Seqrite Labs has uncovered an active Russian phishing campaign that delivers Phantom information-stealing malware through malicious ISO files embedded in fake payment confirmation emails. The sophisticated attack primarily targets finance and accounting professionals in Russia, using social engineering tactics to deceive victims into executing malicious payloads that steal credentials, cryptocurrency wallets, browser data, and sensitive […]

The post Hackers Target Windows Systems Using Phantom Stealer Hidden in ISO Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly disclosed. Shortly after publication, multiple security vendors reported scanning activity and suspected exploitation attempts, and CISA has since added the flaw to its Known Exploited Vulnerabilities […]

The post Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated information-stealing tool known as JSCEAL has evolved significantly in recent months, deploying advanced anti-analysis techniques and hardened command-and-control infrastructure to target users of cryptocurrency applications on Windows systems. Security researchers from Cato CTRL discovered the enhanced malware variant during an active campaign that began in August 2025, marking a substantial shift in the […]

The post New JSCEAL Infostealer Malware Targets Windows Systems to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

MITRE has released its annual Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list for 2025, identifying the most critical vulnerabilities affecting software development worldwide. The comprehensive analysis draws from over 39,080 CVE records, providing security professionals and developers with actionable intelligence to strengthen their defenses. MITRE 2025 list reveals significant shifts in the vulnerability […]

The post MITRE Unveils 2025’s Top 25 Most Dangerous Software Weaknesses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New research from Kaspersky has mapped the complete lifecycle of data stolen during phishing attacks, revealing a sophisticated “shadow market conveyor belt” where victim information is instantly commoditized. The analysis traces the digital trail from the initial click on a fraudulent link to the eventual sale of credentials on dark web markets, highlighting how automated […]

The post Research Findings on the Fate of Data Stolen in Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency has released critical guidance on managing UEFI Secure Boot configurations across enterprise systems. The comprehensive advisory addresses growing concerns about boot-level security vulnerabilities that have exposed organizations to firmware-based threats and persistent malware attacks.​ Recent vulnerabilities, including PKFail, BlackLotus, and BootHole, have demonstrated significant gaps in Secure Boot implementations […]

The post CISA Issues New Guidance for Securing UEFI Secure Boot on Enterprise Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have successfully extracted firmware from a cheap JieLi-based smartwatch by reviving an obscure 2000s attack technique that transmits sensitive data through display pixels. The novel approach, which builds upon decades-old “blinkenlights” methodology, demonstrates a significant vulnerability in how budget smartwatch manufacturers handle memory access and screen rendering without proper validation checks. The research […]

The post Researchers Revive 2000s ‘Blinkenlights’ to Extract Smartwatch Firmware via Screen Pixels appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical privilege escalation vulnerability in Microsoft Windows Cloud Files Mini Filter Driver is now under active exploitation, according to a new Cybersecurity and Infrastructure Security Agency (CISA) advisory. The vulnerability, tracked as CVE-2025-62221, poses a significant risk to Windows systems and has prompted urgent security recommendations. The use-after-free vulnerability allows authorized attackers to escalate […]

The post CISA Alerts on Active Exploitation of Windows Cloud Files Mini Filter 0-Day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A comprehensive security analysis has uncovered a critical vulnerability in container image distribution: more than 10,000 Docker Hub images containing leaked production credentials from over 100 organizations, including a Fortune 500 company and a central national bank. The research, conducted in November 2025, reveals an alarming trend in which developers unknowingly embed sensitive credentials directly […]

The post 10,000+ Docker Hub Images Exposed with Live Production Credentials from 100+ Firms appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Datadog have uncovered a sophisticated adversary-in-the-middle phishing campaign targeting organizations that use Microsoft 365 and Okta for single sign-on authentication. The campaign leverages advanced techniques to hijack legitimate SSO authentication flows and bypass multi-factor authentication methods that lack phishing-resistant capabilities, posing a significant threat to enterprise security infrastructures. The attack addressed phishing […]

