Aggregator

Security researchers have unveiled a sophisticated Linux rootkit capable of bypassing Elastic Security’s advanced detection mechanisms, demonstrating critical vulnerabilities in endpoint detection and response solutions. The Singularity rootkit employs multiple obfuscation and evasion techniques to defeat static signature analysis and behavioral monitoring systems that typically identify malicious kernel modules. Elastic Security’s endpoint detection framework typically […]

The post Researchers Develop Linux Rootkit That Evades Elastic EDR Protections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Sophisticated threat actors have orchestrated a coordinated multilingual phishing campaign targeting financial and government organizations across East and Southeast Asia. The campaign leverages carefully crafted ZIP file lures combined with region-specific web templates to deceive users into downloading staged malware droppers. Recent analysis reveals three interconnected clusters spanning Traditional Chinese, English, and Japanese-language variants, each […]

The post Threat Actors Using Multilingual ZIP File to Attack Financial and Government Organizations appeared first on Cyber Security News.

You must login to view this content

ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices. The new solution is a perfect fit for organizations that have more than ten web applications residing in various on-premise and cloud environments or being maintained by different teams. With ImmuniWeb Continuous, organizations can now implement an enterprise-wide and uninterrupted security testing, detection and prioritization of vulnerabilities and weaknesses in … More →

The post ImmuniWeb Continuous now enables always-on, AI-powered security testing appeared first on Help Net Security.

AzureHound, an open-source data collection tool designed for legitimate penetration testing and security research, has become a favored weapon in the hands of sophisticated threat actors. The tool, which is part of the BloodHound suite, was originally created to help security professionals and red teams identify and fix cloud vulnerabilities. However, malicious actors have increasingly […]

The post AzureHound Penetration Testing Tool Weaponized by Threat Actors to Enumerate Azure and Entra ID appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware Aria Operations. Tracked as CVE-2025-41244, this 0-day flaw poses significant risk to organizations managing virtualized infrastructure, potentially allowing attackers to gain root-level access to compromised systems. CVE ID Vendor Affected […]

The post CISA Alerts on Active Exploitation of VMware Tools and Aria Operations 0-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to compromised systems. Recent investigations by threat intelligence researchers have uncovered two distinct toolsets from prominent DPRK-aligned hacking groups: Kimsuky’s newly identified HttpTroy backdoor and an upgraded version of Lazarus’s BLINDINGCAN […]

The post Kimsuky and Lazarus Hackers Deploy New Backdoor Tools for Remote Access Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as CVE-2025-24893. This flaw allows unauthenticated attackers to execute arbitrary remote code, posing significant risks to organizations using the open-source wiki software. Discovered and actively exploited, the vulnerability underscores the dangers of […]

The post CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code appeared first on Cyber Security News.