Aggregator

A vulnerability, which was classified as critical, has been found in Emlog Pro 2.5.7. This issue affects some unknown processing of the file /views/plugin.php of the component PHP File Handler. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2025-29401. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in vLLM up to 0.7.x. This vulnerability affects unknown code of the component ZMQ/TCP. The manipulation leads to deserialization. This vulnerability was named CVE-2025-29783. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company

新式内存驻留的实现利用COM对象内存共享特性，在多个合法进程间拆分shellcode，通过事件同步触发重组执行接下来我将使用Rust代码来实现这一技术，该代码融合了Windows COM组件和内存共享技术，实现了跨进程的隐蔽Shellcode执行use winapi::{ ctypes::{c_void, c_char}, shared::guiddef::GUID, um

A Europol report says nation-state actors are increasingly working with organized crime networks to achieve geopolitical goals, including the destabilization of the EU.

In a significant discovery, PRODAFT’s security research team has identified two critical vulnerabilities in the mySCADA myPRO Manager, a widely used Supervisory Control and Data Acquisition (SCADA) management solution. These vulnerabilities, if exploited, could grant unauthorized access to industrial control networks, potentially leading to severe operational disruptions and financial losses. The vulnerabilities are classified as […]

The post mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As cyber threats evolve, Identity Attack Surface Management (IASM) emerges as a critical approach that unifies existing security frameworks to protect digital identities. Discover how this convergence strengthens your security posture against unauthorized access and credential theft.

The post Identity Attack Surface Management (IASM): The Convergence of Identity Security Frameworks appeared first on Security Boulevard.

Threat actors have increasingly been leveraging legitimate remote monitoring and management (RMM) software to infiltrate and navigate through networks undetected. RMM tools, such as AnyDesk, Atera Agent, MeshAgent, NetSupport Manager, Quick Assist, ScreenConnect, Splashtop, and TeamViewer, are widely used by organizations for essential IT tasks like system updates, asset management, and endpoint troubleshooting. However, their […]

The post Hackers Use RMM Tools to Maintain Persistence and Navigate Networks Undetected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Google 上周发布的 Gemini 2.0 Flash(Image Generation) Experimental 新模型过去几天吸引了越来越多的关注，该模型通过 Google AI Studio 提供给用户使用。它允许任何人通过输入提示词去修改和编辑图像，让任何人都能像专业人士那样处理图像或者叫 PS。Gemini 2.0 Flash 可以添加对象、删除对象、修改场景、更改灯光、更改图像角度、放大或缩小等操作。它支持对话式图像编辑，允许用户通过自然语言对话在多个连续提示中迭代优化图像。

Threat actors have recently been exploiting legacy drivers to bypass certificate validation, leveraging a technique known as “Legacy Driver Exploitation.” This method involves using vulnerable drivers to evade security measures and distribute malware, as highlighted in a recent security advisory. The attack primarily utilizes the Gh0stRAT malware to remotely control infected systems and cause further […]

The post Threat Actors Leverage Legacy Drivers to Circumvent TLS Certificate Validation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a stark revelation of the escalating cyber threat landscape, Flashpoint’s latest intelligence report highlights the alarming rise in compromised credentials and malware infections. In 2024, threat actors managed to steal an unprecedented 3.2 billion login credentials, marking a 33% increase from the previous year. This staggering figure underscores the growing reliance of cybercriminals on […]

The post Threat Actors Steal 3.2 Billion Login Credentials and Infect 23 Million Devices Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Currently trending CVE - Hype Score: 1 - TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained via a brute force attack.

In recent years, VPN vulnerabilities have emerged as a critical threat vector for organizations worldwide. Threat actors, including both cybercriminal groups and state-sponsored entities, are increasingly exploiting these vulnerabilities to gain unauthorized access to sensitive networks. Two notable vulnerabilities, CVE-2018-13379 and CVE-2022-40684, have become staples in the attacker’s playbook, allowing for large-scale credential theft and […]

The post VPN Vulnerabilities Become a Primary Weapon for Threat Actors Targeting Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Qilin Ransomware Group Leaks Los Madroños Hospital Data

A significant vulnerability in Microsoft Windows File Explorer, identified as CVE-2025-24071, has been discovered and is being actively exploited in the wild. This vulnerability allows attackers to capture NTLM hashes, potentially leading to network spoofing attacks and credential theft. The exploit involves specially crafted .library-ms files embedded within compressed archives like RAR or ZIP. When […]

The post Microsoft Windows NTLM File Explorer Vulnerability Exploited in The Wild – PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent analysis by Cloudflare reveals a concerning trend in online security: nearly 41% of successful logins across websites involve compromised passwords. This issue is exacerbated by the widespread practice of password reuse among users. Despite growing awareness about online security risks, many individuals continue to use the same passwords across multiple accounts, creating a […]

The post 41% of Successful Logins Across Websites Involve Compromised Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Alleged Leak of 4,000,000 Israeli Facebook accounts

A vulnerability classified as problematic has been found in HCL MyXalytics 6.3/6.4. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-42176. It is possible to initiate the attack remotely. There is no exploit available.