Aggregator

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant threat, employing the cunning “ClickFix” social engineering technique to compromise unsuspecting users. This malware, rewritten from C to C++ with an advanced binary morpher, targets a broad spectrum of sensitive data, including credentials, emails, personal details, screenshots, and cookies from […]

The post LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #563555 / VDB-307428

Submit #563549 / VDB-307427

Submit #563545 / VDB-307426

Submit #563543 / VDB-307425

Submit #563540 / VDB-307424

A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating under the alias “GatewayPhantom,” is marketing the 0-day vulnerability as a tool for SMS interception, real-time phone tracking, and location monitoring. Signaling System No. 7 (SS7) is a 1975 telecommunications […]

The post Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

前言偶然刷到一个非常有趣且自己曾经遇到过的漏洞案例，当时是工具Fuzz偶然发现，觉得是运气成分占比较多，直到

前言偶然刷到一个非常有趣且自己曾经遇到过的漏洞案例，当时是工具Fuzz偶然发现，觉得是运气成分占比较多，直到

前言偶然刷到一个非常有趣且自己曾经遇到过的漏洞案例，当时是工具Fuzz偶然发现，觉得是运气成分占比较多，直到

X Business, a small e-commerce store dealing in handmade home décor, became the latest victim of a devastating cyberattack orchestrated by a sophisticated malware strain known as Chimera. What begann as a routine inventory management system update spiraled into a full-blown crisis within 12 hours. Customer orders ceased, staff accounts were locked, and the website […]

The post Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Как одна фраза превращает чат в пытку.

“Met eensgezindheid en vastberadenheid is oorlog 80 jaar op afstand gehouden.” Dat zei minister Ruben Brekelmans vandaag tijdens het Vrijheidsdefilé in Wageningen. Met zijn woorden verwees de bewindsman naar de 80 jaar vrijheid, waar we in leven, “een uniek en zeldzaam voorrecht.” Maar het gevaar is nu dichterbij dan we jarenlang hebben gedacht.

A vulnerability was found in GAIR-NLP factool up to 3f3914bc090b644be044b7e0005113c135d8b20f. It has been classified as critical. This affects the function run_single of the file factool/factool/math/tool.py. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2025-4261. The attack needs to be approached locally. Furthermore, there is an exploit available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

MediaTek, a leading provider of chipset technology for smartphones, tablets, AIoT, and smart TVs, has released critical patches addressing several security vulnerabilities across its product portfolio. The newly published MediaTek Product Security Bulletin details the flaws, their potential impacts, and the extensive range of affected devices. Device manufacturers were notified of these vulnerabilities and provided […]

The post MediaTek Fixes Multiple Security Flaws in Smartphone, Tablet, and TV Chipsets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Oracle Business Intelligence Enterprise Edition 6.4.0.0.0/7.0.0.0.0 and classified as critical. Affected by this issue is some unknown functionality of the component Installation. The manipulation leads to denial of service. This vulnerability is handled as CVE-2022-25647. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Oracle Banking Trade Finance 14.5/14.6/14.7. This issue affects some unknown processing of the component Infrastructure. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-25647. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Oracle Banking Treasury Management 14.5/14.6/14.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Infra Code. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-25647. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Oracle FLEXCUBE Universal Banking up to 14.7. This vulnerability affects unknown code of the component Infrastructure. The manipulation leads to denial of service. This vulnerability was named CVE-2022-25647. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Oracle BAM 12.2.1.4.0 and classified as critical. This issue affects some unknown processing of the component General. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-25647. The attack may be initiated remotely. There is no exploit available.