GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these VPN and access solutions. […]

The post Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how threat actors are leveraging fake recruitment emails to distribute malicious payloads. The attackers impersonated Dev.to, a prominent developer community, and lured victims with promises of lucrative job offers. Instead of attaching malware directly to emails, they provided a BitBucket link […]

The post Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational security (OPSEC) failures and extensive reliance on ChatGPT for its operations. This emerging threat actor has been linked to ransomware campaigns, data theft, and the development of advanced malware tools, including EncryptRAT. However, critical mistakes in their operational infrastructure have […]

The post EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign, dubbed “PoisonSeed,” has been identified targeting customer relationship management (CRM) and bulk email providers to facilitate cryptocurrency-related scams. The threat actors behind this campaign are leveraging compromised credentials to export email lists and send bulk phishing emails, aiming to compromise cryptocurrency wallets through a novel seed phrase poisoning technique. Phishing Tactics […]

The post PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation. These scams, which have been hitting users’ phones in waves, are part of a sophisticated campaign leveraging a platform called Lucid. Cybercriminals behind this scheme are exploiting legitimate communication technologies like Apple iMessage and Android RCS to […]

The post Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The State Bar of Texas has confirmed a data breach following the detection of unauthorized activity on its network earlier this year. According to an official notice, the breach occurred between January 28, 2025, and February 9, 2025, during which an unauthorized actor gained access to sensitive information stored on the organization’s systems. The intrusion […]

The post State Bar of Texas Confirms Data Breach, Begins Notifying Affected Consumers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As the United States approaches Tax Day on April 15, cybersecurity experts have uncovered a series of sophisticated phishing campaigns leveraging tax-related themes to exploit unsuspecting users. Microsoft has identified these campaigns as employing advanced redirection techniques such as URL shorteners and QR codes embedded in malicious attachments to evade detection. By abusing legitimate services […]

The post Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated browser-based malware delivery method, dubbed ClickFix, has emerged as a significant threat to cybersecurity. Leveraging deceptive prompts like “Fix Now” and “Bot Verification,” ClickFix tricks users into executing malicious commands by exploiting familiar system actions. This technique bypasses conventional download workflows, relying on clipboard hijacking and user interaction to stage and execute malware. […]

The post Beware of Clickfix: ‘Fix Now’ and ‘Bot Verification’ Lures Deliver and Execute Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The release of DeepSeek-R1, a 671-billion-parameter large language model (LLM), has sparked significant interest due to its innovative use of Chain-of-Thought (CoT) reasoning. CoT reasoning enables the model to break down complex problems into intermediate steps, enhancing performance on tasks such as mathematical problem-solving. However, this transparency comes with unintended vulnerabilities. By explicitly sharing its […]

The post DeepSeek-R1 Prompts Abused to Generate Advanced Malware and Phishing Sites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers from Socket have exposed a malicious Python package on PyPI, named disgrasya, designed to automate credit card fraud on WooCommerce-based e-commerce sites. Unlike conventional supply chain attacks that rely on deception or typosquatting, disgrasya was overtly malicious, leveraging PyPI as a distribution platform to reach a broad audience of fraudsters. The package specifically […]

The post Malicious PyPI Package Targets E-commerce Sites with Automated Carding Script appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered credit card skimming campaign, dubbed “RolandSkimmer,” is exploiting browser extensions to exfiltrate sensitive financial data. This advanced malware has been observed targeting users primarily in Bulgaria and operates across popular web browsers, including Chrome, Edge, and Firefox. The campaign leverages deceptive techniques to establish persistence, evade detection, and steal payment information. Attack […]

The post New Credit Card Skimming Campaign Uses Browser Extensions to Steal Financial Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Several of Australia’s largest superannuation funds have been targeted in a coordinated cyberattack, leading to unauthorized access to customer accounts and financial losses for some members. Among those affected are major funds such as REST, Hostplus, AustralianSuper, Australian Retirement Trust, and Insignia Financial’s MLC Expand. Scope of the Cyberattack AustralianSuper, the nation’s largest super fund, […]

The post Australian Pension Funds Hacked: Members Face Financial Losses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant update to the popular dynamic instrumentation toolkit Frida, developers have introduced powerful new APIs for advanced threat monitoring and software analysis. These enhancements, released on April 4, 2025, offer security researchers and penetration testers unprecedented capabilities in tracking thread activity, module loading, and performance profiling. Thread Observation Made Easy One of the […]

The post Frida Penetration Testing Toolkit Updated with Advanced Threat Monitoring APIs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to crash servers and potentially execute remote code under certain conditions. The flaw, identified as CVE-2025-2704, affects OpenVPN servers using specific configurations and has been addressed in the newly released version OpenVPN 2.6.14. CVE-2025-2704: Overview The vulnerability is […]

The post OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw enables attackers to exploit request smuggling via malformed chunked messages. Users of Apache Traffic Server are urged to upgrade to secure versions of the software immediately to mitigate potential risks. CVE-2024-53868 Details The vulnerability was […]

The post Apache Traffic Server Flaw Allows Request Smuggling Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Secure Ideas, a premier provider of penetration testing and security consulting services, proudly announces its recent achievements of CREST accreditation and CMMC Level 1 compliance, reinforcing its commitment to delivering the highest standards of security assessment and regulatory compliance for its clients. With these certifications, Secure Ideas strengthens its ability to deliver globally recognized, standards-based […]

The post Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a prominent online securities company in Japan formed through the merger of Monex, Inc. and Nikko Beans, Inc. The company provides individual investors with a range of financial services, making it an attractive target for cybercriminals. The phishing operation involves the […]

The post New Phishing Campaign Targets Investors to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware tool named WRECKSTEEL to infiltrate computers and extract sensitive data. The primary targets include government […]

The post UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hunters International, a ransomware group suspected to be a rebrand of the infamous Hive ransomware, has been linked to widespread attacks targeting Windows, Linux, FreeBSD, SunOS, and ESXi systems. Emerging in October 2023, the group has gained notoriety for its sophisticated techniques in data exfiltration and extortion. Cybersecurity researchers have noted similarities between Hunters International’s […]

The post Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a Managed Service Provider (MSP) by mimicking the login page of ScreenConnect, a popular Remote Monitoring and Management (RMM) tool. The attack, which occurred in January 2025, highlights the growing sophistication of phishing campaigns targeting MSPs to exploit downstream customers. Sophos’ […]

The post Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.