Aggregator
八大年度奖项揭晓!2024 BSRC年度盛典沙龙圆满举办
Business Edge Observability Is the Rx
Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems
A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools with external systems, has exposed organizations to risks of data theft, ransomware, and unauthorized access. Security researchers demonstrated two proof-of-concept (PoC) attacks exploiting the flaw, raising alarms about emerging GenAI security challenges. What is MCP? […]
The post Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
SafeLine Bot Management: Self-hosted alternative to Cloudflare
Modern websites are under constant pressure from automated traffic: scraping, credential stuffing, inventory hoarding, and other malicious bot behaviors. While Cloudflare Bot Management is a powerful cloud-native solution that leverages massive data and machine learning, not every organization wants to rely on a cloud proxy. For teams seeking data autonomy, self-hosted control, and enterprise-grade protection, SafeLine offers a compelling alternative. Cloudflare Bot Management: Cloud power with centralized control Cloudflare manages around 20% of all global … More →
The post SafeLine Bot Management: Self-hosted alternative to Cloudflare appeared first on Help Net Security.
China Plans Expanded Cybersecurity Cooperation with Russia
China has announced a significant step forward in its partnership with Russia, with plans to expand their cooperation in the field of cybersecurity. In an article published by Sputnik News, Chinese Ambassador to Russia Zhang Hanhui outlined Beijing’s intention to deepen its collaboration, emphasizing the shared importance both countries place on digital security and the […]
The post China Plans Expanded Cybersecurity Cooperation with Russia appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Submit #553722: Sourcecodester Web-based Pharmacy Product Management System v1.0 Unrestricted Upload [Accepted]
Ghost Ransomware Targets Organizations Across 70+ Countries
A new ransomware variant known as “Ghost” (also referred to as Cring) has emerged as a significant danger. Since its first appearance in 2021, the FBI and CISA have issued a joint advisory on February 2025, highlighting its growing menace, particularly after a sharp increase in attacks on critical infrastructure, healthcarbe facilities, and financial institutions […]
The post Ghost Ransomware Targets Organizations Across 70+ Countries appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Submit #553721: Sourcecodester Web-based Pharmacy Product Management System v1.0 Unrestricted Upload [Accepted]
Submit #553650: SourceCodester Phone Management System V1.0 Buffer Overflow [Accepted]
Weaponized Amazon Gift Cards Used to Steal Microsoft Credentials
Cybercriminals are exploiting the trust in e-gift cards and the prestige of Amazon to steal Microsoft credentials from unsuspecting employees. The attack begins with an email, disguised as a “Reward Gateway” message from a victim’s employer, promising a $200 Amazon eGift card as a reward for outstanding performance. The Phishing Email The email arrives without […]
The post Weaponized Amazon Gift Cards Used to Steal Microsoft Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Submit #553567: PCMan FTP 2.0.7 Buffer Overflow [Accepted]
Gamaredon’s PteroLNK VBScript Malware Infrastructure and TTPs Uncovered by Researchers
Researchers have unearthed details of the Pterodo malware family, notably the PteroLNK variant used by the Russian-nexus threat group, Gamaredon. The group, which is believed to be associated with Russia’s Federal Security Service (FSB), has been targeting Ukrainian entities, focusing on government, military, and critical infrastructure sectors as part of broader geopolitical conflicts. Tactics, Techniques, […]
The post Gamaredon’s PteroLNK VBScript Malware Infrastructure and TTPs Uncovered by Researchers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2011-2595 | ACDSee FotoSlate 4.0 ID memory corruption (EDB-17966 / ID 121313)
Максут Шадаев: ИИ не тронет учителей, но заменит чиновников
CVE-2005-4380 | Bitweaver 1.1/1.1.1 Beta list_galleries.php convert_sortmode blog_id sql injection (EDB-26907 / XFDB-23814)
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed since March 19, 2025, potentially allowing attackers to leak NTLM hashes or user passwords and compromise systems,” Check Point researchers have shared. About CVE-2025-24054 CVE-2025-24054 allows attackers to capture the NTLMv2 response (i.e., the NTLMv2-SSP … More →
The post Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) appeared first on Help Net Security.
3 Security Decisions That Could Make or Break Your Career This Year
In today’s rapidly evolving digital landscape, security has transcended from being a technical concern to a strategic leadership imperative. As cyber threats become more sophisticated and regulatory requirements more stringent, the security decisions you make as a leader can significantly impact not just your organization’s resilience but your professional trajectory as well. The stakes have […]
The post 3 Security Decisions That Could Make or Break Your Career This Year appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.