Aggregator

Ahead of Valentine’s Day, Chainalysis figures reveal 40% increase in losses to pig butchering, or romance baiting, scams

Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States. These campaigns, once primarily focused on national-level politics, have increasingly targeted state and local governments, community groups, and individuals. Leveraging advanced technologies such as generative artificial intelligence (AI), these actors aim to […]

The post Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Netskope Threat Labs has uncovered a sophisticated phishing campaign targeting users across various industries, including technology, manufacturing, and banking. This campaign, active since mid-2024, exploits search engine optimization (SEO) techniques to lure victims into downloading malicious PDFs hosted on the Webflow Content Delivery Network (CDN). These PDFs are embedded with fake CAPTCHA images that redirect […]

The post New Phishing Attacks Abuses Webflow CDN & CAPTCHAs to Steal Credit Card details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.75/6.12.12/6.13.1. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-21700. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A critical security vulnerability in the “Security & Malware scan by CleanTalk” plugin has left over 30,000 WordPress websites exposed to exploitation. The vulnerability, identified as CVE-2024-13365, allows unauthenticated attackers to conduct arbitrary file uploads, potentially leading to remote code execution (RCE). The flaw, assigned a CVSS score of 9.8 (Critical), affects all plugin versions up to […]

The post 30,000 WordPress Sites Exposed to Exploitation via File Upload Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Санкции США обернулись против них.

A recent ransomware attack leveraging a vulnerability in Palo Alto Networks’ PAN-OS firewall software (CVE-2024-0012) has raised significant concerns within the cybersecurity community. The attack, which targeted a medium-sized software and services company in South Asia in late 2024, is particularly alarming because it employed tools historically associated with China-based espionage groups. This marks a […]

The post Palo Alto Firewall Flaw Exploited in RA World Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been declared as problematic. This vulnerability affects the function platform_get_irq of the component mfd. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-56723. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.1. Affected by this vulnerability is the function nfsd4_process_cb_update of the component NFSD. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-53217. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. Affected by this issue is the function sh7760fb_alloc_mem of the component fbdev. The manipulation leads to memory leak. This vulnerability is handled as CVE-2024-56746. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.1 and classified as critical. This vulnerability affects the function ubifs_tnc_start_commit. The manipulation leads to use after free. This vulnerability was named CVE-2024-53171. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.1. Affected is the function cache_show. The manipulation leads to improper update of reference count. This vulnerability is traded as CVE-2024-53174. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. This issue affects the function xs_tcp_set_socket_timeouts of the component SUNRPC. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-56688. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1 and classified as critical. This issue affects the function fmc_send_cmd of the component wl128x. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-56700. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1 and classified as problematic. This issue affects the function rtc_timer_do_work. The manipulation leads to uninitialized pointer. The identification of this vulnerability is CVE-2024-56739. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. This issue affects the function register_intc_controller. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-53165. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.3. This vulnerability affects the function btrfs_ref_tree_mod. The manipulation leads to use after free. This vulnerability was named CVE-2024-56581. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

天下大势，合久必分

我有一些想法

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other? We invite you to our upcoming webinar, "Opening the Fast Lane for Secure Deployments." This isn’t another tech talk full of buzzwords—it's a down-to-earth session that