GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware, a sophisticated infostealer designed to target specific email clients, notably Microsoft Outlook and Mozilla Thunderbird. This malware has been active since late 2022 and has been primarily used in large-scale phishing campaigns targeting users in several European countries, including Spain, […]

The post Strela Stealer Malware Attack Microsoft Outlook Users for Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named set-utils, designed to steal Ethereum private keys by exploiting commonly used account creation functions. This package masquerades as a utility for Python sets, mimicking popular libraries like python-utils and utils, thereby deceiving developers into installing it. Since its release it […]

The post New PyPI Malware Targets Developers to Steal Ethereum Wallets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code execution (RCE) vulnerability in PHP-CGI on Windows systems. This vulnerability, identified as CVE-2024-4577, allows attackers to execute arbitrary PHP code on servers using Apache with a vulnerable PHP-CGI setup. The attackers are primarily targeting organizations in Japan across various sectors, […]

The post Threat Actors Exploit PHP-CGI RCE Vulnerability to Attack Windows Machines appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a recent cybersecurity incident, the Akira ransomware group demonstrated its evolving tactics by exploiting an unsecured webcam to bypass Endpoint Detection and Response (EDR) tools. This novel approach highlights the group’s ability to adapt and evade traditional security measures, making it a formidable threat in the cybersecurity landscape. Background and Modus Operandi Akira, a […]

The post Akira Ransomware Targets Windows Servers via RDP and Evades EDR with Webcam Trick appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a recent development, Microsoft has identified a new North Korean threat actor known as Moonstone Sleet, which has been employing a combination of traditional and innovative tactics to achieve its financial and cyberespionage objectives. Moonstone Sleet, formerly tracked as Storm-1789, has demonstrated a sophisticated approach by using fake companies, trojanized software, and even a […]

The post North Korean Moonstone Sleet Uses Creative Tactics to Deploy Custom Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide. This campaign, which began in early December 2024, leverages malicious redirects from illegal streaming websites to deliver malware hosted on platforms like GitHub. The attack is notable for its indiscriminate targeting, affecting both consumer and enterprise devices […]

The post Microsoft Warns: 1 Million Devices Infected by Malware from GitHub appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Tax season has become a breeding ground for sophisticated AI-powered scams, with nearly half of Americans reporting fraudulent IRS-related communications, according to McAfee’s 2025 survey. Cybercriminals are leveraging deepfake audio, phishing emails, and spoofed websites to steal identities and funds, costing victims up to $10,000 in losses—and in some cases, far more. Escalating Threats Across […]

The post Fake Tax Claims Scam Stealing Over $10,000 from Victims appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Tails Project has launched Tails 6.13, the latest version of its privacy-centric Linux distribution, introducing improved Wi-Fi troubleshooting tools, updated anonymity software, and fixes for persistent storage and installation workflows. Targeted at users prioritizing security and anonymity, this release addresses common hardware compatibility challenges while refining the user experience. Enhanced Wi-Fi Hardware Detection and […]

The post Tails 6.13 Linux Distro Released with Enhanced Wi-Fi Hardware Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent security analysis of Draytek Vigor routers has uncovered severe vulnerabilities that could allow attackers to hijack devices, execute arbitrary code, and bypass critical security controls. These findings, disclosed by researchers at DEFCON 32 HHV and Ekoparty 2024, highlight systemic risks in widely used small office/home office (SOHO) routers due to outdated firmware, weak […]

The post Critical DrayTek Router Vulnerabilities Expose Devices to RCE Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a recent study published by Palo Alto Networks’ Threat Research Center, researchers successfully jailbroke 17 popular generative AI (GenAI) web products, exposing vulnerabilities in their safety measures. The investigation aimed to assess the effectiveness of jailbreaking techniques in bypassing the guardrails of large language models (LLMs), which are designed to prevent the generation of […]

