Aggregator
Militaire bijstand bij doorzoeking gevangenis op Sint Maarten
Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot. This multi-year initiative has targeted critical infrastructure worldwide, expanding the group’s reach beyond its traditional focus on Ukraine and Eastern Europe to include North America, Europe, and Asia-Pacific regions. Exploiting Vulnerabilities […]
The post Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
BadPilot Attacking Network Devices to Expand Russian Seashell Blizzard’s Attacks
A newly uncovered cyber campaign, dubbed “BadPilot,” has been linked to a subgroup of the Russian state-sponsored hacking collective Seashell Blizzard, also known as Sandworm. This operation, active since at least 2021, represents a significant expansion in Russia’s cyber activities, targeting critical infrastructure globally. According to Microsoft Threat Intelligence, the campaign focuses on compromising internet-facing […]
The post BadPilot Attacking Network Devices to Expand Russian Seashell Blizzard’s Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2025-1094 | PostgreSQL up to 13.18/14.15/15.10/16.6/17.2 quoting syntax
LaLiga добилась блокировки Cloudflare: в Испании не работают тысячи сайтов
一次CSRF漏洞挖掘与审计
一个快速发现隐秘资产的野路子
Sandworm APT’s initial access subgroup hits organizations accross the globe
A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the energy, retail, education, consulting, and agriculture sectors. In 2023, it globalized the scope of its compromises, leading to persistent access within numerous sectors in the United States, Europe, Central Asia, and the Middle East,” Microsoft’s researchers … More →
The post Sandworm APT’s initial access subgroup hits organizations accross the globe appeared first on Help Net Security.
Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications
Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its ability to evade detection by endpoint security tools. The tool, first released on GitHub in […]
The post Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2025-1271 | Anapi Group H6Web cross site scripting
CVE-2024-13182 | Chimpstudio WP Directorybox Manager Plugin up to 2.5 on WordPress wp_dp_parse_request authentication bypass
CVE-2025-1270 | Anapi Group H6Web ha_datos_hermano.php pkrelated authorization
[Meachines] [Easy] Pandora SNMP+TRP00F权限提升+ktor-HTTP服务扫描+Pandora Fms SQLI-RCE+RE+tar-Path劫持权限提升
CVE-2025-1057 | Keylime 7.12.0 Database Entry denial of service
NCC Group’s 2024 Annual Research Report
Romance Baiting Losses Surge 40% Annually
Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S
Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States. These campaigns, once primarily focused on national-level politics, have increasingly targeted state and local governments, community groups, and individuals. Leveraging advanced technologies such as generative artificial intelligence (AI), these actors aim to […]
The post Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
New Phishing Attacks Abuses Webflow CDN & CAPTCHAs to Steal Credit Card details
Netskope Threat Labs has uncovered a sophisticated phishing campaign targeting users across various industries, including technology, manufacturing, and banking. This campaign, active since mid-2024, exploits search engine optimization (SEO) techniques to lure victims into downloading malicious PDFs hosted on the Webflow Content Delivery Network (CDN). These PDFs are embedded with fake CAPTCHA images that redirect […]
The post New Phishing Attacks Abuses Webflow CDN & CAPTCHAs to Steal Credit Card details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.