Threat actors continue to evolve their techniques for bypassing macOS security controls, shifting away from traditional attack vectors that Apple has systematically patched. Following Apple’s removal of the “right-click and open” Gatekeeper override in August 2024, attackers have identified and weaponized a new delivery mechanism using compiled AppleScript files with deceptive naming conventions. These .scpt […]
The post Hackers Weaponize AppleScript to Creatively Deliver macOS Malware Mimic as Zoom/Teams Updates appeared first on Cyber Security News.
A cybersecurity researcher has uncovered a server-side request forgery (SSRF) vulnerability in OpenAI’s ChatGPT. The flaw, hidden in the Custom GPTs feature, allowed attackers to potentially access sensitive cloud infrastructure secrets, including Azure management API tokens. Disclosed through OpenAI’s bug bounty program, the issue was swiftly patched, but it underscores the persistent dangers of SSRF […]
The post Hackers Exploit SSRF Flaw in Custom GPTs to Steal ChatGPT Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Widespread reports suggest major law enforcement operation targeting notorious malware infrastructure has disrupted the Rhadamanthys stealer control panel, prompting urgent security alerts. In a significant development within the cybersecurity community, reports indicate that German law enforcement authorities may have seized control of the main Rhadamanthys stealer infrastructure, marking a potentially significant blow against one of […]
The post Rhadamanthys Stealer Servers Reportedly Seized; Admin Urges Immediate Reinstallation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows Kernel flaw (CVE-2025-62215). CVE-2025-62215 CVE-2025-62215 is a memory corruption issue that stems from “concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Kernel”, which that allows local elevation of privileges (to SYSTEM). Exploitation in the wild was flagged by Microsoft’s Threat Intelligence Center (MSTIC) and … More →
The post Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) appeared first on Help Net Security.