GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The cybersecurity landscape has been disrupted by the emergence of Lucid, a sophisticated Phishing-as-a-Service (PhAAS) platform developed by Chinese-speaking threat actors. This advanced toolkit enables cybercriminals to conduct large-scale phishing campaigns, targeting 169 entities across 88 countries globally. Lucid’s innovation lies in its exploitation of Rich Communication Services (RCS) and Apple’s iMessage protocol to circumvent […]

The post Lucid PhAAS Platform Uses RCS and iMessage to Evade Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Bitdefender have uncovered a significant evolution in the tactics of the RedCurl threat group, marking their first foray into ransomware deployment. This new strain, dubbed QWCrypt, specifically targets Hyper-V servers, showcasing a sophisticated and highly targeted approach to cyberattacks. Novel Ransomware Strain Emerges The QWCrypt ransomware, previously undocumented, represents a departure from […]

The post RedCurl Unleashes New Ransomware Targeting Hyper-V Servers Exclusively appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

 The Cybersecurity and Infrastructure Security Agency (CISA) has included a critical deserialization vulnerability affecting Sitecore CMS and Experience Platform (XP). This vulnerability, tracked as CVE-2019-9874, allows unauthenticated attackers to execute arbitrary code by manipulating HTTP POST parameters, specifically the __CSRFTOKEN field. The vulnerability exploits a weakness in the Sitecore.Security.AntiCSRF module, enabling malicious actors to send […]

The post CISA Adds Sitecore CMS Code Execution Vulnerability to Exploited List appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Zscaler ThreatLabz have identified a new sophisticated malware family called CoffeeLoader, which emerged around September 2024. This advanced loader employs numerous techniques to bypass security solutions and evade detection while delivering second-stage payloads, particularly the Rhadamanthys stealer. CoffeeLoader utilizes a specialized packer named Armoury that leverages the GPU to execute code, hindering […]

The post Advanced CoffeeLoader Malware Evades Security to Deliver Rhadamanthys Shellcode appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at SentinelOne have discovered that ReaderUpdate, a macOS malware loader platform that has been active since at least 2020, has significantly evolved with new variants written in multiple programming languages. The malware, which previously went relatively unnoticed by many vendors, now includes versions written in Crystal, Nim, Rust, and most recently Go, in […]

The post New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit has been released, demonstrating how attackers could exploit this flaw. CVE-2025-1974 affects versions of Ingress-NGINX […]

The post PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent discovery has revealed a potential supply chain attack vulnerability in GitHub’s CodeQL repositories, which could have led to wide-ranging consequences for hundreds of thousands of GitHub users. The exploit hinges on a publicly exposed secret found in a GitHub Actions workflow artifact, which, if utilized by an attacker, could allow malicious code execution […]

The post CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a concerning development for cybersecurity professionals, threat actors are increasingly utilizing a powerful tool called Atlantis AIO to automate and scale credential stuffing attacks across more than 140 platforms. This multi-checker tool, designed to exploit stolen user credentials, has emerged as a formidable weapon in the cybercriminal arsenal, enabling attackers to test millions of […]

The post Threat Actors Use “Atlantis AIO” Tool to Automate Credential Stuffing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers Dylan Tran and Jimmy Bayne have unveiled a new fileless lateral movement technique that exploits trapped Component Object Model (COM) objects in Windows systems. This method, based on research by James Forshaw of Google Project Zero, allows attackers to execute .NET managed code in the context of a server-side Distributed COM (DCOM) process. […]

The post Hackers Exploit COM Objects for Fileless Malware and Lateral Movement appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant escalation of illicit activities, B1ack’s Stash, a notorious dark web carding marketplace, has announced plans to release an additional 4 million stolen credit card records for free. This move is part of a broader strategy to attract cybercriminals and establish credibility within the underground economy. The marketplace first gained attention in April […]

