GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Threat researchers at Proofpoint are currently tracking two sophisticated and highly targeted cyber-attack campaigns that are utilizing OAuth redirection mechanisms to compromise user credentials. These attacks combine advanced brand impersonation techniques with malware proliferation, focusing on Microsoft 365-themed credential phishing designed to facilitate account takeovers (ATOs), as per a report shared in the platform, X. […]

The post New Microsoft 365 Attack Leverages OAuth Redirection for Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This achievement not only underscores the ingenuity of cybersecurity experts but also serves as a powerful message to those who rely on extorting from vulnerable businesses and individuals. The Akira ransomware, known for its complex encryption […]

The post Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent discovery by ReversingLabs researchers has unveiled a malicious cyber attack targeting the Python Package Index (PyPI) users, a popular platform for Python developers. This sophisticated campaign involves malicious packages masquerading as time-related utilities, but are designed to steal sensitive data, including valuable cloud tokens. The attack highlights the increasing vulnerability of open-source repositories […]

The post New Cyber Attack Targets PyPI Users to Steal Cloud Tokens and Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting Colombian governmental, financial, and critical infrastructure organizations. Active since 2018, this Advanced Persistent Threat group has recently expanded its arsenal with sophisticated exploit techniques and malware, demonstrating an alarming ability to adapt to evolving security measures. The threat actor has infected more than […]

The post Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As Artificial Intelligence (AI)-powered cyber threats surge, INE Security, a global leader in cybersecurity training and certification, is launching a new initiative to help organizations rethink cybersecurity training and workforce development. The company warns that AI is reshaping both the threat landscape and the skills required for cybersecurity professionals. While AI offers significant advantages in […]

The post INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been identified in Apache NiFi, a popular open-source data integration tool. The vulnerability, tracked as CVE-2025-27017, allows authorized users with read access to the system to view sensitive credentials used to connect to MongoDB databases.  This security flaw affects multiple versions of Apache NiFi, prompting urgent action from users to […]

The post Apache NiFi Vulnerability Exposes MongoDB Credentials to Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered by cybersecurity researcher Jeremiah Fowler. The database contained over 86,000 records, amounting to 108.8 GB of sensitive information. This data breach, while not attributed to intentional malice, highlights the critical need for robust cybersecurity measures in the healthcare sector. Background of […]

The post 86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has released a critical patch for a 2-year-old Windows kernel security vulnerability. This vulnerability, identified as CVE-2025-24983, allows attackers to exploit a weakness in the Windows Win32 Kernel Subsystem, leading to an elevation of privilege. The patch comes after extensive research by security experts, who first detected the exploit in the wild in March […]

The post Microsoft Finally Patches 2-Year-Old Windows Kernel Security Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have recently identified a cluster of JSPSpy web shell servers featuring an unexpected addition, Filebroser, a rebranded version of the open-source File Browser file management tool. This discovery sheds light on how attackers continue to leverage web shells for persistent access and post-compromise operations while blending into legitimate infrastructure. JSPSpy With Webshell Infrastructure […]

The post Hackers Exploiting JSPSpy To Manage Malicious Webshell Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed “KoSpy,” which appears to be the work of North Korean state-sponsored hackers. This newly discovered spyware has been active since March 2022, with the most recent samples detected in March 2024, indicating a long-running and persistent cyber espionage campaign. The malicious […]

The post North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical root certificate expires on March 14, 2025. This certificate is used to verify signed content and add-ons across various Mozilla projects, including Firefox. Failure to update to version 128 or higher (or ESR version 115.13+ […]

The post Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote code execution and man-in-the-middle attacks. The vulnerabilities, identified on March 12th, 2025, affect a product that is no longer sold or supported by the company, but the disclosure demonstrates Bitdefender’s ongoing commitment to security transparency […]

The post Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the beginning of the year, attackers have been using the popular video-sharing platform to target users by creating fake or stolen accounts. These malicious actors upload videos that appear to offer cheats, cracks, game bots, and […]

The post New DCRat Campaign Uses YouTube Videos to Target Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a sophisticated cyber espionage campaign targeting critical network infrastructure, marking a significant evolution in tactics by Chinese state-sponsored hackers. Mandiant, a leading cybersecurity firm, has discovered multiple custom backdoors deployed on Juniper Networks‘ routers, attributing the activity to a Chinese espionage group known as UNC3886. The backdoors provided attackers with persistent […]

The post Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The United States has taken significant steps to address the growing threat of Chinese cyber intrusions into U.S. government agencies and critical infrastructure. On March 5, the U.S. Department of Justice (DOJ) indicted 12 Chinese nationals and one Chinese company on charges of malicious cyber activity. This move marks an escalation in Washington’s efforts to […]

The post U.S. Accuses 12 Chinese Nationals of Hacking National Security Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CYREBRO, the AI-native Managed Detection and Response (MDR) solution, announced today that it won Silver in the category of Security Operations Center (SOC) solutions at the annual 2025 Globee Awards. The program aims to raise awareness about cybersecurity issues and honor those who have made significant contributions in protecting organizations and individuals from cyber threats. […]

The post CYREBRO’s AI-Native MDR Platform Earns Silver at the 2025 Globee Cybersecurity Awards appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aptori’s AI-Driven AppSec Platform Proactively Eliminates Vulnerabilities to Minimize Risk and Ensure Compliance. Aptori, a leader in AI-driven application security, today announced the launch of its AI-driven AppSec Platform on Google Cloud Marketplace as part of graduating from Google Cloud’s ISV Startup Springboard program. This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real […]

The post Aptori Now on Google Cloud Marketplace for AI-Powered Security and Automated Risk Remediation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cybersecurity landscape witnessed a significant development when the National Police Agency (NPA) and the National center of Incident readiness and Strategy for Cybersecurity (NISC) released a security advisory on January 8, 2025. This advisory highlighted an Advanced Persistent Threat (APT) campaign conducted by a group known as “MirrorFace,” targeting organizations in Japan. The threat […]

The post MirrorFace APT Using Custom Malware To Exploited Windows Sandbox & Visual Studio Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a significant vulnerability in the Microsoft Windows New Technology File System (NTFS). This security flaw, identified as CVE-2025-24993, involves a heap-based buffer overflow vulnerability. The vulnerability could potentially allow an unauthorized attacker to execute code locally on affected systems. Overview of the […]

The post CISA Issues Advisory on Windows NTFS Flaw Enabling Local Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a recently discovered vulnerability in Microsoft’s Windows New Technology File System (NTFS).  Identified as CVE-2025-24991, this security flaw could potentially lead to unauthorized access to sensitive data due to an out-of-bounds read vulnerability. The vulnerability, categorized under CWE-125, highlights a concerning issue […]

The post CISA Issues Security Alert on Windows NTFS Exploit Risk appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.