GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been identified as employing GitHub to conduct a sophisticated poison attack against Chinese cybersecurity professionals. The ThreatBook Research and Response Team has meticulously analyzed this incident, which began its nefarious spread in mid-September 2024, resulting in a targeted assault on various Chinese […]

The post APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

AkiraBot, identified by SentinelLABS, represents a sophisticated spam bot framework that targets website chats and contact forms to promote low-quality SEO services. Since its inception in September 2024, AkiraBot has impacted over 420,000 unique domains, successfully spamming at least 80,000 websites. It leverages both CAPTCHA evasion techniques and network detection evasion to elude website security […]

The post AkiraBot Floods 80,000 Sites After Outsmarting CAPTCHAs and Slipping Past Network Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new vulnerability has been discovered in the Microsoft.Identity.Web NuGet package under specific conditions, potentially exposing sensitive information such as client secrets and certificate details in service logs. The flaw, identified as CVE-2025-32016, has been rated as moderate, prompting developers to urgently address the issue to prevent unintended data exposure. Overview of the Vulnerability: The vulnerability […]

The post Microsoft Identity Web Flaw Exposes Sensitive Client Secrets and Certificates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cybersecurity realm has encountered a formidable adversary with the emergence of CatB ransomware, also known as CatB99 or Baxtoy. First identified in late 2022, this strain has caught the eye of security analysts due to its sophisticated evasion techniques and its potential connection to established ransomware families. There’s speculation within the security community that […]

The post CatB Ransomware Abuses Microsoft Distributed Transaction Coordinator for Stealthy Payload Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a major victory against cybercrime, law enforcement agencies across North America and Europe have dismantled the infrastructure behind the Smokeloader malware, a notorious pay-per-install (PPI) botnet service. This decisive action, a continuation of the groundbreaking Operation Endgame from May 2024, marks yet another blow to the global malware ecosystem. The Smokeloader botnet, operated by […]

The post Smokeloader Malware Operators Busted, Servers Seized by Authorities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts regarding two actively exploited vulnerabilities in the Linux Kernel. The flaws, tagged as CVE-2024-53197 and CVE-2024-53150, both reside in the USB-audio driver. These vulnerabilities could potentially allow attackers to manipulate system memory, escalate privileges, or access sensitive information. CVE-2024-53197: Linux Kernel Out-of-Bounds Access Vulnerability The […]

The post CISA Alerts on Actively Exploited Linux Kernel Out-of-Bounds & Read Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed denial-of-service (DoS) vulnerability in Palo Alto Networks’ PAN-OS software enables attackers to force firewalls into repeated reboots using maliciously crafted packets. Tracked as CVE-2025-0128, the flaw impacts SCEP (Simple Certificate Enrollment Protocol) authentication and poses significant risks to unpatched systems. The vulnerability, CVE-2025-0128, enables unauthenticated attackers to disrupt network operations by sending a single […]

The post PAN-OS DoS Vulnerability Allows Attackers to Force Repeated Firewall Reboots appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The open-source Linux firewall solution, IPFire, has officially released its latest version, IPFire 2.29 – Core Update 193. This landmark update introduces cutting-edge post-quantum encryption capabilities for IPsec tunnels, along with extensive system upgrades to bolster security, performance, and hardware optimization for the long term. Post-Quantum Cryptography for a More Secure Future In a major step forward […]

The post Linux Firewall IPFire 2.29 Launches with Post-Quantum Encryption and System Enhancements appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated new red team technique dubbed “RemoteMonologue” has emerged, enabling attackers to remotely harvest NTLM credentials without deploying malicious payloads or accessing the Local Security Authority Subsystem Service (LSASS). As traditional methods of credential theft face increasing scrutiny from advanced security measures and Endpoint Detection and Response (EDR) solutions, this technique represents a significant […]

The post ‘RemoteMonologue’ New Red Team Technique Exploits DCOM To Steal NTLM Credentials Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The OpenSSH team has announced the release of OpenSSH 10.0 on April 9, marking an important milestone for one of the most widely-used open-source tools in secure communications. With significant protocol changes, security advancements, and new features, this version aims to provide enhanced protection and functionality for users worldwide. Key Security Improvements The OpenSSH 10.0 release introduces […]

