Aggregator

Can your defenses withstand the biggest attacks of Summer 2025? From Interlock's FileFix to Qilin, Scattered Spider, and ToolShell exploits—simulate them all against your organization's defenses with Picus Security Validation Platform to find gaps before attackers do. [...]

A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. This vulnerability is handled as CVE-2025-5889. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

While the cybercrime underground has professionalized and become more organized in recent years, threat actors are, to a great extent, still using the same attack methods today as they were in 2020.

Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), both of which were disclosed alongside CVE-2025-21480 (CVSS score: 8.6), by the chipmaker back in June 2025. CVE-2025-21479

Каждый загруженный файл мог запустить массовые рыночные манипуляции.

A sophisticated phishing campaign attributed to the Pakistan-linked APT36 group has emerged as a serious threat to Indian government infrastructure. First detected in early August 2025, this operation leverages typo-squatted domains designed to mimic official government login portals. When unsuspecting users enter their email IDs and passwords, they are redirected to counterfeit pages that replicate […]

The post APT36 Hackers Attacking Indian Government Entities to Steal Login Credentials appeared first on Cyber Security News.

本文主要介绍了常见的组件漏洞，对于入门新手比较友好

Cisco Systems has disclosed a data breach that compromised basic profile information of users registered on Cisco.com following a successful voice phishing attack targeting one of the company’s representatives. The incident resulted in unauthorized access to a third-party cloud-based Customer Relationship Management (CRM) system used by the networking giant. The breach occurred when a malicious […]

The post Cisco Discloses Data Breach Exposed User Profiles from Cisco.com appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本文探讨了对LLMs发起模仿攻击以提取其专门化代码能力（如“代码合成”和“代码翻译”）的可行性。

Sandbox-escape-style attacks can happen when an AI is able to modify its own configuration settings, such as by writing to configuration files. That was the case with Amp, an agentic coding tool built by Sourcegraph. The AI coding agent could update its own configuration and: Allowlist bash commands or Add a malicious MCP server on the fly to run arbitrary code This could have been exploited by the model itself, or during an indirect prompt injection attack as we will demonstrate in this post.

Ты платил налоги? Попробуй доказать это без данных.

Cloudflare has publicly accused Perplexity AI of employing deceptive crawling practices that violate established web crawling protocols and deliberately circumvent website protection mechanisms. The cybersecurity company has documented evidence of Perplexity using undisclosed user agents and rotating IP addresses to access content from websites that have explicitly blocked the AI company’s declared crawlers. Stealth Crawling […]

The post Cloudflare Accuses Perplexity AI of Bypassing Firewalls with User-Agent Spoofing appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Zero-day exploits against Microsoft SharePoint are enabling attackers to extract IIS machine keys, establishing persistent backdoors that survive patches and reboots. In mid-July 2025, threat actors began abusing two critical SharePoint vulnerabilities—CVE-2025-53770 (deserialization, CVSS 9.8) and CVE-2025-53771 (authentication bypass, CVSS 6.3)—in an attack campaign dubbed “ToolShell”. The campaign’s ultimate goal is harvesting IIS machine keys, which protect ViewState, […]

The post Hackers Target SharePoint Flaw to Access IIS Machine Keys appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SonicWall has issued an urgent security advisory following a significant escalation in cyberattacks targeting Generation 7 firewalls with enabled SSLVPN functionality over the past three days. The cybersecurity company is actively investigating whether these incidents stem from a previously disclosed vulnerability or represent a new security threat, working closely with prominent threat research organizations including […]

The post SonicWall Alerts on Surge of Attacks Against Gen 7 Firewalls Over Past 72 Hours appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Sean Cairncross Confirmed in 59-35 Senate Vote Despite Lacking Technical Experience
The United States has a new national cyber director after a tense Senate vote ended months of political and procedural delays, allowing the Trump administration to push forward with its sweeping overhaul of federal cybersecurity priorities.

Security Experts Call for Coordinated Autonomy Over Complete Integration
One team quotes Shakespeare. The other speaks in Morse Code. Now, imagine forcing them to write a play together. Yet IT and OT organizations are being asked to work as one. Is full integration really possible, or should we keep them at respectful distance for security reasons?

Orange Cyberdefense's Dominic Trott on Investor Hesitancy, Geopolitical Obstacles
The United Kingdom has a strong track record of supporting startups and building successful organizations, but U.K. cybersecurity startups still face hurdles, said Dominic Trott, director of strategy and alliances for the U.K. region at Orange Cyberdefense.

Threat Actor Maintains Long-Term Stealthy Access
Chinese nation-state hackers penetrated mobile telecom networks across Southeast Asia likely in order to track individuals' location, say security researchers. One tell about the hackers' intentions was deployment of a custom-made network scanning and packet capture utility tracked as CordScan.