Aggregator

A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim count due to underreporting and delayed detections. The attacks, first identified last week by Dutch cybersecurity firm Eye Security, leverage critical flaws in on-premise SharePoint installations, allowing threat actors to […]

The post Microsoft SharePoint Server 0-Day Exploit Targets African Treasury, Companies, and University appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Apple has released a comprehensive set of security updates across its entire product ecosystem on July 29, 2025, addressing multiple vulnerabilities including a critical Safari flaw that was reportedly exploited in Chrome zero-day attacks. The updates span iOS, iPadOS, macOS, watchOS, tvOS, and visionOS platforms, demonstrating the company’s commitment to maintaining security across all its […]

The post Apple Patches Multiple Vulnerabilities, Including Safari Vulnerability Abused in Chrome 0-Day Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability in SonicWall Gen7 firewall products could allow remote unauthenticated attackers to cause service disruptions through denial-of-service (DoS) attacks.  The format string vulnerability tracked as CVE-2025-40600 affects the SSL VPN interface of multiple SonicWall firewall models and has been assigned a CVSS v3 score of 5.9, indicating medium severity with high availability impact. […]

The post Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack on Firewalls appeared first on Cyber Security News.

A critical remote code execution (RCE) vulnerability in the popular “Alone” WordPress theme is being actively exploited by attackers to gain complete control of vulnerable websites.  The vulnerability, assigned CVE-2025-5394 with a maximum CVSS score of 9.8, affects over 9,000 sites using versions 7.8.3 and below of the charity-focused theme. Key Takeaways1. Critical RCE flaw […]

The post WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control appeared first on Cyber Security News.

You must login to view this content

The maritime sector, which facilitates approximately 90% of international trade, is facing an unprecedented surge in sophisticated cyberattacks from advanced persistent threat (APT) groups, ransomware operators, and hacktivists, driven by escalating geopolitical conflicts. According to a recent Cyble intelligence report, over 100 such incidents have been documented in the past year, targeting shipping companies, ports, […]

The post APT Hackers Target Maritime and Shipping Industry for Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Contagious Interview campaign conducted by the Lazarus Group continues to expand its capabilities. We have observed an exponential evolution in the delivery mechanisms for the campaign’s main payloads: BeaverTail, InvisibleFerret, and OtterCookie. In this article, we will discuss the innovations related to the delivery techniques used by the group and demonstrate the preservation of […]

The post Lazarus Group Enhances Malware with New OtterCookie Payload Delivery Technique appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.