Aggregator

You must login to view this content

Ransomware continues to be the major threat to large and medium-sized businesses, with numerous ransomware gangs abusing AI for automation, according to Acronis. Ransomware gangs maintain pressure on victims From January to June 2025, the number of publicly reported ransomware victims jumped 70% compared to the same period in both 2023 and 2024. February stood out as the worst month, with 955 reported cases. Cl0p alone was responsible for 335 of those cases, a 300% … More →

The post AI gives ransomware gangs a deadly upgrade appeared first on Help Net Security.

A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side Request Forgery (SSRF) attack. The flaw, designated CVE-2025-9074, was patched in Docker Desktop version 4.44.3 released in August 2025. CVE Details CVE ID CVE-2025-9074 CVSS Score Critical (Estimated 9.0+) Affected […]

The post Windows Docker Desktop Vulnerability Allows Full Host Compromise appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been discovered in the widely-used sha.js npm package, exposing millions of applications to sophisticated hash manipulation attacks that could compromise cryptographic operations and enable unauthorized access to sensitive systems. The vulnerability, designated CVE-2025-9288, affects all versions up to 2.4.11 of the library, which has accumulated over 14 million downloads across […]

The post 14 Million-Download SHA JavaScript Library Exposes Users to Hash Manipulation Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only about one in four cybersecurity teams are effective at collaborating with the broader business (Source: LevelBlue) A new LevelBlue report shows how this problem is growing worldwide. Forty-one percent of organizations say they are experiencing more cyberattacks than a year ago, rising to 49% in Asia-Pacific. Employees are struggling to … More →

The post The new battleground for CISOs is human behavior appeared first on Help Net Security.

Cybersecurity researchers have uncovered a sophisticated HTTP request smuggling attack that exploits inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This newly discovered technique leverages malformed chunk extensions to bypass security controls and inject unauthorized requests into web applications, representing a significant evolution in HTTP smuggling methodologies. The attack technique was identified […]

The post New HTTP Smuggling Technique Allows Hackers to Inject Malicious Requests appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.