GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

A leaked internal memo dated April 15, 2025, has sent shockwaves through the cybersecurity community, revealing that MITRE’s contract to operate the Common Vulnerabilities and Exposures (CVE) program is set to expire today, April 16, 2025. The letter, reportedly obtained from a reliable source and addressed to CVE Board Members, is signed by Yosry Barsoum, […]

The post MITRE Ends CVE Program Support – Leaked Internal Memo Confirms Departure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft Teams users across the globe are experiencing significant disruptions in file-sharing capabilities due to an unexpected outage, impacting workplace communication and collaboration. A wave of reports began surfacing from organizations and individuals unable to share files within Microsoft Teams—the popular collaboration platform used by businesses, schools, and organizations worldwide. Users attempting to send or […]

The post Microsoft Teams File Sharing Unavailable Due to Unexpected Outage appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cloud computing has transformed the way organizations operate, offering unprecedented scalability, flexibility, and cost savings. However, this rapid shift to the cloud has also introduced new security challenges, with misconfigurations emerging as one of the most significant and persistent threats. Cloud misconfigurations occur when cloud resources are set up with incorrect or suboptimal security settings, […]

The post Cloud Misconfigurations – A Leading Cause of Data Breaches appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security awareness has become a critical component of organizational defense strategies, particularly as companies adopt zero-trust architectures. Chief Information Security Officers (CISOs) are increasingly challenged to demonstrate the effectiveness of security awareness programs through meaningful metrics that resonate with leadership. With human error contributing to approximately 95% of data breaches, quantifying the impact of security […]

The post Security Awareness Metrics That Matter to the CISO appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have unveiled a new malware process injection technique dubbed “Waiting Thread Hijacking” (WTH), designed to execute malicious code within legitimate processes while bypassing many modern security defenses. Developed by Check Point Research, WTH represents an evolution of classic Thread Execution Hijacking, achieving stealth by avoiding notoriously suspicious API calls. Process injection techniques are […]

The post New ‘Waiting Thread Hijacking’ Malware Technique Evades Modern Security Measures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The global regulatory landscape for cybersecurity is undergoing a seismic shift, with the European Union’s NIS2 Directive emerging as a critical framework for organizations operating within its jurisdiction. While ISO 27001 has long been the gold standard for information security management, the mandatory nature of NIS2 introduces new complexities for leaders navigating compliance across borders. […]

The post From ISO to NIS2 – Mapping Compliance Requirements Globally appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated new malware suite targeting macOS, dubbed “PasivRobber,” has been discovered by security researchers. Identified on March 13, 2025, after a suspicious file named “wsus” was uploaded to VirusTotal, PasivRobber is a multi-component threat designed to steal a wide range of data from infected systems and popular applications. The malware exhibits a deep understanding […]

The post PasivRobber Malware Emerges, Targeting macOS to Steal Data From Systems and Apps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers are analyzing a sophisticated malware delivery mechanism that uses a JScript loader to deploy different payloads based on the victim’s geographic location. This loader initiates a complex chain involving obfuscated PowerShell scripts, ultimately executing potent malware like the XWorm Remote Access Trojan (RAT) or the Rhadamanthys information stealer. The attack often begins via […]

The post Unmasking Xworm Payload Execution Path through Jailbreaking a Malicious JScript Loader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

OpenAI’s ChatGPT image generator has been exploited to create convincing fake passports in mere minutes, highlighting a significant vulnerability in current identity verification systems. This revelation comes from the 2025 Cato CTRL Threat Report, which underscores the democratization of cybercrime through the advent of generative AI (GenAI) tools like ChatGPT. Historically, the creation of fake […]

The post ChatGPT Image Generator Abused for Fake Passport Production appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals have launched a sophisticated campaign targeting websites hosted on Amazon Web Services (AWS) EC2 instances. This campaign, observed in March 2025, exploits a vulnerability in EC2 Instance Metadata through Server-Side Request Forgery (SSRF), allowing attackers to access sensitive information and potentially escalate their attacks. The Exploitation Technique The attackers are leveraging a combination of […]

