GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

A new infrastructure linked to GrayAlpha, a cybercriminal entity overlapping with the notorious FIN7 group, has been exposed. This financially motivated threat actor, active since at least 2013, is known for its sophisticated attacks targeting retail, hospitality, and financial sectors. Custom Malware Uncovered The latest findings reveal GrayAlpha’s use of custom malware, including a PowerShell […]

The post GrayAlpha Hackers Group Exploits Browser Updates to Deploy PowerNet Loader and NetSupport RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store designed to steal users’ login credentials, specifically targeting cryptocurrency wallet holders. The campaign, identified by Cyble Research and Intelligence Labs (CRIL), reveals a sophisticated phishing operation that has already compromised the […]

The post Over 20 Malicious Google Play Apps Steal Users’ Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in June. This update introduces a restructured Kali Menu, upgraded desktop environments, 13 new tools, and significant Kali NetHunter advancements, including smartwatch Wi-Fi injection and a car hacking toolset. Here’s a concise look at the key […]

The post Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced the release of its new Vishing Simulation module, a cutting-edge tool designed to train employees against one of the fastest-growing attack vectors: voice phishing (vishing). This new module uses AI-generated voices and adaptive dialogue systems to simulate live phone-based social engineering attacks — such as […]

The post Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help organizations implement Zero Trust Architectures (ZTAs) using commercially available technologies. Implementing a Zero Trust Architecture (NIST SP 1800-35) provides 19 real-world implementation models, technical configurations, and best practices developed through a four-year collaboration with 24 industry partners. This marks a significant […]

The post NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware’s Spring Framework has been patched, affecting multiple versions of the widely used Java framework. The flaw enables attackers to execute malicious code by exploiting improperly configured Content-Disposition headers in a web application. Technical Breakdown The vulnerability arises when applications use Spring’s org.springframework.http.ContentDisposition class to set […]

The post Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of critical Directory Service Accounts (DSAs), potentially compromising Active Directory environments. Rated 6.5 (Medium) on the CVSS v3.1 scale, this flaw exploits MDI’s Lateral Movement Paths (LMPs) feature and has been actively addressed in Microsoft’s May […]

The post Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability (CVE-2025-6031) has been identified in Amazon Cloud Cam devices, which reached end-of-life (EOL) status in December 2022. The flaw allows attackers to bypass SSL pinning during device pairing, enabling man-in-the-middle (MitM) attacks and network traffic manipulation. Technical Analysis SSL Pinning Bypass Mechanism The Cloud Cam’s deprecated service infrastructure forces the device into […]

The post Amazon Cloud Cam Flaw Allows Attackers to Intercept and Modify Network Traffic appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITY\SYSTEM privileges via a misconfigured Windows Named Pipe. The vulnerability, rated 8.8 on the CVSS scale, stems from insecure permissions on a custom protocol pipe exposed by the ACCSvc.exe service. Acer has released patched versions (4.00.3058+) to address […]

The post Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth 2.0 Device Code Flow. Security experts, notably from Praetorian, have warned that threat actors are leveraging this mechanism to trick developers into surrendering access to their most sensitive code repositories and CI/CD pipelines. The attacks […]

The post Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through improper ACL policy enforcement. The vulnerability, rated 8.1 CVSS, enables attackers to bypass namespace restrictions via strategic job naming conventions. Technical Analysis Nomad’s Access Control List (ACL) system uses prefix-based matching […]

The post HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in the widely used SimpleHelp Remote Monitoring and Management (RMM) platform. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning that ransomware actors have leveraged these security gaps […]

The post Unpatched IT Tool Opens Door – Hackers Breach Billing Software Firm via SimpleHelp RMM appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Citizen Lab have uncovered the first forensic evidence linking Paragon’s Graphite mercenary spyware to zero-click attacks on journalists’ iPhones. The campaigns exploited a now-patched iMessage vulnerability (CVE-2025-43200) to compromise devices running iOS 18.2.1, highlighting the persistent threat of state-aligned surveillance against civil society Technical Overview of the Attack Chain According to the […]

The post Graphite Spyware Uses iOS Zero-Click Flaw to Target Journalists appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of tactics has targeted major financial institutions, raising alarms among cybersecurity professionals. Unprecedented Toolset in a […]

The post Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft addressed a high-severity elevation of privilege vulnerability (CVE-2025-21420) in its Windows Disk Cleanup Utility (cleanmgr.exe) during February 2025’s Patch Tuesday. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM privileges through DLL sideloading and a directory traversal technique. Technical Analysis of CVE-2025-21420 The vulnerability stems from cleanmgr.exe’s […]

The post PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

On June 12, 2025, concurrent infrastructure failures at Cloudflare and Google caused widespread service disruptions, highlighting vulnerabilities in modern cloud dependencies. The outages impacted critical services ranging from authentication systems to AI platforms, underscoring the fragility of interconnected internet ecosystems. Cloudflare Outage: Cloudflare’s outage began at 17:52 UTC when internal monitoring detected failures in device […]

The post Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

HiddenLayer’s security research team has uncovered TokenBreak, a novel attack technique that bypasses AI text classification models by exploiting tokenization strategies. This vulnerability affects models designed to detect malicious inputs like prompt injection, spam, and toxic content, leaving protected systems exposed to attacks they were meant to prevent. Technical Breakdown of TokenBreak According to the […]

The post TokenBreak Exploit Tricks AI Models Using Minimal Input Changes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WebDAV) protocol, tracked as CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon since March 2025. The flaw, patched in June’s Patch Tuesday, enables remote code execution (RCE) via manipulated .url shortcut files and has been linked to attacks […]

The post WebDAV Remote Code Execution 0-Day Actively Exploited — PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Recent investigations by Check Point Research have uncovered a sophisticated malware campaign that leverages a subtle but dangerous weakness in Discord’s invitation system. Cybercriminals are hijacking expired and deleted Discord invite links, including custom (vanity) and standard codes, to redirect unsuspecting users to malicious servers. This technique is being used as the initial vector in […]

The post Cybercriminals Exploiting Expired Discord Invite Links to Deploy Multi-Stage Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new, highly sophisticated cyberattack campaign is targeting users seeking to download the popular language model DeepSeek-R1, exploiting global interest in large language models (LLMs). Kaspersky researchers have uncovered that threat actors are utilizing malvertising and phishing tactics to distribute previously unknown malware, named BrowserVenom, capable of hijacking victims’ web traffic and stealing sensitive information. […]

The post Threat Actors Exploit DeepSeek-R1 Popularity to Target Windows Device Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.