GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The Chinese Advanced Persistent Threat (APT) group known as Salt Typhoon, also referred to as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been actively targeting critical sectors worldwide. This group has been particularly focused on telecommunications and government entities across the United States, the Asia-Pacific region, the Middle East, and South Africa since at least […]

The post Chinese “Salt Typhoon” Hackers Exploit Exchange Vulnerabilities to Target Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious vulnerability in the NAKIVO Backup and Replication software, known as CVE-2024-48248. This vulnerability allows attackers to exploit an absolute path traversal flaw, enabling them to read arbitrary files without authentication. The vulnerability resides in the Director Web Interface of the […]

The post CISA Warns of NAKIVO Backup Flaw Exploited in Attacks with PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kali Linux, the renowned cybersecurity-focused Linux distribution, has just ushered in the new year with the release of Kali Linux 2025.1a. This update builds upon the existing features, offering myriad enhancements and improvements designed to give users a streamlined experience. Whether you’re already a seasoned Kali user or about to dive into the world of […]

The post Kali Linux 2025.1a Released: New Tools and Desktop Environment Upgrades appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Moving Beyond Detection to Real-Time, Automated Security Across Workloads, Cloud, and Infrastructure  SecPod, a global cybersecurity provider, has announced the General Availability of Saner Cloud, a Cloud-Native Application Protection Platform designed to provide automated remediation and workload security across multi-cloud environments. Unlike conventional security solutions that focus primarily on detection, Saner Cloud integrates security using […]

The post SecPod launches Saner Cloud: A Revolutionary CNAPP For Preventive Cybersecurity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant discovery, PRODAFT’s security research team has identified two critical vulnerabilities in the mySCADA myPRO Manager, a widely used Supervisory Control and Data Acquisition (SCADA) management solution. These vulnerabilities, if exploited, could grant unauthorized access to industrial control networks, potentially leading to severe operational disruptions and financial losses. The vulnerabilities are classified as […]

The post mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors have increasingly been leveraging legitimate remote monitoring and management (RMM) software to infiltrate and navigate through networks undetected. RMM tools, such as AnyDesk, Atera Agent, MeshAgent, NetSupport Manager, Quick Assist, ScreenConnect, Splashtop, and TeamViewer, are widely used by organizations for essential IT tasks like system updates, asset management, and endpoint troubleshooting. However, their […]

The post Hackers Use RMM Tools to Maintain Persistence and Navigate Networks Undetected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors have recently been exploiting legacy drivers to bypass certificate validation, leveraging a technique known as “Legacy Driver Exploitation.” This method involves using vulnerable drivers to evade security measures and distribute malware, as highlighted in a recent security advisory. The attack primarily utilizes the Gh0stRAT malware to remotely control infected systems and cause further […]

The post Threat Actors Leverage Legacy Drivers to Circumvent TLS Certificate Validation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a stark revelation of the escalating cyber threat landscape, Flashpoint’s latest intelligence report highlights the alarming rise in compromised credentials and malware infections. In 2024, threat actors managed to steal an unprecedented 3.2 billion login credentials, marking a 33% increase from the previous year. This staggering figure underscores the growing reliance of cybercriminals on […]

The post Threat Actors Steal 3.2 Billion Login Credentials and Infect 23 Million Devices Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In recent years, VPN vulnerabilities have emerged as a critical threat vector for organizations worldwide. Threat actors, including both cybercriminal groups and state-sponsored entities, are increasingly exploiting these vulnerabilities to gain unauthorized access to sensitive networks. Two notable vulnerabilities, CVE-2018-13379 and CVE-2022-40684, have become staples in the attacker’s playbook, allowing for large-scale credential theft and […]

The post VPN Vulnerabilities Become a Primary Weapon for Threat Actors Targeting Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant vulnerability in Microsoft Windows File Explorer, identified as CVE-2025-24071, has been discovered and is being actively exploited in the wild. This vulnerability allows attackers to capture NTLM hashes, potentially leading to network spoofing attacks and credential theft. The exploit involves specially crafted .library-ms files embedded within compressed archives like RAR or ZIP. When […]

The post Microsoft Windows NTLM File Explorer Vulnerability Exploited in The Wild – PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent analysis by Cloudflare reveals a concerning trend in online security: nearly 41% of successful logins across websites involve compromised passwords. This issue is exacerbated by the widespread practice of password reuse among users. Despite growing awareness about online security risks, many individuals continue to use the same passwords across multiple accounts, creating a […]

The post 41% of Successful Logins Across Websites Involve Compromised Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more. However, this digital transformation also brings with it a heightened vulnerability to cyber threats. Recent research by our security team at PRODAFT has identified critical vulnerabilities in the mySCADA myPRO system, a widely […]

The post mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. SpyCloud, the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report, highlighting the rise of darknet-exposed identity data as the primary cyber risk […]

The post SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across various server hardware. This vulnerability, identified as CVE-2024-54085, allows attackers to bypass authentication remotely, posing a significant risk to cloud infrastructure and data centers worldwide. The issue is a continuation of previous vulnerabilities disclosed by Eclypsium, […]

The post Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This action, exploited under CVE-2025-30066, is designed to identify changes in files during pull requests or commits. However, its compromise poses a significant risk to users by allowing unauthorized access to […]

The post CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a significant development, the China-aligned advanced persistent threat (APT) group known as MirrorFace has been observed employing sophisticated tactics to enhance the stealthiness of its attacks. Recently, MirrorFace modified the execution of AsyncRAT, a publicly available remote access trojan (RAT), to run it inside Windows Sandbox, thereby evading detection by security controls. This approach […]

The post MirrorFace Hackers Modify AsyncRAT Execution for Stealthy Deployment in Windows Sandbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have discovered that multiple state-sponsored threat actors have been exploiting an eight-year-old vulnerability in Windows shortcut files. This security flaw, identified as ZDI-CAN-25373, allows malicious actors to embed hidden commands within .lnk files, which can execute when opened, potentially compromising sensitive data and systems. The vulnerability in question exploits how Windows displays shortcut […]

The post 11 State-Sponsored Threat Actors Exploit 8-Year-Old Windows Shortcut Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyberattack has been uncovered, targeting booking websites to spread the LummaStealer malware. This campaign leverages fake CAPTCHA prompts and social engineering techniques to deceive users into executing malicious commands on their systems. LummaStealer, an info-stealer malware operating under a Malware-as-a-Service (MaaS) model, has been gaining attention for its versatility and global reach. Infection […]

The post Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability affecting Synology’s DiskStation Manager (DSM) has been disclosed, allowing remote attackers to execute arbitrary code on vulnerable systems. This severe issue, identified as CVE-2024-10441, has been reported in multiple DSM versions, including DSM 6.2, 7.1, 7.2, and 7.2.1, as well as Synology Unified Controller (DSMUC) version 3.1. The vulnerability is classified as […]

The post Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability in Windows File Explorer has been discovered, allowing attackers to capture NTLM hashes and potentially exploit them for network spoofing attacks. The vulnerability, identified as CVE-2025-24071, involves the automatic processing of specially crafted .library-ms files within compressed archives like RAR or ZIP. When these files, containing paths to attacker-controlled SMB servers, are extracted, Windows […]

The post Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.