Aggregator
ATT&CK实践进入深水区 ---不要再迷信ATT&CK覆盖率
DeepSeek-V3 вышла в топ языковых моделей по редактированию кода
A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems
A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation of genuine identity documents and images. Attackers utilize these resources to develop and sell techniques for bypassing identity verification systems, presenting a significant database and evolving threats to businesses and individuals alike. Researchers have identified […]
The post A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Adobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary files
Adobe has issued a critical security update for ColdFusion versions 2023 and 2021 to address a major vulnerability that could lead to an arbitrary file system read. The identified vulnerability, CVE-2024-53961, has a known proof-of-concept exploit, making the updates crucial for users. This release underscores Adobe’s commitment to ensuring the security and integrity of its […]
The post Adobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2012-1001 | Chyrp up to 2.1.1/2.5 Beta 1 includes/ajax.php content/body cross site scripting (EDB-36874 / BID-52115)
Beware of New Malicious PyPI packages That Steals Login Details
Two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advanced malware techniques. These findings underscore the critical importance of robust cybersecurity measures to protect against such sophisticated threats. Malicious […]
The post Beware of New Malicious PyPI packages That Steals Login Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
中国将蝉联全球最大汽车出口国
Brazilian Hacker Arrested Hacking Computers & Selling Data
A Brazilian man, Junior Barros De Oliveira, has been charged with multiple counts of cybercrime and extortion for hacking into the computer systems of a Brazilian subsidiary of a New Jersey-based company and attempting to extort millions in Bitcoin. The indictment, unsealed in Newark federal court on December 23, 2024, accuses De Oliveira of accessing […]
The post Brazilian Hacker Arrested Hacking Computers & Selling Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
McDonald’s Delivery App Bug Let Customers Orders For Just $0.01
McDonald’s India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald’s food for delivery, dine-in, and takeout. The app is popular, with over 10 million downloads on Google Play and #16 in Food & Drink on the Apple App Store and offers various options to choose from […]
The post McDonald’s Delivery App Bug Let Customers Orders For Just $0.01 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-1999-0988 | SCO UnixWare up to 7.1.16 pkgtrans symlink (EDB-19661)
CVE-2002-0770 | Id Software Quake 2i Server 3.20/3.21 Macro $ privileges management (VU#970915 / EDB-21450)
North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024
Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches reported, which marks the fifth year exceeding $1 billion in stolen funds, demonstrating a concerning correlation between crypto market growth and the scale of cyberattacks. Crypto hacking activity experienced a significant surge in the first half of 2024, reaching $1.58 billion […]
The post North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.