Aggregator

Alleged Sale of Admin and Shell Access to an Unidentified Greek E-Commerce Website

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus to corporate Human Resources (HR) departments with a highly targeted spear-phishing operation. According to research by Arctic Wolf Labs, the group is leveraging legitimate job platforms and messaging services to send fraudulent job applications laced with malicious resumes. These deceptive […]

The post Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Following three high-profile cyberattacks impacting major UK retailers, the country's National Cyber Security Centre (NCSC) has published guidance that all companies are advised to follow to strengthen their cybersecurity defenses. [...]

Submit #564591 / VDB-307437

Submit #564339 / VDB-307436

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has been targeting UK companies in the retail, hospitality, and critical national infrastructure (CNI) sectors in a recently discovered cyber espionage and profit-driven operation called “Operation Deceptive Prospect.” Active since at least 2022, RomCom has a history of blending espionage with […]

The post RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #564329 / VDB-307432

Submit #571379 / VDB-307431

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent Tribe (APT36) targeting Indian Government and Defense personnel. This operation, centered around the recent Pahalgam terror attack on April 22, 2025, leverages emotionally charged themes to distribute phishing documents and deploy malicious payloads. Exploiting Geopolitical Tensions for Cyber Espionage The […]

The post Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #564318 / VDB-307430

Author/Presenter: Craig Lester

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – Proving Ground – An Adversarial Approach To Airline Revenue Management appeared first on Security Boulevard.

Submit #564161 / VDB-307429

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant threat, employing the cunning “ClickFix” social engineering technique to compromise unsuspecting users. This malware, rewritten from C to C++ with an advanced binary morpher, targets a broad spectrum of sensitive data, including credentials, emails, personal details, screenshots, and cookies from […]

The post LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #563555 / VDB-307428

Submit #563549 / VDB-307427

Submit #563545 / VDB-307426

Submit #563543 / VDB-307425

Submit #563540 / VDB-307424

A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating under the alias “GatewayPhantom,” is marketing the 0-day vulnerability as a tool for SMS interception, real-time phone tracking, and location monitoring. Signaling System No. 7 (SS7) is a 1975 telecommunications […]

The post Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

前言偶然刷到一个非常有趣且自己曾经遇到过的漏洞案例，当时是工具Fuzz偶然发现，觉得是运气成分占比较多，直到