GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks. According to security experts at Trend Micro, BPFDoor is a state-sponsored backdoor attributed to the advanced persistent threat (APT) group known as Earth Bluecrow (also referred to as Red Menshen). This malware […]

The post BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR), enacted in 2018, remains a cornerstone of data privacy and security. A recent safety report highlighting the rapid advancement of artificial intelligence (AI) has renewed focus on GDPR compliance, particularly Article 7, which governs consent requirements for handling personal data, including […]

The post EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The National Social Security Fund (CNSS) of Morocco has confirmed that initial checks on leaked documents circulating on social media have revealed that much of the information is false, inaccurate, or incomplete. Officials state these documents originated from a cyber attack targeting the organization’s computer systems. The CNSS has activated security protocols, launched an internal […]

The post Morocco Investigation Major Data Breach Allegedly Claimed by Algerian Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Cisco Talos have uncovered a large-scale smishing campaign targeting toll road users across the United States. The campaign, which has been active since October 2024, impersonates toll road payment services, luring unsuspecting victims into revealing their personal and financial information through fraudulent payment requests. The Scam Unveiled The smishing campaign revolves around […]

The post Smishing Campaign Hits Toll Road Users with $5 Payment Scam appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant security vulnerability has been identified in IBM Aspera Faspex 5, a popular file exchange solution. The flaw, designated as CVE-2025-3423, allows attackers to inject malicious JavaScript into the web interface, potentially compromising sensitive user data. Vulnerability Details The vulnerability is classified as a DOM-based Cross-Site Scripting (XSS) issue. It enables authenticated users to […]

The post IBM Aspera Faspex Flaw Allows Injection of Malicious JavaScript in Web UI appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a concerning report from cybersecurity firm TeamT5, it has been revealed that a Chinese Advanced Persistent Threat (APT) group leveraged critical vulnerabilities in Ivanti Connect Secure VPN appliances to launch a global cyberattack. The breach affected nearly 20 industries across 12 countries, leaving networks exposed and under persistent threat. Global Victimology The widespread attack […]

The post Chinese APT Group Targets Ivanti VPN Vulnerabilities to Breach Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

VMware has announced that ESXi 8.0 Update 3e, the latest version of its industry-leading hypervisor, is now available for download at no cost. Released on April 10, 2025, this update is packed with enhancements, critical fixes, and new features, solidifying VMware’s dominance in the virtualization space. Free Access to ESXi 8.0 Traditionally a component of VMware’s broader […]

The post VMware ESXi 8.0 Update 3e Is Now Free — Here’s What’s New appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A North Korean state-sponsored threat group known as “Slow Pisces” has been orchestrating sophisticated cyberattacks targeting developers in the cryptocurrency sector using malware-laced coding challenges. This campaign employs deceptive tactics and advanced malware techniques designed to infiltrate systems, steal critical data, and generate revenue for the Democratic People’s Republic of Korea (DPRK). Background of Slow […]

The post Slow Pisces Group Targets Developers Using Coding Challenges Laced with Python Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Department of Justice has launched a landmark initiative to block foreign adversaries—including China, Russia, and Iran—from exploiting commercial channels to access sensitive American data. The Data Security Program (DSP), enacted under Executive Order 14117, establishes stringent controls over transactions involving U.S. government-related data and bulk personal information such as genomic, financial, and geolocation […]

The post DoJ Launches Critical National Security Program to Protect Americans’ Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A chilling new development in the cybersecurity landscape has emerged, as a threat actor has reportedly advertised an alleged zero-day exploit targeting Fortinet’s FortiGate firewalls on a prominent dark web forum. This exploit purportedly enables unauthenticated remote code execution (RCE) and full configuration access to FortiOS, unlocking the potential for attackers to seize control of […]

The post FortiGate 0-Day Exploit Allegedly Up for Sale on Dark Web appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search engine results, pushing malicious websites to the top where unsuspecting users are likely to click. In recent years, this tactic, often known as SEO poisoning or black hat SEO, has seen cybercriminals hijack the reputation of legitimate websites to promote […]

The post Threat Actors Manipulate Search Results to Lure Users to Malicious Websites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the Google Play Store to distribute Android malware. These websites, hosted on newly registered domains, create a façade of credible application installation pages, enticing victims with downloads that appear legitimate, including apps like Google Chrome. The sites are engineered with features […]

The post Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers are exploiting what’s known as “Dangling DNS” records to take over corporate subdomains, posing significant threats to organizations’ security frameworks. This attack vector has been increasingly noted by security teams, highlighting the need for constant vigilance in DNS configuration management. A New Threat Landscape Subdomain takeovers occur when a misconfigured or unused subdomain’s DNS […]

The post Dangling DNS Attack Allows Hackers to Take Over Organization’s Subdomain appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware, signaling its resurgence with attacks targeting Windows, Linux, and ESXi environments. HelloKitty ransomware, initially appearing in October 2020 as a fork of DeathRansom, has evolved significantly in its encryption methods. The ransomware now embeds an RSA-2048 public key, which is […]

The post HelloKitty Ransomware Returns, Launching Attacks on Windows, Linux, and ESXi Environments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of industries across the globe. In March 2025, this group alone managed to compromise 84 organizations, while new groups like Arkana and CrazyHunter have introduced sophisticated tools and strategies to intensify ransomware attacks. Sophistication in Attack Methods Ransomware groups in March […]

The post RansomHub Ransomware Group Hits 84 Organizations as New Threat Actors Emerge appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious endeavors. Email bombing, known also as a “spam bomb,” involves flooding a target’s email inbox with a massive volume of emails, overwhelming the recipient and disguising potential phishing or credential theft attempts. Understanding Email Bombing Email bombing works by attackers […]

The post Threat Actors Leverage Email Bombing to Evade Security Tools and Conceal Malicious Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Semiconductor companies, pivotal in the tech industry for their role in producing components integral to everything from consumer electronics to critical defense systems, are under siege from sophisticated cyber threats. These firms design, manufacture, and sell semiconductors, crucial elements with conductivity between that of a conductor and an insulator, and are prime targets for cybercriminals […]

The post Threat Actors Launch Active Attacks on Semiconductor Firms Using Zero-Day Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Enterprises are facing heightened cyber threats as attackers increasingly target network infrastructure, particularly routers, following a trend noted in Forescout Research Vedere Labs’ 2025 report on the riskiest connected devices. The Forescout report reveals a significant shift in the cybersecurity landscape, where routers have now surpassed traditional endpoints as the primary target for cyberattacks. This […]

The post Hackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are using open-source software (OSS) repositories to install malicious code into trusted applications, particularly targeting cryptocurrency software. The ReversingLabs (RL) research team has identified a pattern where attackers upload seemingly legitimate packages to repositories like npm, which then inject malicious “patches” into users’ local installations of crypto wallet software. Hijacking Open Source Packages […]

The post Threat Actors Exploit Legitimate Crypto Packages to Deliver Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Tycoon 2FA phishing kit continues its evolution with new strategies designed to slip past endpoint detection systems. This development was highlighted in a recent analysis, showcasing several sophisticated techniques aimed at thwarting detection and analysis. Obfuscation with Invisible Unicode Characters and Proxies Tycoon 2FA’s latest iteration has introduced an obfuscation method using invisible […]

The post Tycoon 2FA Phishing Kit Uses Advanced Evasion Techniques to Bypass Endpoint Detection Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.