The post OpenSSH 10.0 Released: New Protocol Changes and Key Security Improvements appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Trend Micro, a cybersecurity firm, has released its 50th installment report on the Russian-speaking cybercriminal underground, revealing the intricate web of tools, techniques, and cultural elements defining this notorious cybercrime ecosystem. The report highlights the sophistication and resilience of this community, which has been a pioneer in cybercriminal innovation. Sophisticated Tools and Techniques The Russian-speaking […]

The post Researchers Uncover Hacking Tools and Techniques Shared on Russian-Speaking Cybercrime Forums appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Pakistan-linked Advanced Persistent Threat (APT) group known as SideCopy has significantly expanded its targeting scope since late December 2024. Initially, the group focused on infiltrating India’s government, defense, maritime sectors, and university students. Recent developments indicate an inclusion of crucial sectors like railways, oil & gas, and external affairs ministries into their cyber activities. […]

The post SideCopy APT Hackers Impersonate Government Officials to Deploy Open-Source XenoRAT Tool appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian state-backed advanced persistent threat (APT) group Storm-2372 has exploited device code phishing to bypass multi-factor authentication (MFA) and infiltrate high-value targets across governments, NGOs, and critical industries. Since August 2024, this group has weaponized the OAuth device authorization flow—a legitimate authentication mechanism—to hijack user sessions and exfiltrate sensitive data. Microsoft Threat Intelligence researchers, alongside […]

The post Russian APT Hackers Use Device Code Phishing Technique to Bypass MFA appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are exploiting weaknesses in SMS verification systems to generate massive, fraudulent message traffic, costing businesses millions. This type of fraud involves artificially triggering SMS verification requests by creating numerous synthetic identities or using automated bots, thereby inflating the SMS traffic to exploit billing systems. Mechanics of SMS Pumping Fraudsters initiate this scam by […]

The post Threat Actors Exploit Messaging Services as Lucrative Cybercrime Platforms appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cyber threat landscape has witnessed remarkable adaptation from the notorious hacker collective known as Scattered Spider. Active since at least 2022, this group has been consistently refining its strategies for system compromise, data exfiltration, and identity theft. Silent Push analysts have tracked the evolution of Scattered Spider’s tactics, techniques, and procedures (TTPs) through early […]

The post Scattered Spider Launches Sophisticated Attacks to Steal Login Credentials and MFA Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean threat actors have demonstrated their adept use of social engineering techniques combined with Python scripting to infiltrate secure networks. The Democratic People’s Republic of Korea (DPRK) operatives are leveraging the accessibility and power of Python to craft initial access vectors that are proving alarmingly effective. The Ingenious Use of Python The DPRK’s use […]

The post North Korean Hackers Use Social Engineering and Python Scripts to Execute Stealthy Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Gcore, the global edge AI, cloud, network, and security solutions provider, has launched Super Transit, a cutting-edge DDoS protection and acceleration feature, designed to safeguard enterprise infrastructure while delivering lightning-fast connectivity.  This comes as organizations face a 56% year-on-year increase in high-volume, complex DDoS attacks that disrupt operations, increase latency, and compromise network security. Traditional solutions often […]

The post Gcore Super Transit Brings Advanced DDoS Protection and Acceleration for Superior Enterprise Security and Speed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has urgently patched a high-risk security vulnerability (CVE-2025-29810) in Windows Active Directory Domain Services (AD DS), which could allow attackers to escalate privileges and compromise entire network domains. Rated 7.5 (Important) on the CVSS v3.1 scale, this flaw impacts organizations using Windows Server 2016 through 2025 editions. CVE-2025-29810 Overview Key Detail Description CVE ID CVE-2025-29810 Published […]

The post Windows Active Directory Vulnerability Enables Unauthorized Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adobe has announced critical security updates for several of its popular software products, addressing vulnerabilities that could potentially be exploited by attackers. The Product Security Incident Response Team (PSIRT) has urged all users to apply these updates immediately to protect their systems and data. These updates are part of Adobe’s ongoing commitment to ensuring the […]

The post Adobe Security Update: Patches Released for Multiple Product Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a disturbing escalation of cyber threats, a new malware campaign dubbed ‘HollowQuill’ has been identified targeting academic institutions and government agencies worldwide. This sophisticated attack leverages weaponized PDF documents to infiltrate systems, using a combination of social engineering and advanced malware deployment techniques to bypass traditional security measures. The Anatomy of Attack: Social Engineering […]

The post HollowQuill Malware Targets Government Agencies Globally Through Weaponized PDF Documents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.