GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in social media, marketing, and related roles. The attackers impersonated Fortune 500 companies, including Meta, Coca-Cola, and PayPal, to lure victims into applying for fake job opportunities as social media managers. Unlike traditional credential phishing campaigns, this operation also exfiltrated sensitive […]

The post Threat Actors Attack Job Seekers of Fortune 500 Companies to Steal Personal Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia, targeting a prominent real estate and construction company in Riyadh. This marks the first time the group has targeted a major enterprise in the Kingdom, with over 6 terabytes of sensitive data exfiltrated. The attack, announced on February 14, 2025, […]

The post DragonForce Attacks Critical Infrastructure to Exfiltrate Data and Halt Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that exploits a legitimate antivirus driver to bypass system protections. The malware, identified as “kill-floor.exe,” leverages the Avast Anti-Rootkit driver (aswArPot.sys) to gain kernel-level access, effectively neutralizing security software and taking control of infected systems. This tactic highlights the growing trend […]

The post New Malware Uses Legitimate Antivirus Driver to Bypass All System Protections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has removed two widely-used Visual Studio Code (VS Code) extensions, “Material Theme Free” and “Material Theme Icons Free,” from its marketplace after cybersecurity researchers discovered malicious code embedded within them. These extensions, developed by Mattia Astorino (also known as equinusocio), had amassed nearly 9 million installations combined, with Astorino’s total extension downloads exceeding 13 […]

The post VS Code Extension with 9 Million Installs Attacks Developers with Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new ransomware group, dubbed Anubis, has emerged as a significant threat in the cybersecurity landscape. Active since late 2024, Anubis employs advanced techniques and operates across multiple platforms, including Windows, Linux, NAS, and ESXi environments. The group is leveraging ransomware-as-a-service (RaaS) and other affiliate-based monetization models to expand its reach and impact. Technical Capabilities […]

The post New Anubis Ransomware Targets Windows, Linux, NAS, and ESXi x64/x32 Environments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new wave of cyberattacks targeting WordPress websites has been uncovered, with attackers leveraging fake plugins to inject malicious links into site footers. These links, often promoting casino-related spam, compromise website integrity and can severely impact search engine optimization (SEO). The attackers use sophisticated techniques to disguise their malicious plugins, making detection and removal challenging […]

The post WordPress Admins Warned of Fake Plugins Injecting Malicious Links into Websites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly identified cybercriminal group, LARVA-208, also known as EncryptHub, has successfully infiltrated 618 organizations globally since June 2024, leveraging advanced social engineering techniques to steal credentials and deploy ransomware. According to reports from cybersecurity firms CATALYST and Prodaft, the group has demonstrated a high level of sophistication in its operations, targeting corporate networks through […]

The post LARVA-208 Hackers Compromise 618 Organizations Stealing Logins and Deploying Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco Systems has issued a critical security advisory for a newly disclosed command injection vulnerability affecting its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Tracked as CVE-2025-20161 (CVSSv3 score: 5.1), the flaw enables authenticated attackers with administrative privileges to execute arbitrary operating system commands with root-level permissions during software upgrade procedures. The vulnerability, […]

The post Cisco Nexus Vulnerability Allows Attackers to Inject Malicious Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered Wi-Fi jamming technique enables attackers to selectively disconnect individual devices from networks with surgical precision, raising alarms across cybersecurity and telecommunications industries. Researchers from Northeastern University and the University of Chicago uncovered this vulnerability in IEEE 802.11 protocols that underpin all modern Wi-Fi systems, demonstrating how targeted de-authentication attacks could disrupt smart […]

The post New Wi-Fi Jamming Attack Can Disable Specific Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass security mechanisms, execute malicious scripts, and access sensitive data. The patches, included in versions 17.9.1, 17.8.4, and 17.7.6 for both Community Edition (CE) and Enterprise Edition (EE), mitigate critical risks affecting Kubernetes integrations, dependency management, […]

The post GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers discovered it could allow attackers to execute malicious files on Windows systems by exploiting hyperlink handling mechanisms. The flaw, which impacts versions before 24.8.5, revolves around improper validation of non-file URLs interpreted as Windows file paths through […]

The post LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. The vulnerability enables unauthenticated attackers to trigger denial of service (DoS) conditions through crafted Ethernet frames. Rated 7.4 on the CVSS v3.1 scale, the flaw affects critical infrastructure components widely used in enterprise and […]

The post Cisco Nexus Switch Vulnerability Allows Attackers to Cause DoS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox, has been uncovered, targeting healthcare services in North America. The attackers exploited Philips DICOM Viewer software to deploy malicious payloads, including a backdoor remote access tool (RAT), a keylogger, and a crypto miner. This campaign highlights the evolving tactics of […]

The post Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has been detected, targeting government and military entities in Ukraine and opposition groups in Belarus. The campaign, active since late 2024, employs weaponized Excel (XLS) files embedded with malicious macros to deliver malware payloads, underscoring the evolving sophistication of state-sponsored cyber-espionage […]

The post Ghostwriter Malware Targets Government Organizations with Weaponized XLS File appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial appearance in November 2024. Known for encrypting files with the .lcryx extension and demanding $500 in Bitcoin for decryption, this ransomware has evolved with advanced techniques to lock down Windows systems and evade detection. Disabling System Tools and Elevating Privileges […]

The post LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection during malware distribution. Attackers are leveraging ephemeral port 60102, typically reserved for temporary communications, as a service port for covert malware transmission. This approach bypasses traditional monitoring systems, which often focus on scanning standard service ports such as 80 or […]

The post Threat Actors Using Ephemeral Port 60102 for Covert Malware Communications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A financial management app named Finance Simplified has been revealed as a malicious tool for stealing sensitive user data and engaging in blackmail. Despite its fraudulent nature, the app managed to accumulate over 100,000 downloads from the Google Play Store before being removed. The app is linked to the SpyLoan family, notorious for predatory lending […]

The post App with Over 100,000 Downloads from Google Play Steals User Data and Blackmails appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan, is leveraging PKG files with preinstall scripts to infiltrate systems. This malware, weighing only 207 bytes, is currently undetected by VirusTotal and represents a significant threat to Mac users. The preinstall script embedded in the PKG file serves as a […]

The post Poseidon Mac Malware Hiding Within PKG Files to Evade Detections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a groundbreaking development, researchers have uncovered how attackers are exploiting Windows Virtualization-Based Security (VBS) enclaves to create malware that is highly evasive and difficult to detect. VBS enclaves, designed as isolated and secure regions of memory within a process, are being weaponized to bypass traditional security mechanisms, posing a significant threat to enterprise systems. […]

The post Windows Virtualization-Based Security Exploited to Develop Highly Evasive Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant breakthrough, cybersecurity firm Silent Push has uncovered sensitive infrastructure tied to the Lazarus Group, a North Korean state-sponsored Advanced Persistent Threat (APT). This discovery sheds light on the group’s involvement in the historic $1.4 billion cryptocurrency heist targeting ByBit, one of the largest thefts in crypto history. The investigation revealed that the […]

The post Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.