GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The cybersecurity landscape has changed dramatically in recent years, largely due to the introduction of comprehensive data protection regulations across the globe. Chief Information Security Officers (CISOs) now find themselves at the intersection of technical security, regulatory compliance, and organizational risk management. Their responsibilities have expanded far beyond traditional security operations, requiring them to interpret […]

The post Compliance And Governance: What Every CISO Needs To Know About Data Protection Regulations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In the ever-evolving world of cybersecurity, organizations must continuously adapt their defense strategies to stay ahead of increasingly sophisticated threats. One of the most effective ways to identify and mitigate vulnerabilities is through penetration testing, a proactive approach that simulates real-world attacks to uncover weaknesses before malicious actors can exploit them. However, the effectiveness of […]

The post XDR, MDR, And EDR: Enhancing Your Penetration Testing Process With Advanced Threat Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Developing a strong security culture is one of the most critical responsibilities for today’s CISOs (Chief Information Security Officers) and CSOs (Chief Security Officers). As cyber threats become more sophisticated and pervasive, technical defenses alone are insufficient. A resilient security posture results from embedding security awareness, responsibility, and proactive behavior into every organizational layer. This […]

The post How to Develop a Strong Security Culture – Advice for CISOs and CSOs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Secureworks Counter Threat Unit (CTU) researchers have uncovered innovative strategies deployed by the DragonForce and Anubis ransomware operators in 2025. These groups are adapting to law enforcement pressures with novel affiliate models designed to maximize profits and expand their reach, showcasing the resilience and ingenuity of modern cybercriminals in underground forums. DragonForce Pioneers a Distributed […]

The post DragonForce and Anubis Ransomware Gangs Launch New Affiliate Programs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Silent Push Threat Analysts have uncovered a widespread phishing and scam operation dubbed “Power Parasites,” targeting prominent energy companies and major global brands across multiple sectors in 2024. This campaign, active primarily in Asian countries such as Bangladesh, Nepal, and India, leverages a sophisticated network of deceptive websites, social media platforms, and Telegram channels to […]

The post “Power Parasites” Phishing Campaign Targets Energy Firms and Major Brands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers from Unit 42 have uncovered a massive wave of SMS phishing, or “smishing,” activity targeting unsuspecting users. Since the FBI’s initial warning in April 2024, over 91,500 root domains associated with smishing have been identified and blocked. However, the momentum of this malicious activity has intensified in 2025, with a staggering peak of 26,328 […]

The post Threat Actors Register Over 26,000 Domains Imitating Brands to Deceive Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Dutch Defense Ministry has revealed that critical infrastructure, democratic processes, and North Sea installations in the Netherlands have become focal points for Russian cyber operations. These attacks, identified as part of a coordinated strategy to destabilize social cohesion and compromise national security across Europe, underscore a growing digital threat landscape. A specific incident in […]

The post Russian Hackers Attempt to Sabotage Digital Control Systems of Dutch Public Service appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Silent Push Threat Analysts have uncovered a chilling new cyberattack campaign orchestrated by the North Korean Advanced Persistent Threat (APT) group known as Contagious Interview, also referred to as Famous Chollima, a subgroup of the notorious Lazarus group. This state-sponsored entity has been implicated in numerous sophisticated cyber-espionage efforts targeting global industries, with a particular […]

The post North Korean APT Hackers Pose as Companies to Spread Malware to Job Seekers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A groundbreaking report from Okta Threat Intelligence reveals how operatives linked to the Democratic People’s Republic of Korea (DPRK), often referred to as North Korean hackers, are leveraging Generative Artificial Intelligence (GenAI) to infiltrate remote technical roles across the globe. These sophisticated campaigns, dubbed “DPRK IT Workers” or “Wagemole” operations, utilize advanced AI tools to […]

The post North Korean Hackers Exploit GenAI to Land Remote Jobs Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Thailand is experiencing a significant escalation in ransomware attacks, with both state-sponsored advanced persistent threat (APT) groups and cybercriminal organizations zeroing in on key industries across the country. The surge is underpinned by Thailand’s position as a burgeoning financial hub in Southeast Asia, its strategic geopolitical alliances, rapid digital transformation, and its critical role in […]

