GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

 Hewlett Packard Enterprise (HPE) has confirmed multiple vulnerabilities in its Aruba Networking products that could allow remote arbitrary code execution. These vulnerabilities, CVE-2025-23051 and CVE-2025-23052, affect various versions of the AOS-8 and AOS-10 Operating Systems, specifically impacting Mobility Conductors, Controllers, and managed WLAN and SD-WAN Gateways. This advisory comes amid growing concerns within the cybersecurity […]

The post Multiple HPE Aruba Network Vulnerabilities Allows Remote Arbitrary Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured on-premises applications can bypass Group Policy settings intended to disable NTLMv1. This vulnerability enables attackers to exploit the outdated authentication protocol. The bypass allows attackers to intercept NTLMv1 traffic, crack user credentials offline, and gain unauthorized access within the network that […]

The post Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific versions of its native clients for Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon NICE DCV. Identified as CVE-2025-0500 and CVE-2025-0501, these vulnerabilities present significant risks, compelling AWS to recommend urgent updates to protect user data. Overview of the Vulnerabilities CVE-2025-0500 CVE-2025-0500 […]

The post AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing campaigns are delivered via Telegram and use unique URLs to route users to credential-capturing counterfeit login pages.  These pages masquerade as popular services and steal login credentials along with multifactor authentication tokens via HTTP POST requests to adversary-controlled backend servers.  […]

The post FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking AI module designed to monitor and analyze content on Telegram. Known as the Apparatus Sapiens AI module, this innovative tool can search through both open and closed chats, communities, and groups on the messaging platform, identifying potentially malicious content at an […]

The post New Tool Unveiled to Scan Hacking Content on Telegram appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A serious security flaw has been identified in Ivanti Connect Secure, designated as CVE-2025-0282, which enables remote unauthenticated attackers to execute arbitrary code. As of January 8, 2025, Ivanti has acknowledged the existence of this stack-based buffer overflow vulnerability found in versions before 22.7R2.5.  This vulnerability is particularly concerning due to its high attack vector stemming from […]

The post PoC Exploit Released for Ivanti Connect Secure RCE Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Let’s Encrypt has announced plans to introduce six-day certificate options and support for IP address certificates in 2025. This initiative is part of the organization’s ongoing commitment to fortify the Web Public Key Infrastructure (PKI), making secure connections more accessible and manageable for users. Announcing Short-Lived Certificates Beginning this year, Let’s Encrypt will offer certificates […]

The post Let’s Encrypt Unveils Six-Day Certificate and IP Address Options for 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As a dedicated bug bounty hunter with an enviable track record on BugCrowd, Abdullah Nawaf, Full full-time bug Bounty Hunter, thrives on the thrill of discovery and the challenge of finding high-impact vulnerabilities. Recently, alongside his colleague Orwa Atyat, they achieved a notable success: turning a limited path traversal vulnerability into a fully-fledged remote code execution […]

The post Bug Bounty Bonanza: $40,000 Reward for Escalating Limited Path Traversal to RCE appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant legal development, HDR Global Trading Ltd., operating under the name BitMEX, has been fined $100 million for violating the Bank Secrecy Act. Attorney for the United States, Matthew Podolsky, announced the sentencing on January 17, 2025, highlighting the company’s willful failure to implement an adequate anti-money laundering (AML) and know-your-customer (KYC) program. […]

The post BitMEX Fined $100 Million for Violating Bank Secrecy Act appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in Aviatrix Controllers, identified as CVE-2024-50603. This vulnerability poses a serious risk, as it allows unauthenticated attackers to execute arbitrary code on affected systems, potentially leading to severe security breaches. Vulnerability Details The vulnerability, classified under the […]

The post CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a pivotal report calling for urgent action to address the “software understanding gap.” This comprehensive document highlights the significant disparity between the rapid advancement in software production and the corresponding investment in understanding and maintaining these systems. The report emphasizes that this gap poses a considerable […]

The post CISA Releases Guidelines For Closing Software Understanding Gap appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload a malicious web shell to the IIS worker process (w3wp.exe).  They initially attempted to upload a web shell to another location but failed to interact with it. Network traffic analysis revealed the source of the […]

The post Hackers Deploy Web Shell To Abuse IIS Worker And Exfiltrate Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft Threat Intelligence has identified a concerning strategic shift by the notorious Russian threat actor group “Star Blizzard.” Known for its spear-phishing campaigns targeting government, diplomatic, and civil society sectors, the group has now expanded its tactics to compromise WhatsApp accounts. In mid-November 2024, Microsoft observed Star Blizzard employing a novel method in their phishing […]

The post Russian Threat Actor “Star Blizzard” Exploit WhatsApp Accounts Using QR Codes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As California grapples with devastating wildfires, communities are rallying to protect lives and property. Unfortunately, these disasters have also created an opportunity for cybercriminals to exploit the chaos and uncertainty. Veriti Research has identified alarming trends in phishing scams linked to the ongoing wildfire disaster, highlighting an urgent need for heightened cybersecurity awareness during these […]

The post Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August 2024 that leveraged a 0DAY vulnerability on cnPilot routers and used RC4 encryption for sample strings.  After a brief pause in September, the botnet reappeared in October with the name kitty and was updated again in November as AIRASHI.  The current […]

The post AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Botnets are the networks of compromised devices that have evolved significantly since the internet’s inception. Threat actors exploit vulnerabilities to control these devices remotely by leveraging them for malicious activities.  These activities range from spamming to launching devastating distributed denial-of-service (DDoS) attacks, as the decentralized nature of botnets presents significant challenges to defenders.  By orchestrating […]

The post New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Federal Trade Commission (FTC) has announced that it will require GoDaddy Inc. to develop and implement a comprehensive information security program. This decision comes in response to allegations that the prominent web hosting company has consistently failed to adequately secure its services, risking the safety of millions of customers who rely on its platform. […]

The post FTC Slams GoDaddy For Not Implement Standard Security Practices Following Major Breaches appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant cybersecurity threat has emerged, threatening the integrity of thousands of PHP-based web applications. A report from Imperva Threat Research has unveiled a sophisticated campaign where malicious actors are exploiting vulnerabilities in these applications to deploy malware, particularly with a focus on gambling-related platforms in Indonesia. Despite a longstanding prohibition on gambling in Indonesia […]

The post Thousands of PHP-based Web Applications Exploited to Deploy Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant security vulnerability has been identified in the W3 Total Cache plugin for WordPress, affecting all versions up to and including 2.8.1. This critical flaw cataloged as CVE-2024-12365, has a CVSS score of 8.5, categorizing it as a high-severity risk. Discovered by security researcher villu164, the vulnerability allows authenticated attackers with Subscriber-level access and […]

The post W3 Total Cache Plugin Vulnerability Let Attackers Gain Unauthorized Access to Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been identified in Veeam Backup for Microsoft Azure, specifically referenced as CVE-2025-23082. Discovered during internal testing, this security flaw could allow an attacker to exploit Server-Side Request Forgery (SSRF) vulnerabilities to send unauthorized requests originating from the system. This could potentially lead to serious consequences, including network enumeration and the facilitation […]

The post Veeam Azure Backup Vulnerability Allows Attackers to Utilize SSRF & Send Unauthorized Requests appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.