Aggregator

The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the ransomware-as-a-service (RaaS) operation has emerged as one of the most active ransomware groups, accounting for

Amid the declining effectiveness of traditional malware delivery channels, cybercriminals are increasingly turning to platforms never intended for

The post YouTube Ghost Network: 3,000 Fake Videos Used to Spread Malware appeared first on Penetration Testing Tools.

The South Korean government has announced a sweeping inspection of 1,600 IT systems across the sectors of public

The post South Korea Orders Massive Security Audit of 1,600 Critical IT Systems appeared first on Penetration Testing Tools.

Банковские карты, токены и даже веб-камера — теперь под прицелом «плохих парней».

The U.S. Department of Justice has charged 31 individuals, including alleged members of organized crime and former NBA

The post NBA Players Linked to $7M Poker Scam Exploiting Hacked Card Shufflers appeared first on Penetration Testing Tools.

或许 AI 时代的产品，需要：1. 用 AI 解决问题。2. 有人味。

Hackers exploited old RCE flaws in WordPress GutenKit and Hunk Companion plugins. Wordfence firm blocked 8.7M attacks in two days. In September and October 2024, submissions revealed Arbitrary Plugin Installation vulnerabilities in GutenKit and Hunk Companion WordPress plugins, with 40,000 and 8,000+ installs, respectively. These flaws allow unauthenticated attackers to install plugins and achieve RCE. […]

In the latter half of 2025, the Qilin ransomware group has solidified its standing as a formidable threat, continuing to post details of more than 40 victims per month on its public leak site. This rapid, relentless campaign—primarily impacting manufacturing, professional and scientific services, and wholesale trade—has propelled Qilin among the world’s most impactful ransomware […]

The post Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious cybercrime forum BreachForums has resurfaced online, this time on a clearnet domain accessible without specialized tools like Tor. The platform, long a hub for data leaks, hacking tools, and illicit trades, went dark earlier this year following a series of law enforcement takedowns and internal disruptions. Now, just months later, it’s operational again, […]

The post Infamous Cybercriminal Forum BreachForums Is Back Again With a New Clear Net Domain appeared first on Cyber Security News.

80% ключевых компонентов для ядерного арсенала США производили здесь.

A vulnerability was found in MongoDB BI Connector ODBC driver up to 1.4.6. It has been declared as critical. The affected element is an unknown function. Such manipulation leads to incorrect default permissions. This vulnerability is referenced as CVE-2025-12100. The attack can only be performed from a local environment. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in HashiCorp Vault and Vault Enterprise up to 1.20.x. This issue affects some unknown processing of the component JSON Handler. Such manipulation leads to allocation of resources. This vulnerability is documented as CVE-2025-12044. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability, which was classified as critical, has been found in HashiCorp Vault and Vault Enterprise up to 1.20.x. This impacts an unknown function of the component AWS Auth Method. This manipulation causes authentication bypass using alternate channel. This vulnerability is handled as CVE-2025-11621. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

主要通过赌博网站传播的寰宇浏览器（Universe Browser）号称是“全网权威安全认证，值得信赖的浏览器”，安全公司 Infoblox 发现该浏览器会将流量理由经过中国境内的服务器，会秘密安装多个在后台静默运行的程序，它们的功能类似恶意程序，包括键盘记录、秘密连接和更改设备网络连接。研究人员表示，寰宇浏览器与赌博网站 BBIN（aka 寶盈集團）相关，研究人员将该组织命名为 Vault Viper，他们是在研究柬埔寨一赌场的系统时发现了 Vault Viper 相关的独特 DNS 指纹。研究人员逆向工程了寰宇浏览器，发现了很多类似恶意软件的功能，它还会试图逃避杀毒软件的检测。在浏览器启动时，它会立即检查用户的位置、语言以及是否在虚拟机中运行。它安装了两个扩展：其中一个允许上传屏幕截图。Infoblox 认为寰宇浏览器是识别富有玩家并获取其设备访问权限的完美工具。

Операция Cronos оказалась лишь временной паузой для хакеров.

Dell Technologies has disclosed three critical vulnerabilities in its Storage Manager software that could allow attackers to bypass authentication, disclose sensitive information, and gain unauthorized access to systems. Announced on October 24, 2025, these flaws affect versions of Dell Storage Manager up to 20.1.21 and pose significant risks to organizations relying on the tool for […]

The post Critical Dell Storage Manager Vulnerabilities Let Attackers Compromise System appeared first on Cyber Security News.

最新研究显示，80% 的企业缺乏对 API 的持续实时监控，这意味着它们针对 AI 智能体的攻击“视而不见”。

强势围观

👍 👍 👍