Seqrite Labs has uncovered an active Russian phishing campaign that delivers Phantom information-stealing malware through malicious ISO files embedded in fake payment confirmation emails. The sophisticated attack primarily targets finance and accounting professionals in Russia, using social engineering tactics to deceive victims into executing malicious payloads that steal credentials, cryptocurrency wallets, browser data, and sensitive […]

The post Hackers Target Windows Systems Using Phantom Stealer Hidden in ISO Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found

Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. The vulnerabilities are listed below - CVE-2025-43529 (CVSS score: N/A) - A use-after-free vulnerability in WebKit

The Oyster backdoor (also known as Broomstick) is targeting the financial world, using malicious search ads for PuTTY, Teams, and Google Meet.

Scale software teams fast with development team augmentation. Learn when it works best, key models, common mistakes, and how to choose the right partner.

A friend of mine, John D., received this outreach on Threads (see below).

At first, he thought it was the standard fake employer scam, but it is more than that. It is very likely part of a North Korean fake employee scam.  

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing

A new malware called PyStoreRAT is being through fake OSINT tools on GitHub targeting IT and OSINT pros. Read Morphisec's report detailing how it uses AI and evades security.

Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly disclosed. Shortly after publication, multiple security vendors reported scanning activity and suspected exploitation attempts, and CISA has since added the flaw to its Known Exploited Vulnerabilities […]

The post Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated information-stealing tool known as JSCEAL has evolved significantly in recent months, deploying advanced anti-analysis techniques and hardened command-and-control infrastructure to target users of cryptocurrency applications on Windows systems. Security researchers from Cato CTRL discovered the enhanced malware variant during an active campaign that began in August 2025, marking a substantial shift in the […]

The post New JSCEAL Infostealer Malware Targets Windows Systems to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

MITRE has released its annual Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list for 2025, identifying the most critical vulnerabilities affecting software development worldwide. The comprehensive analysis draws from over 39,080 CVE records, providing security professionals and developers with actionable intelligence to strengthen their defenses. MITRE 2025 list reveals significant shifts in the vulnerability […]

The post MITRE Unveils 2025’s Top 25 Most Dangerous Software Weaknesses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New research from Kaspersky has mapped the complete lifecycle of data stolen during phishing attacks, revealing a sophisticated “shadow market conveyor belt” where victim information is instantly commoditized. The analysis traces the digital trail from the initial click on a fraudulent link to the eventual sale of credentials on dark web markets, highlighting how automated […]

The post Research Findings on the Fate of Data Stolen in Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency has released critical guidance on managing UEFI Secure Boot configurations across enterprise systems. The comprehensive advisory addresses growing concerns about boot-level security vulnerabilities that have exposed organizations to firmware-based threats and persistent malware attacks.​ Recent vulnerabilities, including PKFail, BlackLotus, and BootHole, have demonstrated significant gaps in Secure Boot implementations […]

The post CISA Issues New Guidance for Securing UEFI Secure Boot on Enterprise Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have successfully extracted firmware from a cheap JieLi-based smartwatch by reviving an obscure 2000s attack technique that transmits sensitive data through display pixels. The novel approach, which builds upon decades-old “blinkenlights” methodology, demonstrates a significant vulnerability in how budget smartwatch manufacturers handle memory access and screen rendering without proper validation checks. The research […]

The post Researchers Revive 2000s ‘Blinkenlights’ to Extract Smartwatch Firmware via Screen Pixels appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical privilege escalation vulnerability in Microsoft Windows Cloud Files Mini Filter Driver is now under active exploitation, according to a new Cybersecurity and Infrastructure Security Agency (CISA) advisory. The vulnerability, tracked as CVE-2025-62221, poses a significant risk to Windows systems and has prompted urgent security recommendations. The use-after-free vulnerability allows authorized attackers to escalate […]

The post CISA Alerts on Active Exploitation of Windows Cloud Files Mini Filter 0-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A comprehensive security analysis has uncovered a critical vulnerability in container image distribution: more than 10,000 Docker Hub images containing leaked production credentials from over 100 organizations, including a Fortune 500 company and a central national bank. The research, conducted in November 2025, reveals an alarming trend in which developers unknowingly embed sensitive credentials directly […]

The post 10,000+ Docker Hub Images Exposed with Live Production Credentials from 100+ Firms appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Datadog have uncovered a sophisticated adversary-in-the-middle phishing campaign targeting organizations that use Microsoft 365 and Okta for single sign-on authentication. The campaign leverages advanced techniques to hijack legitimate SSO authentication flows and bypass multi-factor authentication methods that lack phishing-resistant capabilities, posing a significant threat to enterprise security infrastructures. The attack addressed phishing […]

The post New AiTM Attack Campaign Bypasses MFA to Target Microsoft 365 and Okta Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Push have identified a sophisticated new phishing attack termed “ConsentFix,” which combines OAuth consent manipulation with ClickFix-style social engineering to compromise Microsoft accounts without requiring passwords or bypassing multi-factor authentication. The campaign targets users explicitly by abusing the Azure CLI OAuth application. This first-party Microsoft tool enjoys implicit trust within enterprise environments. […]

The post ConsentFix Attack Lets Hackers Hijack Microsoft Accounts via Azure CLI Abuse appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Disclosure: This article was submitted by PDFAid for publication.