Aggregator

Vesta Vesta is a static analysis of vulnerabilities, Docker, and Kubernetes cluster configuration detect toolkit. It inspects Kubernetes

The post vesta: Docker and Kubernetes cluster configuration detect toolkit appeared first on Penetration Testing Tools.

An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in Bangladesh. Disguised as applications from the Bangladesh Education Board, SikkahBot lures victims with promises of scholarships, coerces them into sharing sensitive information, and requests high-risk permissions. Once installed, it harvests personal and financial data, intercepts SMS messages, abuses the Accessibility […]

The post Fraudulent Scholarship Apps Target Students in “Defarud” Scam Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for malware distribution, according to recent security research. As macOS continues to gain market share, cybercriminals are adapting their strategies to exploit even the most robust Apple protections. Analysts warn that relying solely on native safeguards may leave organizations vulnerable to […]

The post Hackers Exploit macOS Security Features to Spread Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability in the IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data has been disclosed, enabling blind SQL injection attacks that could compromise sensitive data. Tracked as CVE-2025-0165, this flaw allows authenticated attackers to inject malicious SQL statements, potentially leading to unauthorized data access, manipulation, or deletion in the back-end database. IBM’s Watsonx platform offers advanced […]

The post IBM Watsonx Vulnerability Enables SQL Injection Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

You must login to view this content

A critical security vulnerability has been discovered in ImageMagick, the widely used open-source image processing software, that could allow attackers to execute arbitrary code remotely. The vulnerability, tracked as CVE-2025-57803 with a severity score of 9.8 out of 10, affects 32-bit builds of ImageMagick versions before 7.1.2-2 and 6.9.13-28. The Vulnerability Details The security flaw stems from a 32-bit […]

The post Critical ImageMagick Vulnerability Allows Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cryptocurrency theft scheme involving a malicious npm package that masquerades as the widely-used Nodemailer email library while secretly hijacking desktop cryptocurrency wallets on Windows systems. Socket’s Threat Research Team identified the malicious package, nodejs-smtp, which impersonates the legitimate Nodemailer library that averages approximately 3.9 million weekly downloads. The fraudulent package employs a clever […]

The post Malicious npm Package Impersonates Popular Nodemailer, Puts 3.9M Weekly Downloads at Risk of Crypto Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.