GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Cybersecurity researchers from Palo Alto Networks’ Unit 42 disclosed the resurgence of the Bookworm malware, which has been linked to the Stately Taurus threat actor group. This malware employs a sophisticated DLL sideloading technique that enables it to infiltrate Windows systems effectively. The research highlights overlaps between the infrastructure used by Stately Taurus and the […]

The post New Bookworm Malware Using SLL Sideloading Technique To Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent investigation has uncovered a malicious application, DriverEasy, masquerading as a legitimate Google Chrome update to steal user credentials. The malware leverages Dropbox’s API to exfiltrate sensitive information, including passwords, and is linked to North Korea’s cyber-espionage campaign known as “Contagious Interview.” Password Theft via Fake Prompts DriverEasy, written in Swift and Objective-C, deploys […]

The post Fake Chrome Update Delivers DriverEasy Malware by Abusing Dropbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts have raised alarms about the Rhadamanthys Infostealer, a sophisticated malware now being distributed through Microsoft Management Console (MMC) files with the MSC extension. This new tactic, confirmed by the AhnLab Security Intelligence Center (ASEC), exploits the flexibility of MSC files, which are XML-based and capable of executing scripts, commands, and programs. The malware’s […]

The post Rhadamanthys Infostealer Uses Microsoft Management Console to Spread Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered a significant evolution in the ShadowPad malware family, which is now being used to deploy ransomware in highly targeted attacks. ShadowPad, modular malware linked to Chinese threat actors, has historically been associated with cyber espionage. However, recent incidents reveal its expanded capabilities, marking an alarming shift toward ransomware deployment. Incident Analysis […]

The post ShadowPad Malware Upgraded to Deliver Ransomware in Targeted Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent phishing campaign conducted by cybersecurity firm Hackmosphere has revealed alarming vulnerabilities among top decision-makers, including CEOs and CTOs. The study underscores how cybercriminals exploit social engineering tactics to target high-ranking executives, emphasizing the need for heightened vigilance and robust security measures. Phishing, a prevalent cyberattack method, involves tricking individuals into revealing sensitive information […]

The post Phishing Attack Exploit CEOs, CTOs, and Top Decision-Makers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the threat actor group SmartApeSG, also known as ZPHP or HANEYMANEY. This campaign exploits fake browser update notifications to deliver two potent malware strains: NetSupport RAT and StealC. The operation leverages malicious scripts injected into compromised websites, redirecting victims to fraudulent pages designed to mimic […]

The post Hackers Drop NetSupport RAT & StealC Malware on Your Windows Via Fake Browser Updates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has urgently addressed a high-severity privilege escalation vulnerability (CVE-2025-21420) in the Windows Disk Cleanup Utility (cleanmgr.exe) during its February 2025 Patch Tuesday updates. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM privileges through DLL sideloading techniques. Technical Mechanism of the Exploit The vulnerability leverages cleanmgr.exe’s privileged […]

The post Windows Disk Cleanup Tool Exploit Allows SYSTEM Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cloud Software Group has raced to address a severe security flaw in its widely used NetScaler management infrastructure that could enable authenticated attackers to execute malicious commands across enterprise networks. The vulnerability tracked as CVE-2024-12284 and scoring 8.8 on the CVSS v4.0 severity scale, exposes unpatched NetScaler Console (formerly NetScaler ADM) and NetScaler Agent deployments […]

The post Citrix NetScaler Vulnerability Exposes Systems to Unauthorized Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security flaw in Microsoft Bing tracked as CVE-2025-21355, allowed unauthorized attackers to execute arbitrary code remotely, posing severe risks to organizations and users globally. The vulnerability, rooted in a missing authentication mechanism for a critical Bing function, enabled network-based exploitation without requiring user interaction or prior credentials.  With a CVSS score of 8.6, […]

The post Critical Microsoft Bing Vulnerability Enabled Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept sensitive communications from military personnel, politicians, journalists, and activists. The attackers are exploiting Signal’s “linked […]

