Aggregator

Threat actors operating under the control of North Korea’s regime have demonstrated continued technical sophistication by introducing advanced malware toolsets designed to establish persistent backdoor access and remote control over compromised systems. Recent findings have revealed that Kimsuky, known for orchestrating espionage campaigns, deployed HttpTroy, while the Lazarus APT group introduced an enhanced variant of […]

The post Kimsuky and Lazarus Hacker Groups Unveil New Tools That Enable Backdoor and Remote Access appeared first on Cyber Security News.

Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932, affects the AS2 module and allows attackers to consume system resources without proper restrictions. Attribute Details CVE ID CVE-2025-10932 Vulnerability Type Uncontrolled Resource Consumption (CWE-400) Affected Component Progress MOVEit Transfer […]

The post Progress Releases Patch for MOVEit Transfer Resource Consumption Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign is the exploitation of the Windows shortcut (LNK) UI misrepresentation vulnerability—ZDI-CAN-25373, first disclosed in March 2025—paired with tailored social engineering schemes mimicking authentic diplomatic conferences. UNC6384, previously documented by Google’s […]

The post Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have unveiled a sophisticated Linux rootkit capable of bypassing Elastic Security’s advanced detection mechanisms, demonstrating critical vulnerabilities in endpoint detection and response solutions. The Singularity rootkit employs multiple obfuscation and evasion techniques to defeat static signature analysis and behavioral monitoring systems that typically identify malicious kernel modules. Elastic Security’s endpoint detection framework typically […]

The post Researchers Develop Linux Rootkit That Evades Elastic EDR Protections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Sophisticated threat actors have orchestrated a coordinated multilingual phishing campaign targeting financial and government organizations across East and Southeast Asia. The campaign leverages carefully crafted ZIP file lures combined with region-specific web templates to deceive users into downloading staged malware droppers. Recent analysis reveals three interconnected clusters spanning Traditional Chinese, English, and Japanese-language variants, each […]

The post Threat Actors Using Multilingual ZIP File to Attack Financial and Government Organizations appeared first on Cyber Security News.

You must login to view this content

ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices. The new solution is a perfect fit for organizations that have more than ten web applications residing in various on-premise and cloud environments or being maintained by different teams. With ImmuniWeb Continuous, organizations can now implement an enterprise-wide and uninterrupted security testing, detection and prioritization of vulnerabilities and weaknesses in … More →

The post ImmuniWeb Continuous now enables always-on, AI-powered security testing appeared first on Help Net Security.

AzureHound, an open-source data collection tool designed for legitimate penetration testing and security research, has become a favored weapon in the hands of sophisticated threat actors. The tool, which is part of the BloodHound suite, was originally created to help security professionals and red teams identify and fix cloud vulnerabilities. However, malicious actors have increasingly […]

The post AzureHound Penetration Testing Tool Weaponized by Threat Actors to Enumerate Azure and Entra ID appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware Aria Operations. Tracked as CVE-2025-41244, this 0-day flaw poses significant risk to organizations managing virtualized infrastructure, potentially allowing attackers to gain root-level access to compromised systems. CVE ID Vendor Affected […]

The post CISA Alerts on Active Exploitation of VMware Tools and Aria Operations 0-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.