The post Threat Actors Target Organizations in Thailand with Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A concerning large-scale phishing campaign targeting WooCommerce users has been uncovered by the Patchstack securpity team, employing a highly sophisticated email and web-based phishing template to deceive website owners. The attackers behind this operation warn users of a fabricated “Unauthenticated Administrative Access” vulnerability in their WooCommerce installations, urging them to download a supposed patch from […]

The post WooCommerce Users Targeted by Fake Security Vulnerability Alerts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Whether you operate a small business or run a large enterprise, you rely on third-party suppliers, merchants or software providers. They are fundamental to your operations, but they can pose security risks. The better you understand how that happens, the less likely you are to experience a breach. With the best third-party risk management software, […]

The post 7 Best Third-Party Risk Management Software in 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have revealed that two critical use-after-free (UAF) vulnerabilities in Google Chrome’s Browser process were actively exploited in the wild, exposing users to potential sandbox escapes and arbitrary code execution. However, Google’s deployment of the MiraclePtr defense mechanism ensures these flaws are no longer exploitable, marking a significant milestone in browser security. Technical Analysis […]

The post Chrome UAF Process Vulnerabilities Actively Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to deploy malicious tools like Ammyy Admin and PetitPotato malware. Cybersecurity researchers have observed attackers exploiting vulnerabilities in these servers to gain unauthorized access, execute commands for reconnaissance, and install malware that facilitates remote access and privilege escalation. This emerging threat underscores […]

The post Hackers Exploit MS-SQL Servers to Deploy Ammyy Admin for Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Zscaler ThreatLabz 2025 Phishing Report unveils the alarming sophistication of modern phishing attacks, driven by generative AI (GenAI). By examining over 2 billion blocked phishing transactions on the Zscaler Zero Trust Exchange™ cloud security platform from January to December 2024, the report highlights a seismic shift in cybercriminal tactics. Cybercriminals Leverage GenAI for Hyper-Targeted […]

The post New Report Reveals How AI is Rapidly Enhancing Phishing Attack Precision appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

VulnCheck’s latest report for Q1 2025 has identified 159 Common Vulnerabilities and Exposures (CVEs) publicly disclosed as exploited in the wild for the first time. Alarmingly, 28.3% of these Known Exploited Vulnerabilities (KEVs) saw evidence of exploitation within just one day of their CVE disclosure, underscoring the lightning-fast pace at which threat actors capitalize on […]

The post 159 CVEs Exploited in the Wild in Q1 2025, 8.3% Targeted Within 1-Day Vulnerabilities Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A hacker collective known as R00TK1T claims to have breached TikTok’s user database, allegedly leaking login information for over 900,000 users. The group, which has previously made waves in the hacking community with bold claims—often with little substantiated evidence—has taken to underground forums to boast about their latest exploit. Alleged Account Deletions and Data Leak […]

The post Hackers Claim TikTok Breach, Leak Over 900,000 Usernames and Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Federal Bureau of Investigation (FBI), in partnership with the U.S. Department of State, has announced a reward of up to $10 million for information leading to the identification or location of individuals connected to the recent “Salt Typhoon” cyberattacks. The campaign, which is believed to be linked to actors affiliated with the People’s Republic […]

The post FBI Offers $10 Million Reward for information on Salt Typhoon Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly identified security vulnerability, CVE-2025-22234, has exposed a critical weakness in the widely-used Spring Security framework. According to the HeroDevs report, affecting several versions of the spring-security-crypto package, this flaw makes it possible for attackers to discern valid usernames through observable differences in login response times—an avenue for so-called “timing attacks.” Spring Security is […]

The post Spring Security Vulnerability Exposes Valid Usernames to Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Trend Research has uncovered a sophisticated network of cybercrime operations linked to North Korea, heavily utilizing Russian internet infrastructure. Specifically, IP address ranges in the towns of Khasan and Khabarovsk, Russia, assigned to organizations under TransTelecom (ASN AS20485), are pivotal in these activities. Khasan, just a mile from the North Korea-Russia border and connected via […]

The post Russian VPS Servers With RDP and Proxy Servers Enable North Korean Cybercrime Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.