GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over 15 billion accounts have been passkey-enabled, with 69% […]

The post Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The SpiderLabs Threat Hunt Team recently discovered a cyber campaign in which threat actors used the genuine ScreenConnect remote management application as a weapon to spread the Xworm Remote Access Trojan (RAT) through a multi-phase infection chain. The attack begins with social engineering tactics, including phishing, malvertising, and deceptive social media posts, luring users to […]

The post Weaponized ScreenConnect RMM Tool Deceives Users into Installing Xworm RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Farmers Insurance has disclosed a data breach stemming from unauthorized access to a third-party vendor’s database, potentially compromising the personal information of approximately 1.1 million customers. The breach, detected on May 30, 2025, involved an unauthorized actor infiltrating a system managed by the vendor, which housed sensitive customer data. Farmers, encompassing Farmers Insurance Exchange, Farmers […]

The post Farmers Insurance Breach Exposes Data of 1.1 Million Customers via Salesforce Compromise appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix technique to penetrate Windows 11 and macOS systems in a sophisticated progression of social engineering attacks. Known for high-profile incidents like the 2014 Sony Pictures hack, Lazarus has shifted from intelligence theft to financial asset […]

The post Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has been actively breaching government institutions in Central Asia and the Asia-Pacific area. The group’s operations, ongoing as of July 2025, focus primarily on data exfiltration, leveraging a sophisticated blend of […]

The post ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

FreePBX administrators worldwide have been urged to immediately disable public internet access to their systems after a critical 0-day vulnerability was discovered in the commercial Endpoint Manager module. The Sangoma FreePBX Security Team confirmed that attacker-controlled exploit code can gain unauthenticated remote code execution on systems with the Administrator Control Panel exposed to hostile networks, […]

The post FreePBX Servers Hit by 0-Day Exploit, Disable Internet Access Advised appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung Sun, Chinese entity Shenyang Geumpungri Network Technology Co., Ltd. DPRK-based Korea Sinjin Trading Corporation for their involvement in a sophisticated fraudulent scheme involving information technology workers orchestrated by the Democratic […]

The post U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches that could allow attackers to trigger denial of service (DoS) attacks through crafted network packets. The vulnerability, tracked as CVE-2025-20241 and assigned a CVSS score of 7.4, affects the Intermediate System-to-Intermediate System (IS-IS) feature in Cisco NX-OS […]

The post Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-depth analysis by cybersecurity company Lares, allowing enterprises to strengthen their defenses through adversarial cooperation. Lares specializes in threat emulation, replicating real-world tactics, techniques, and procedures (TTPs) observed in cybercriminal activities. By dissecting incidents like […]

The post New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

South Korean authorities have successfully extradited a key suspect in a large-scale hacking operation that resulted in the embezzlement of over 38 billion won (approximately $28.5 million USD) from high-profile victims. The individual, identified as Mr. G, a 34-year-old Chinese national, was repatriated from Thailand to Incheon International Airport on August 22, 2025, marking the […]

The post Chinese Hacker Suspect Arrested in South Korea Over Major Financial Cyberattack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Path traversal flaws like Zip Slip, which give hackers the ability to alter file systems while decompressing, remain a serious danger in the ever-changing world of cybersecurity threats. This vulnerability, stemming from inadequate input validation in compression utilities, enables adversaries to embed malicious paths within archive files, leading to unauthorized file creation, overwriting, or execution […]

The post Critical Zip Slip Bug Enables Malicious File Manipulation on Unzip appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Huntress identified a novel ransomware variant dubbed Cephalus, deployed in two separate incidents targeting organizations lacking robust access controls. This emerging threat, which claims its name from Greek mythology symbolizing inevitable tragedy, leverages exposed Remote Desktop Protocol (RDP) endpoints as its primary initial access vector, exploiting compromised credentials without multi-factor authentication (MFA). […]

The post Cephalus Ransomware Exploits RDP for Initial Access in Latest Attack Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

NVIDIA released a security bulletin for NVIDIA® NeMo Curator addressing a high-severity vulnerability (CVE-2025-23307) that affects all prior versions of the Curator software. The flaw, rooted in improper handling of user-supplied files, allows a maliciously crafted file to be processed by NeMo Curator, leading to code injection and arbitrary code execution. Successful exploitation can result […]

The post NVIDIA NeMo AI Curator Vulnerability Allows Code Execution and Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The threat actor known as TAG-144, also referred to as Blind Eagle or APT-C-36, has been linked to five distinct activity clusters operating from May 2024 through July 2025, primarily targeting Colombian government entities at local, municipal, and federal levels. This cyber threat group, active since at least 2018, employs a sophisticated blend of cyber-espionage […]

The post TAG-144: Actors Attacking Government Entities With New Tactics, Techniques, and Procedures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a malicious Android application disguised as an official portal. This banking trojan and spyware targets pensioners and civil servants, exploiting legacy systems and digital transformation vulnerabilities to steal sensitive data including […]

The post New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the move promises streamlined recommendations and deeper engagement among friends, it also raises fresh security and privacy considerations. Rolling out to Free and Premium users aged 16 and older in select markets on mobile devices, the […]

The post Spotify Launches Direct Messaging Feature Amid Security Concerns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Nagios has addressed a significant cross-site scripting (XSS) vulnerability in its enterprise monitoring platform Nagios XI that could allow remote attackers to execute arbitrary JavaScript code in users’ browsers. The security flaw, discovered in the Graph Explorer feature, was patched in the 2024R2.1 release on August 12, 2024. The vulnerability was responsibly disclosed by security […]

The post Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated sophisticated malware engineering that blends cutting-edge encryption techniques with focused penetration measures. First detected in July 2023, the group resurfaced in May 2024 with a revamped Dedicated Leak Site (DLS), where […]

The post Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying deceptive CAPTCHA interfaces mimicking legitimate services like Cloudflare or Google to manipulate users into running malicious commands. The operation, traced through compromised WordPress websites, represents a sophisticated blend of social […]

The post ShadowCaptcha Exploit: Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi) allows authenticated administrators to inject persistent JavaScript code, leading to session hijacking, unauthorized actions, or internal network pivoting. Tracked as CVE-2025-50975, this stored cross-site scripting (XSS) flaw poses significant risk in environments where multiple administrators share firewall management duties. Details of the Flaw The vulnerability […]

The post IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.