The Django development team has issued critical security updates to address a high-severity vulnerability that could allow attackers to execute malicious SQL code on web servers using the popular framework. The flaw, identified as CVE-2025-57833, affects multiple versions of Django, prompting an urgent call for all users to upgrade their installations as soon as possible. […]
The post Django Critical Vulnerability Let attackers Execute Malicious SQL Code on Web Servers appeared first on Cyber Security News.
ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, and the United States. Countries where GhostRedirector victims were detected (Source: ESET) GhostRedirector used two custom tools that had not been documented before: a passive C++ backdoor called Rungan and a malicious IIS module called Gamshen. The group is very likely linked to China. Rungan can run commands … More →
The post New threat group uses custom tools to hijack search results appeared first on Help Net Security.
Most B2B companies build cybersecurity programs backwards - starting with compliance instead of real security. Learn why this approach fails and how fractional CISO services can help you build effective security that actually prevents breaches while achieving compliance.
The post Why Compliance-First Cybersecurity Programs Fail (And What Actually Works) appeared first on Security Boulevard.
The United States government has announced a reward of up to $10 million for information leading to the identification or location of three Russian intelligence officers. The bounty, offered through the Department of State’s Rewards for Justice program, targets members of the Russian Federal Security Service (FSB) accused of conducting widespread malicious cyber campaigns against […]
The post US Offers $10M Bounty For FSB Hackers Who Exploited Cisco Vulnerability To Attack Critical Infrastructure appeared first on Cyber Security News.
A critical zero-day vulnerability in several Sitecore products could allow attackers to execute code remotely. The vulnerability, identified as CVE-2025-53690, stems from a ViewState deserialization flaw and is being actively exploited in the wild. The investigation by Mandiant revealed that attackers are leveraging exposed ASP.NET machine keys that were included in Sitecore deployment guides from […]
The post Google Warns of Zero-Day Vulnerability in Sitecore Products Allowing Remote Code Execution appeared first on Cyber Security News.
The U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers. The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. This public notice aims to raise awareness and encourage anyone with useful information to come forward. According to […]
The post US Announces $10M Bounty on FSB Hackers Behind Cisco Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature. This flaw could allow attackers to run harmful database commands by crafting unexpected query parameters. Users running Django 5.2, 5.1, or 4.2 should upgrade immediately to protect their applications. Web Vulnerability Details Django’s FilteredRelation feature helps developers write […]
The post Django Web Vulnerability Allows Attackers to Execute SQL Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router exploitation techniques since 2021. Since at least 2021, Chinese state-sponsored cyber actors have been conducting extensive, stealthy operations to infiltrate and control key network devices across critical sectors worldwide. These malicious […]
The post Chinese APT Groups Exploit Router Flaws to Breach Enterprises appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.