GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Threat actors have recently been exploiting legacy drivers to bypass certificate validation, leveraging a technique known as “Legacy Driver Exploitation.” This method involves using vulnerable drivers to evade security measures and distribute malware, as highlighted in a recent security advisory. The attack primarily utilizes the Gh0stRAT malware to remotely control infected systems and cause further […]

The post Threat Actors Leverage Legacy Drivers to Circumvent TLS Certificate Validation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a stark revelation of the escalating cyber threat landscape, Flashpoint’s latest intelligence report highlights the alarming rise in compromised credentials and malware infections. In 2024, threat actors managed to steal an unprecedented 3.2 billion login credentials, marking a 33% increase from the previous year. This staggering figure underscores the growing reliance of cybercriminals on […]

The post Threat Actors Steal 3.2 Billion Login Credentials and Infect 23 Million Devices Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In recent years, VPN vulnerabilities have emerged as a critical threat vector for organizations worldwide. Threat actors, including both cybercriminal groups and state-sponsored entities, are increasingly exploiting these vulnerabilities to gain unauthorized access to sensitive networks. Two notable vulnerabilities, CVE-2018-13379 and CVE-2022-40684, have become staples in the attacker’s playbook, allowing for large-scale credential theft and […]

The post VPN Vulnerabilities Become a Primary Weapon for Threat Actors Targeting Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant vulnerability in Microsoft Windows File Explorer, identified as CVE-2025-24071, has been discovered and is being actively exploited in the wild. This vulnerability allows attackers to capture NTLM hashes, potentially leading to network spoofing attacks and credential theft. The exploit involves specially crafted .library-ms files embedded within compressed archives like RAR or ZIP. When […]

The post Microsoft Windows NTLM File Explorer Vulnerability Exploited in The Wild – PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent analysis by Cloudflare reveals a concerning trend in online security: nearly 41% of successful logins across websites involve compromised passwords. This issue is exacerbated by the widespread practice of password reuse among users. Despite growing awareness about online security risks, many individuals continue to use the same passwords across multiple accounts, creating a […]

The post 41% of Successful Logins Across Websites Involve Compromised Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more. However, this digital transformation also brings with it a heightened vulnerability to cyber threats. Recent research by our security team at PRODAFT has identified critical vulnerabilities in the mySCADA myPRO system, a widely […]

The post mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. SpyCloud, the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report, highlighting the rise of darknet-exposed identity data as the primary cyber risk […]

The post SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across various server hardware. This vulnerability, identified as CVE-2024-54085, allows attackers to bypass authentication remotely, posing a significant risk to cloud infrastructure and data centers worldwide. The issue is a continuation of previous vulnerabilities disclosed by Eclypsium, […]

The post Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This action, exploited under CVE-2025-30066, is designed to identify changes in files during pull requests or commits. However, its compromise poses a significant risk to users by allowing unauthorized access to […]

The post CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant development, the China-aligned advanced persistent threat (APT) group known as MirrorFace has been observed employing sophisticated tactics to enhance the stealthiness of its attacks. Recently, MirrorFace modified the execution of AsyncRAT, a publicly available remote access trojan (RAT), to run it inside Windows Sandbox, thereby evading detection by security controls. This approach […]

The post MirrorFace Hackers Modify AsyncRAT Execution for Stealthy Deployment in Windows Sandbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have discovered that multiple state-sponsored threat actors have been exploiting an eight-year-old vulnerability in Windows shortcut files. This security flaw, identified as ZDI-CAN-25373, allows malicious actors to embed hidden commands within .lnk files, which can execute when opened, potentially compromising sensitive data and systems. The vulnerability in question exploits how Windows displays shortcut […]

The post 11 State-Sponsored Threat Actors Exploit 8-Year-Old Windows Shortcut Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyberattack has been uncovered, targeting booking websites to spread the LummaStealer malware. This campaign leverages fake CAPTCHA prompts and social engineering techniques to deceive users into executing malicious commands on their systems. LummaStealer, an info-stealer malware operating under a Malware-as-a-Service (MaaS) model, has been gaining attention for its versatility and global reach. Infection […]

The post Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability affecting Synology’s DiskStation Manager (DSM) has been disclosed, allowing remote attackers to execute arbitrary code on vulnerable systems. This severe issue, identified as CVE-2024-10441, has been reported in multiple DSM versions, including DSM 6.2, 7.1, 7.2, and 7.2.1, as well as Synology Unified Controller (DSMUC) version 3.1. The vulnerability is classified as […]

The post Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability in Windows File Explorer has been discovered, allowing attackers to capture NTLM hashes and potentially exploit them for network spoofing attacks. The vulnerability, identified as CVE-2025-24071, involves the automatic processing of specially crafted .library-ms files within compressed archives like RAR or ZIP. When these files, containing paths to attacker-controlled SMB servers, are extracted, Windows […]

The post Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) issued a critical security warning regarding a severe vulnerability in Fortinet’s FortiOS and FortiProxy systems. Specifically, CVE-2025-24472, an authentication bypass vulnerability, poses a significant threat as it allows remote attackers to gain super-admin privileges through carefully crafted CSF proxy requests. This exploit is classified under Common Weakness Enumeration […]

The post CISA Issues Security Warning on Fortinet FortiOS Authentication Bypass Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign is currently targeting cryptocurrency investors with fraudulent emails claiming to be from Coinbase. The scam attempts to trick users into transferring their funds to wallets controlled by attackers through a deceptive “mandatory wallet migration” scheme. How the Scam Works The phishing emails, with the subject line “Migrate to Coinbase wallet,” falsely […]

The post Fake Coinbase Migration Messages Target Users to Steal Wallet Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the Internet of Things (IoT). These attacks exploit information leakages through physical parameters such as EM radiation, which is emitted by all powered electronic devices due to internal current flows. Unlike traditional power analysis attacks, EM […]

The post Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A novel defense strategy, MirrorGuard, has been proposed to enhance the security of large language models (LLMs) against jailbreak attacks. This approach introduces a dynamic and adaptive method to detect and mitigate malicious inputs by leveraging the concept of “mirrors.” Mirrors are dynamically generated prompts that mirror the syntactic structure of the input while ensuring […]

The post MirrorGuard: Adaptive Defense Mechanism Against Jailbreak Attacks for Secure Deployments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent variant of the ClearFake malware framework has been identified, leveraging fake reCAPTCHA and Cloudflare Turnstile verifications to deceive users into executing malicious PowerShell code. This evolution marks a significant shift in how ClearFake exploits Web3 capabilities to deliver malware through compromised websites. Technical Analysis of the New Variant ClearFake, first detected in July […]

The post New ClearFake Variant Uses Fake reCAPTCHA to Deploy Malicious PowerShell Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent threat intelligence report highlights the emergence of a sophisticated cyberattack technique known as Browser-in-the-Middle (BitM), which allows hackers to hijack user sessions across various web applications in a matter of seconds. This method exploits the inherent functionalities of web browsers to deceive victims into believing they are interacting with a secure connection, while […]

The post New BitM Attack Enables Hackers to Hijack User Sessions in Seconds appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.