Aggregator
CVE-2009-2930 | Elkagroup Elkapax Cms Search Feature cross site scripting (EDB-34616)
RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists
SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish to compromise networks through fake browser updates and JavaScript-based attacks on vulnerable CMS platforms like […]
The post RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss
Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where developers directly import dependencies from public repositories like GitHub sans centralized gatekeeping, attackers exploit namespace […]
The post Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.