GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Malicious packages on popular registries are abusing Discord webhooks to exfiltrate sensitive files and host telemetry, bypassing traditional C2 infrastructure and blending into legitimate HTTPS traffic. Discord webhooks are simple HTTPS URLs that accept POST requests; they require no credentials beyond possession of the URL, and traffic appears as innocent JSON over port 443. Socket’s […]

The post Discord Weaponized as C2 Server Across Popular Open-Source Package Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. Rated Medium severity with a 5.3 CVSS 3.1 score, the flaw stems from a NULL pointer dereference that triggers memory corruption and process termination. Affected versions include all supported releases […]

The post SAP NetWeaver Memory Corruption Flaw Lets Attackers Send Corrupted Logon Tickets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem—not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for malicious JavaScript. By seeding over 175 throwaway npm packages, attackers have turned a trusted open source delivery network into a large-scale phishing […]

The post Malicious NPM Packages Used in Sophisticated Developer Cyberattack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participating in faux “gift” surveys, and even falling victim to cryptocurrency scams. Security researchers note that these deceptive domains are already ensnaring […]

The post Hackers Mimic as OpenAI and Sora Services to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Luxembourg, October 14th, 2025, CyberNewsWire Surge in scale and sophistication highlights rising threats to tech and digital infrastructure Gcore, the global edge AI, cloud, network, and security solutions provider, has successfully mitigated one of the largest DDoS attacks recorded to date. The large-scale, multi-regional DDoS attack reached a peak bandwidth of 6 Tbps (terabits per […]

The post Gcore Mitigates Record-Breaking 6 Tbps DDoS Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SimonMed Imaging has confirmed that an external hacking incident compromised the personal data of 1,275,669 patients, making it one of the largest healthcare breaches of the year. The breach, which occurred on January 21, 2025, but was not discovered until January 28, exposed names and other personal identifiers. Written notifications were sent to affected individuals […]

The post SimonMed Data Breach Exposes Sensitive Information of 1.2 Million Patients appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a sprawling network of covert remote labor, more than 10,000 North Korean IT professionals have infiltrated global technology and freelance marketplaces by exploiting VPNs, virtual private servers (VPS), and so-called “laptop farms” to conceal their true origins. State-backed cyber units employ these operatives to generate revenue for sanctioned weapons programs and gather intelligence across […]

The post North Korean IT Workers Use VPNs and Laptop Farms to Evade Identity Verification appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new proof-of-concept (PoC) exploit has been published for a critical flaw in the widely used sudo utility. This vulnerability enables any local user to escape a chroot jail and execute commands with root privileges. Organizations relying on sudo are urged to audit and update their installations immediately. Chroot Escape Enables Root Access The flaw resides in sudo’s handling of […]

The post PoC Released for Sudo chroot Flaw Allowing Local Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent surge in threat actors leveraging remote management and monitoring (RMM) tools for initial access has intensified scrutiny of platforms once reserved for legitimate IT administration. While AnyDesk has waned in popularity among adversaries due to improved detection, ConnectWise ScreenConnect has emerged as a preferred option for stealthy intrusion, persistence, and lateral movement. This […]

The post Threat Actors Exploit ScreenConnect to Gain Unauthorized Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ivanti has disclosed 13 vulnerabilities in Ivanti Endpoint Manager (EPM), including two high-severity issues that could enable privilege escalation and remote code execution, and eleven medium-severity SQL injection flaws. While there is no evidence of in-the-wild exploitation, Ivanti urges customers to move to the latest supported release and apply recommended mitigations as patches are still […]

The post Ivanti Patches 13 Endpoint Manager Flaws Allowing Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol (RDP) access to becoming one of the most active underground hubs for information-stealing malware logs. Stolen user credentials are traded daily, and each compromised login represents a potential gateway into corporate systems. Threat actors routinely purchase credentials to launch credential-based attacks that […]

The post Russian Cybercrime Marketplace Shifting from RDP Access to Malware Stealer Log Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposé delves into the tactics, infrastructure, and impact of this alarming […]

The post Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In September, a nascent pro-Russian hacktivist group known as TwoNet staged its first operational technology and industrial control systems (OT/ICS) intrusion against our water treatment utility honeypot. By exploiting default credentials and SQL-based schema extraction, the adversary ultimately created backdoor accounts and defaced the human-machine interface (HMI), demonstrating a concerning pivot from pure DDoS to […]

The post Pro-Russian Hacktivist Targets OT/ICS Systems to Harvest Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Axis Communications, a leading provider of network video and surveillance solutions, has confirmed a critical vulnerability in its Autodesk® Revit® plugin that exposed Azure Storage Account credentials within signed DLLs. Discovered in July 2024 by Trend Micro’s Zero Day Initiative™ (ZDI), the vulnerability allowed attackers to access and manipulate cloud assets belonging to Axis and […]

The post Axis Communications Vulnerability Exposes Azure Storage Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

EDR-Freeze is a proof-of-concept tool that forces endpoint detection and response (EDR) or antivirus processes into a temporary “coma.” Instead of installing a vulnerable driver, it leverages legitimate Windows Error Reporting components, specifically WerFaultSecure.exe and the MiniDumpWriteDump API to pause security processes from user mode. By racing threads at just the right moment, EDR-Freeze suspends all […]

The post EDR-Freeze: Technical Mechanics and Forensic Artifacts Exposed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft Edge has identified and mitigated a critical threat exploiting its Internet Explorer (IE) compatibility mode, closing off high-risk entry points and reinforcing security for both individual and enterprise users. Although the web has largely embraced modern standards, many enterprise and government applications continue to rely on legacy technologies such as ActiveX controls and Flash. […]

The post Hackers Exploit Microsoft Edge’s Internet Explorer Mode to Compromise User Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean threat actors have escalated their Contagious Interview campaign, deploying 338 malicious npm packages with over 50,000 downloads to target cryptocurrency and blockchain developers through sophisticated social engineering tactics. The state-sponsored operation represents a significant evolution in supply chain attacks, utilizing more than 180 fake personas and a dozen command and control endpoints to […]

The post North Korean Hackers Target Developers with 338 Malicious Software Packages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has successfully addressed one of Windows 11’s most frustrating issues with its latest preview builds, finally fixing the notorious “update and shut down” glitch that has plagued users since the operating system’s 2021 launch. This persistent bug tricked countless users into believing their computers were powering down when updates were pending, only to discover […]

The post Microsoft Finally Resolves Persistent Windows 11 ‘Update and Shut Down’ Glitch appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been discovered in Happy DOM, a popular JavaScript library used for server-side rendering and testing frameworks. The flaw, tracked as CVE-2025-61927, enables attackers to escape the virtual machine context and execute arbitrary code on affected systems, potentially compromising millions of applications worldwide. Critical VM Context Escape Vulnerability Happy DOM versions 19 […]

The post Happy DOM Flaw Allows Remote Code Execution Affecting 2.7 Million Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a sophisticated new campaign targeting WhatsApp users in Brazil with self-propagating malware designed to steal banking credentials and cryptocurrency exchange login information. The attack, first detected on September 29, 2025, represents a dangerous evolution in social engineering tactics that exploits users’ trust in familiar contacts to spread malicious payloads across messaging […]

The post WhatsApp Worm Targets Users with Banking Malware, Steals Login Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.