The post New AiTM Attack Campaign Bypasses MFA to Target Microsoft 365 and Okta Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Push have identified a sophisticated new phishing attack termed “ConsentFix,” which combines OAuth consent manipulation with ClickFix-style social engineering to compromise Microsoft accounts without requiring passwords or bypassing multi-factor authentication. The campaign targets users explicitly by abusing the Azure CLI OAuth application. This first-party Microsoft tool enjoys implicit trust within enterprise environments. […]

The post ConsentFix Attack Lets Hackers Hijack Microsoft Accounts via Azure CLI Abuse appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have identified an active zero-day vulnerability in Gogs, a widely used self-hosted Git service. The flaw has already resulted in the compromise of more than 700 servers publicly exposed on the internet. As of early December 2025, no official patch is available to mitigate this threat, leaving thousands of instances vulnerable to remote […]

The post Gogs 0-Day Actively Exploited to Compromise Over 700 Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The development team behind the popular text editor Notepad++ has released version 8.8.9 to address a critical security flaw that could allow traffic hijacking. This vulnerability affects the software’s update mechanism, potentially allowing attackers to intercept network traffic and install malicious software on users’ systems. Notepad++ Flaw Security experts recently reported incidents in which the […]

The post Notepad++ Flaw Allows Attackers to Hijack Update Traffic and Deploy Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

An advanced persistent threat (APT) group with ties to Hamas has intensified its espionage operations against government and diplomatic entities across the Middle East, deploying a sophisticated new malware suite dubbed AshTag. The threat actor, tracked as Ashen Lepus (also known as WIRTE), has demonstrated significant operational evolution while maintaining persistent activity throughout regional conflicts, including the Israel-Hamas […]

The post Ashen Lepus Hacker Group Targets Eastern Diplomatic Entities with AshTag Malware Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have disclosed two new vulnerabilities in React Server Components that expose servers to Denial-of-Service (DoS) attacks and to source code leaks. These flaws were discovered while experts were analyzing the patches for last week’s critical “React2Shell” vulnerability. While these new issues do not allow for Remote Code Execution (RCE), they still pose significant […]

The post Severe Flaws in React Server Components Enable DoS Attacks and Code Exposure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Road Town, British Virgin Islands, December 11th, 2025, CyberNewsWire 1inch, the leading DeFi ecosystem, has been selected as the exclusive swap provider at launch for Ledger Multisig, deepening the collaboration between the two projects. By integrating the 1inch Swap API into its security-first multisig architecture, Ledger, the world leader in digital asset security for consumers […]

The post 1inch Named Exclusive Swap Provider at Launch for Ledger Multisig appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cary, North Carolina, USA, December 11th, 2025, CyberNewsWire As AI accelerates job transformation, INE supports organizations reallocating Q4 budgets to experiential, performance-driven upskilling. With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job roles across cybersecurity, cloud, and IT operations, enterprises are rapidly reallocating L&D budgets toward hands-on training that delivers measurable, […]

The post INE Highlights Enterprise Shift Toward Hands-On Training Amid Widening Skills Gaps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The zLabs research team has identified a sophisticated new threat campaign targeting Spanish Android users through a malware strain called DroidLock. Unlike traditional ransomware that encrypts files, this Android-focused threat employs a more direct approach locking devices with ransomware-style overlays and demanding payment while maintaining complete control over compromised handsets. DroidLock primarily spreads through phishing […]

The post New DroidLock Malware Locks Android Devices and Demands Ransom Payment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Infostealers have become 2025’s fastest-growing cyberthreat, targeting all operating systems and regions with sophisticated social engineering tactics. In a new campaign discovered by Kaspersky experts, attackers are exploiting users’ interest in OpenAI’s Atlas browser by leveraging the official ChatGPT website itself as a hosting platform for malicious installation guides. The attack begins with paid search […]

The post New ClickFix Attacks Exploit Official ChatGPT Website to Deliver macOS Infostealer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have unveiled a critical series of vulnerabilities in the .NET Framework’s HTTP client proxy architecture, dubbed “SOAPwn,” that enables remote code execution across multiple enterprise-grade platforms. Presented at Black Hat Europe 2025 by Piotr Bazydlo, the research reveals a fundamental design flaw in the framework’s handling of SOAP client proxies and WSDL imports. […]

The post New “SOAPwn” .NET Flaws Expose Barracuda, Ivanti, and Microsoft Devices to RCE appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.