The post Researchers Jailbreak 17 Popular LLM Models to Reveal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated malware operation, dubbed “Phantom Goblin,” has been identified by cybersecurity researchers, highlighting the increasing use of social engineering tactics to deploy information-stealing malware. This operation leverages deceptive techniques to trick users into executing malicious files, leading to unauthorized access and data theft. Malware Distribution and Execution The Phantom Goblin malware is distributed via […]

The post Phantom Goblin Uses Social Engineering Tactics to Deploy Stealer Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GitHub Copilot, once a developer-centric tool, is now revolutionizing workflows across technical and non-technical roles. With features like Agent Mode, CLI integration, and Project Padawan, Copilot is emerging as a universal productivity enhancer. This article explores three key developments reshaping collaboration in 2025. 1. From Pair Programmer to Cross-Functional Assistant GitHub Copilot now extends beyond […]

The post GitHub Explains How Security Professionals Can Use Copilot for Log Analysis appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has launched Microsoft 365 E5 Security as an add-on to its Business Premium suite, providing small and medium-sized businesses (SMBs) with advanced tools to combat escalating cyber threats. The offering integrates enterprise-grade security features at a 57% cost savings compared to standalone purchases, addressing evolving regulatory and cyber insurance demands1. Enhanced Identity Protection and […]

The post Microsoft Introduces 365 E5 Security Add-On for Business Premium Customers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability in AMD’s Zen 1 through Zen 4 processors allows attackers to bypass microcode signature validation, potentially undermining hardware-based security mechanisms. The flaw stems from AMD’s use of AES-CMAC as a hash function during microcode patch verification – a design decision that enables collision attacks and forged RSA keys. Vulnerability Rooted in Cryptographic […]

The post AMD Microcode Vulnerability Allows Attackers to Load Malicious Patches appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Remote Desktop Protocol (RDP) is a widely used tool for remote access, but it often leaves behind traces of user activity, which can be a concern for privacy and security. Recently, the use of the “/public” command-line option in MSTSC, the RDP client, has gained attention for its ability to activate a “public mode,” […]

The post Activating Incognito Mode in RDP to Erase All Traces appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Medusa ransomware attacks have seen a significant increase, rising by 42% between 2023 and 2024, with a further escalation in early 2025. This surge is attributed to the group Spearwing, which operates Medusa as a ransomware-as-a-service (RaaS) model. Spearwing and its affiliates are known for conducting double extortion attacks, where they steal data before encrypting […]

The post Medusa Ransomware Attacks Surge 42% with Advanced Tools & Tactics appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Peaklight malware has emerged as a significant threat, designed to steal sensitive information from compromised endpoints. This information stealer is often distributed through underground channels and is sometimes offered as a Malware-as-a-Service (MaaS), making it a continuously evolving and potent threat capable of bypassing conventional security measures. Peaklight’s primary goal is to exfiltrate sensitive data, […]

The post Peaklight Malware Targets Users to Steal Credentials, Browser History, and Financial Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security flaw (CVE-2024-56325) in Apache Pinot, a real-time distributed OLAP datastore, has been disclosed, allowing unauthenticated attackers to bypass authentication controls and gain unauthorized access to sensitive systems. Rated 9.8 on the CVSS scale, this vulnerability exposes organizations to data exfiltration, privilege escalation, and potential infrastructure compromise. The Zero Day Initiative (ZDI) tracked […]

The post Apache Pinot Vulnerability Allows Remote Attackers to Bypass Authentication appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Federal Bureau of Investigation (FBI) issued a critical alert through its Internet Crime Complaint Center (IC3) warning of a novel cyber extortion campaign targeting corporate executives. Criminal actors impersonating the notorious BianLian ransomware group are leveraging physical mail to deliver threatening letters demanding Bitcoin payments under the guise of data exfiltration. The Cybersecurity and […]

The post FBI Warns: Threat Actors Impersonating BianLian Group to Target Corporate Executives appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Zero Trust is a security framework that operates under the assumption that no implicit trust exists within a network. Every request for access must be verified, regardless of whether it comes from within or outside the organization. Identity First Security bolsters Zero Trust by making identity the central control point for access decisions. This method […]

The post Implementing Identity First Security for Zero Trust Architectures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.