The post B1ack’s Stash Marketplace Actors Set to Release 4 Million Stolen Credit Card Records for Free appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Pakistan-based Advanced Persistent Threat (APT) group, likely APT36, has launched a multi-platform cyberattack campaign targeting Indian users through a fraudulent website impersonating the Indian Post Office. The attack, discovered by CYFIRMA researchers, exploits both Windows and Android vulnerabilities, demonstrating a significant evolution in the group’s tactics. Sophisticated Attack Leverages Youth Laptop Scheme The malicious […]

The post Pakistan APT Hackers Weaponize malicious IndiaPost Site to Target Windows and Android Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new malware strain called IOCONTROL has emerged, posing a significant threat to Internet of Things (IoT) devices and operational technology (OT) systems, particularly those in critical infrastructure. First observed in December 2024, IOCONTROL is allegedly created by the anti-Israeli and pro-Iranian hacktivist group “Cyber Av3ngers.” Technical Analysis Reveals Sophisticated Capabilities IOCONTROL employs advanced techniques […]

The post New IOCONTROL Malware Let Attackers Control Critical Infrastructure & Gain Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Nozomi Networks Labs has uncovered four severe vulnerabilities in the Inaba Denki Sangyo Co., Ltd. IB-MCT001, a camera widely used in Japanese production plants for recording production stoppages. These security flaws, which remain unpatched, pose significant risks to industrial environments, potentially allowing unauthorized remote access and manipulation of critical production data. The CHOCO TEI WATCHER […]

The post Production Line Camera Flaws Allow Hackers to Disable Recordings appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new wave of cyberattacks is targeting YouTube creators, leveraging fake brand collaboration offers to distribute malware. Cybersecurity firm CloudSEK has uncovered a sophisticated phishing campaign that employs the “Clickflix” technique to deceive content creators and compromise their systems. The attack vector begins with threat actors scraping email addresses from YouTube channels using specialized parser […]

The post YouTube Creators Targeted by Weaponized Brand Deals Using ‘Clickflix’ Attack Tactic appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Trend Research has uncovered a sophisticated campaign by the Russian threat actor Water Gamayun, exploiting a zero-day vulnerability in the Microsoft Management Console (MMC) framework. The vulnerability, dubbed MSC EvilTwin (CVE-2025-26633), allows attackers to execute malicious code on infected machines. The attack manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and […]

The post Windows MMC Framework Zero-Day Exploited to Execute Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Both CrushFTP, a popular file transfer technology, and Next.js, a widely used React framework for building web applications, have come under scrutiny due to significant vulnerabilities. Rapid7 has highlighted these issues, emphasizing their potential impact on data security and unauthorized access. Overview of Vulnerabilities Next.js Vulnerability (CVE-2025-29927):  This critical vulnerability involves improper authorization in middleware, […]

The post CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Users of the Veeam Backup Server have encountered a significant issue following the Windows 11 24H2 update. Specifically, the update has disrupted the connection between Veeam Recovery Media and the Veeam Backup Server. This problem affects users who have created recovery media from Windows 11 version 24H2 (build 26100.3194) or higher. When attempting to restore […]

The post Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cloudflare experienced a significant service outage that affected several of its key offerings, including R2 object storage, Cache Reserve, Images, Log Delivery, Stream, and Vectorize. The incident, which lasted 1 hour and 7 minutes, was traced back to a faulty credential rotation process for the R2 Gateway service. Incident Overview The outage began at 21:38 […]

The post Cloudflare Attributes Service Outage to Faulty Password Rotation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In mid-March 2025, Kaspersky researchers uncovered a sophisticated APT attack, dubbed Operation ForumTroll, which leveraged a previously unknown zero-day exploit in Google Chrome. This exploit allowed attackers to bypass Chrome’s sandbox protections, a critical security feature designed to isolate and contain malicious code. The attack was initiated through personalized phishing emails, which directed victims to […]

The post APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab, specifically targeting industrial systems associated with ORPAK, a company involved in gas stations and oil transportation. The malware, which was uploaded to VirusTotal in January 2024 from the U.S., employs advanced techniques to evade detection and maintain persistence on compromised systems. Exploitation of […]

The post New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.