A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket Threat Research Team have discovered two malicious software packages that impersonate popular Google tools. These fake packages, designed to trick busy developers, have been quietly stealing data since May 2021. The malicious packages are identified […]

The post Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Barts Health NHS Trust has disclosed a significant data breach affecting patient and staff information after the Cl0p ransomware gang exploited a critical vulnerability in Oracle E-Business Suite software. The criminal syndicate stole files from an invoice database. It published them on the dark web, compromising the personal data of individuals who received treatment or […]

The post Barts Health NHS Reveals Data Breach Linked to Oracle Zero-Day Exploited by Clop Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React Server Components (RSC) and has a maximum CVSS score of 10, the highest possible rating, signaling critical impact and ease of exploitation. Censys telemetry shows that more than 2.15 million internet‑facing services are […]

The post 2.15M Next.js Web Services Exposed Online, Active Attacks Reported – Update Immediately appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers from Intel 471 first identified this malware on November 25, 2025, disguised as a security application from mBank, one of Poland’s most prominent banking institutions.​ Novel Malware with Advanced Capabilities FvncBot represents an entirely new […]

The post FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Madison, United States, December 5th, 2025, CyberNewsWire Sprocket Security is proud to announce that it has once again been recognized by G2 for “High Performer,” “Best Support,” and “Easiest to Do Business With” in the Winter 2025 Relationship Index for Penetration Testing. This marks the second consecutive quarter Sprocket has earned these honors, reinforcing the […]

The post Sprocket Security Earns Repeat Recognition in G2’s Winter 2025 Relationship Index for Penetration Testing appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Torrance, California, USA, December 5th, 2025, CyberNewsWire Criminal IP will host a live webinar on December 16 at 11:00 AM Pacific Time (PT), focusing on the shift in cyberattack strategies. The session will examine how an increasing number of incidents now originate from exposed digital assets, rather than from known software vulnerabilities. As organizations rapidly […]

The post Criminal IP to Host Webinar: Beyond CVEs – From Visibility to Action with ASM appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, allow local attackers to trigger pool overflows for privilege escalation to SYSTEM. The vulnerabilities require sandbox manipulation to access the attack surface, marking a reversal […]

The post Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security researchers have documented an evolving threat that leverages social engineering and evasion techniques to avoid detection while mining Monero cryptocurrency on infected systems. In February 2025, AhnLab Security Intelligence Center […]

The post Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading traditional network defenses. Recent intelligence gathered by FortiGuard Labs reveals coordinated campaigns targeting high-value victims across Turkey, Israel, and Azerbaijan, employing social engineering tactics paired with advanced anti-analysis techniques that […]

The post MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file, according to a security advisory published by Apache maintainers. Tracked as CVE-2025-66516, the flaw affects Apache Tika core, Apache Tika parsers, and the Apache Tika PDF parser module. CVE ID Severity Vulnerability Type Affected Component Affected Versions CVE-2025-66516 Critical XML External […]

The post Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cybersecurity landscape continues to evolve as threat actors deploy increasingly sophisticated tools to compromise Windows-based infrastructure. CastleRAT, a Remote Access Trojan that emerged around March 2025, represents a significant addition to the malware arsenal that defenders must now contend with. This newly discovered threat demonstrates the convergence of multiple attack techniques, enabling attackers to […]

The post Hackers Using CastleRAT Malware to Attack Windows Systems and Gain Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian state-linked hackers are impersonating high-profile European security conferences to compromise cloud email and collaboration accounts at governments, think tanks, and policy organizations, according to new research from cybersecurity firm Volexity. The campaigns, active through late 2025, abuse legitimate Microsoft and Google authentication workflows and rely on painstaking social engineering to trick victims into effectively […]

The post Russian Hackers Imitate European Events in Coordinated Phishing Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian intelligence-linked cyber threat actors have intensified their operations against NATO research organizations, Western defense contractors, and NGOs supporting Ukraine, employing sophisticated phishing and credential harvesting techniques. The Calisto intrusion set, attributed to Russia’s FSB intelligence service, has escalated its spear-phishing campaigns throughout 2025, leveraging the ClickFix malicious code technique to target high-value entities across […]

The post Russian Calisto Hackers Target NATO Research with ClickFix Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August 2025. According to alerts from JPCERT/CC, threat actors are leveraged the vulnerability to install webshells and establish persistent network access, marking a significant escalation in targeting enterprise VPN infrastructure. The […]

The post Hackers Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The UK’s National Cyber Security Centre (NCSC) has introduced a new initiative designed to protect organisations from cyber threats. Working alongside Netcraft, the NCSC has launched the Proactive Notification Service, a groundbreaking program that identifies and alerts system owners about security vulnerabilities affecting their networks. How the Service Works The Proactive Notification Service operates by scanning […]

The post NCSC Launches Proactive Notification Service to Alert System Owners of Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cloudflare has announced that it is currently experiencing a significant outage impacting its Dashboard and Cloudflare API services. Many users around the world are reporting issues such as 500 Internal Server Errors, failed API requests, and sudden disruptions in tools that depend on Cloudflare’s backend systems. According to the cloudflare, the problem mainly affects the […]

The post Cloudflare Outage Triggers Widespread 500 Internal Server Errors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Throughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKSTORM malware. WARP PANDA exhibits sophisticated technical capabilities, advanced operations security skills, and extensive knowledge of cloud and virtual machine environments. In addition to BRICKSTORM, WARP PANDA has deployed JSP web shells […]

The post China-Nexus Hackers Target VMware vCenter Systems to Deploy Web Shells and Malware Implants appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign is targeting users through Microsoft Teams notifications, exploiting the platform’s trusted status to deliver deceptive messages that appear legitimate to both recipients and email security filters. Threat actors are leveraging Teams’ official notification system to send emails from the no-reply@teams.mail.microsoft address, creating a false sense of authenticity that makes detection increasingly difficult. The […]

The post Hackers Abuse Microsoft Teams Notifications to Launch Callback Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed security flaw in the open-source monitoring platform Cacti could allow attackers to execute arbitrary commands on vulnerable servers. The issue, rated High severity and tracked as CVE-2025-66399, affects Cacti versions up to and including 1.2.28. The problem has been fixed in Cacti 1.2.29. The vulnerability stems from improper input validation in the SNMP device configuration workflow. When an authenticated […]

The post Cacti Command Injection Flaw Allows Remote Execution of Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Within hours of the public disclosure of CVE-2025-55182 on December 3, 2025, Amazon threat intelligence teams detected active exploitation attempts from multiple China-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Components carries a maximum CVSS score of 10.0 and poses an immediate threat to organizations running vulnerable versions […]

The post China-Nexus Hackers Exploiting React2Shell Vulnerability in Active Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.