The post Cybercriminals Exploit EC2 Instance Metadata Vulnerability to Launch Attacks on Hosted Websites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new and highly sophisticated ransomware campaign, dubbed “DOGE BIG BALLS Ransomware,” has recently come to light, demonstrating a blend of technical innovation and psychological manipulation. This operation stands out for its multi-stage infection chain, which begins with a seemingly innocuous ZIP file and culminates in the deployment of a customized ransomware payload, all while […]

The post DOGE ‘Big Balls’ Ransomware Utilizes ZIP-Based LNK Shortcuts and BYOVD Techniques for Stealthy Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks. According to security experts at Trend Micro, BPFDoor is a state-sponsored backdoor attributed to the advanced persistent threat (APT) group known as Earth Bluecrow (also referred to as Red Menshen). This malware […]

The post BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR), enacted in 2018, remains a cornerstone of data privacy and security. A recent safety report highlighting the rapid advancement of artificial intelligence (AI) has renewed focus on GDPR compliance, particularly Article 7, which governs consent requirements for handling personal data, including […]

The post EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The National Social Security Fund (CNSS) of Morocco has confirmed that initial checks on leaked documents circulating on social media have revealed that much of the information is false, inaccurate, or incomplete. Officials state these documents originated from a cyber attack targeting the organization’s computer systems. The CNSS has activated security protocols, launched an internal […]

The post Morocco Investigation Major Data Breach Allegedly Claimed by Algerian Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Cisco Talos have uncovered a large-scale smishing campaign targeting toll road users across the United States. The campaign, which has been active since October 2024, impersonates toll road payment services, luring unsuspecting victims into revealing their personal and financial information through fraudulent payment requests. The Scam Unveiled The smishing campaign revolves around […]

The post Smishing Campaign Hits Toll Road Users with $5 Payment Scam appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant security vulnerability has been identified in IBM Aspera Faspex 5, a popular file exchange solution. The flaw, designated as CVE-2025-3423, allows attackers to inject malicious JavaScript into the web interface, potentially compromising sensitive user data. Vulnerability Details The vulnerability is classified as a DOM-based Cross-Site Scripting (XSS) issue. It enables authenticated users to […]

The post IBM Aspera Faspex Flaw Allows Injection of Malicious JavaScript in Web UI appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a concerning report from cybersecurity firm TeamT5, it has been revealed that a Chinese Advanced Persistent Threat (APT) group leveraged critical vulnerabilities in Ivanti Connect Secure VPN appliances to launch a global cyberattack. The breach affected nearly 20 industries across 12 countries, leaving networks exposed and under persistent threat. Global Victimology The widespread attack […]

The post Chinese APT Group Targets Ivanti VPN Vulnerabilities to Breach Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

VMware has announced that ESXi 8.0 Update 3e, the latest version of its industry-leading hypervisor, is now available for download at no cost. Released on April 10, 2025, this update is packed with enhancements, critical fixes, and new features, solidifying VMware’s dominance in the virtualization space. Free Access to ESXi 8.0 Traditionally a component of VMware’s broader […]

The post VMware ESXi 8.0 Update 3e Is Now Free — Here’s What’s New appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A North Korean state-sponsored threat group known as “Slow Pisces” has been orchestrating sophisticated cyberattacks targeting developers in the cryptocurrency sector using malware-laced coding challenges. This campaign employs deceptive tactics and advanced malware techniques designed to infiltrate systems, steal critical data, and generate revenue for the Democratic People’s Republic of Korea (DPRK). Background of Slow […]

The post Slow Pisces Group Targets Developers Using Coding Challenges Laced with Python Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Department of Justice has launched a landmark initiative to block foreign adversaries—including China, Russia, and Iran—from exploiting commercial channels to access sensitive American data. The Data Security Program (DSP), enacted under Executive Order 14117, establishes stringent controls over transactions involving U.S. government-related data and bulk personal information such as genomic, financial, and geolocation […]

The post DoJ Launches Critical National Security Program to Protect Americans’ Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.