The post Russian Hackers Target Signal Messenger Users to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a new campaign leveraging the legitimate JAR signing tool, jarsigner.exe, to distribute the XLoader malware. The attack employs a DLL side-loading technique, where malicious DLL files are placed alongside legitimate executable files to ensure their execution when the legitimate application is run. This method exploits […]

The post Hackers Exploit Jarsigner Tool to Deploy XLoader Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminal groups, primarily based in China, are leveraging advanced phishing techniques and mobile wallet technologies to convert stolen payment card data into fraudulent Apple and Google Wallet accounts. This innovative approach has revitalized the underground carding industry, which had been weakened in recent years by the adoption of chip-based payment cards in the United States. […]

The post Hackers Converting Stolen Payment Card Data into Apple & Google Wallets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected targeting users of popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. FortiGuard Labs identified this threat using FortiSandbox v5.0 (FSAv5), a cutting-edge malware detection platform powered by advanced artificial intelligence (AI) and machine learning. This malicious […]

The post Snake Keylogger Targets Chrome, Edge, and Firefox Users in New Attack Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated group is leveraging a ransomware strain named UxCryptor, which has gained notoriety for its reliance on leaked ransomware builders. These tools lower the technical barrier for malware […]

The post Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent cyberattack campaign, dubbed “DEEP#DRIVE,” has been attributed to the North Korean Advanced Persistent Threat (APT) group, Kimsuky. The operation, targeting South Korean businesses, government entities, and cryptocurrency users, employs advanced techniques involving Dropbox-hosted payloads and obfuscated PowerShell scripts to infiltrate systems and exfiltrate sensitive data. Exploiting Trusted Platforms for Malware Delivery The attackers […]

The post North Korean Hackers Leverage Dropbox and PowerShell Scripts to Breach Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

BlackLock ransomware, first identified in March 2024, has rapidly ascended the ranks of the ransomware-as-a-service (RaaS) ecosystem, becoming the seventh most prolific group on data-leak sites by late 2024. The group employs a double extortion strategy, encrypting victims’ data while exfiltrating sensitive information to pressure organizations into paying ransoms. Its malware targets multiple environments, including […]

The post BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent cybersecurity investigation has unveiled a troubling reality: U.S. military personnel and employees of major defense contractors, including Lockheed Martin, Boeing, and Honeywell, have been compromised by infostealer malware. This inexpensive yet potent cyberweapon, available for as little as $10 per infected device on underground marketplaces, has exposed critical credentials, including access to classified […]

The post Threat Actors Using $10 Infostealer Malware to Compromise US Security appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts have uncovered a new wave of “Scam-Yourself” attacks that exploit AI-generated deepfake videos and malicious scripts to deceive users into compromising their own systems. These campaigns represent a significant evolution in cybercrime, combining advanced technologies like deepfake video synthesis, AI-generated personas, and adaptive malware tactics to execute highly convincing scams. The latest attack, […]

The post Next Wave of ‘Scam-Yourself’ Attacks Leverages AI-Generated Deepfake Videos appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent cybersecurity analysis has uncovered a campaign targeting Chinese-speaking users through malicious installers of popular applications such as Signal, Line, and Gmail. These backdoored executables exploit manipulated search engine results to lure unsuspecting users into downloading malware-laden files. The attackers employ deceptive tactics, including fake download pages hosted on unrelated domains, to distribute these […]

The post Malware-Infected Signal, Line, and Gmail Apps Alter System Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) escalated its cybersecurity alerts on February 18, 2025, releasing two critical Industrial Control Systems (ICS) advisories targeting vulnerabilities in Delta Electronics’ CNCSoft-G2 and Rockwell Automation’s GuardLogix controllers. These advisories flagged under ICSA-24-191-01 (Update A) and ICSA-25-035-02 (Update A), address high-severity flaws that could enable remote code execution […]

The post CISA Issues Two New ICS Advisories Addressing Exploits and Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.