avoid user suspicion. Cside.dev analysts first noted the anomaly after routine crawlers flagged an obfuscated script delivered […]
The post New Wave of Crypto-Hijacking Infects 3,500+ Websites appeared first on Cyber Security News.