Aggregator

The Gootloader malware family employs sophisticated social engineering tactics to infiltrate computers. By leveraging compromised legitimate WordPress websites, Gootloader’s operators manipulate Google search results to redirect users to a deceptive online message board. They link the malware to a simulated conversation featuring fictitious users, effectively answering the exact queries victims input into search engines. Investigate […]

The post Gootloader Malware Employs Blackhat SEO Techniques To Attack Victims appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant security vulnerability, designated CVE-2025-21613, has been discovered in the go-git library, used for Git version control in pure Go applications. This issue affects all versions before 5.13.0 and is characterized by an argument injection vulnerability, enabling potential attackers to modify git-upload-pack flags when utilizing the file transport protocol. This protocol is particularly vulnerable […]

The post Critical SUSE Linux Distro Injection Vulnerability Allow Attackers Exploits “go-git” Library appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

После OpenText Россия закрыла доступ еще одной IT-компании.

A critical vulnerability in Windows BitLocker, identified as CVE-2025-212

Глобальная инфраструктура компании работает в режиме повышенной готовности.

主站 分类 漏洞 工具 极客

Colm O hEigeartaigh announced a critical vulnerability affecting various versions of Apache CXF, a widely-used framework for building web services. This issue, documented as CVE-2025-23184, poses a significant risk as it can lead to a Denial of Service (DoS) attack due to improper handling of temporary files. The vulnerability has been confirmed in specific versions […]

The post Apache CXF Vulnerability Triggers DoS Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

关键词恶意软件据Cyber Security News消息，Cyfirma 的网络安全研究人员最近发现了一个针对南亚用户，尤其是印度克什米尔地区用户的复杂 Android 恶意软件活动，通过伪装成一款

关键词网络安全最近的B站可以说是处于多事之秋，前面才有员工自曝操纵直播间抽奖概率，这几天又被曝出员工滥用职权，加载恶意代码攻击用户。这不仅暴露了B站在内部管理和技术安全方面的漏洞，也引发了大众对用户信

关键词安全漏洞开放 Web 应用程序安全项目 (OWASP) 发布了备受期待的 2025 年智能合约十大漏洞，这是一份全面的认识文件，旨在让 Web3 开发人员和安全团队掌握对抗智能合约中最关键漏洞的

关键词安全漏洞卡巴斯基披露了在梅赛德斯—奔驰信息娱乐系统中发现的十多个漏洞的细节，但这家汽车制造商向客户保证，这些安全漏洞已经得到修复，且不易被利用。上周，俄罗斯网络安全公司卡巴斯基发布了一篇博客文章