Russian state-sponsored threat group BlueDelta has conducted a sustained credential-harvesting campaign targeting users of UKR.NET, one of Ukraine’s most popular webmail and news services, between June 2024 and April 2025. According to research by Recorded Future’s Insikt Group, the operation represents a significant escalation in the GRU-linked threat actor’s efforts to compromise Ukrainian user credentials […]

The post BlueDelta Hackers Target Users of Popular Ukrainian Webmail and News Service appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In mid-September 2025, the ransomware landscape witnessed a significant development when DragonForce announced an alliance with Qilin and LockBit on a Russian underground forum. The announcement, posted on September 15, 2025, claimed the three groups were joining forces to navigate an increasingly challenging criminal ecosystem marked by intensified law enforcement pressure and operational fragmentation. A […]

The post Mapping the Emerging Alliance Between Qilin, DragonForce, and LockBit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cloud Atlas threat group, active since 2014, continues to pose a significant risk to organizations in Eastern Europe and Central Asia through sophisticated attacks leveraging legacy Microsoft Office vulnerabilities. Security researchers have documented the group’s expanded arsenal and evolving infection chains deployed throughout the first half of 2025, revealing previously undescribed implants and attack […]

The post Cloud Atlas Exploits Office Vulnerabilities to Execute Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical remote code execution vulnerability in Gladinet Triofox is now under active exploitation by threat actors, and security researchers have demonstrated that weaponizing the flaw requires far more sophistication than initial analyses suggest. CVE-2025-12480, tracked by UNC6485, represents a complex attack chain that involves multiple infrastructure challenges and technical hurdles attackers must overcome to […]

The post Hackers Leverage Gladinet Triofox 0-Day Vulnerability to Run Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Apache Software Foundation has released a critical security update for its widely used Log4j logging library. A newly discovered vulnerability, tracked as CVE-2025-68161, allows attackers to intercept or redirect sensitive log data by exploiting a flaw in how the software establishes secure connections. The issue specifically affects the “Socket Appender” component in Apache Log4j Core. This […]

The post Apache Log4j Flaw Enables Interception of Sensitive Logging Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Iranian state-sponsored threat actors, previously thought to have gone dormant, have resurfaced with sophisticated new malware campaigns targeting critical infrastructure organizations globally. A new research report released by SafeBreach Labs reveals that the “Prince of Persia” (also known as Infy) Advanced Persistent Threat (APT) group has broken a three-year silence with a dramatic overhaul of […]

The post Iranian APT Targeting Networks and Critical Infrastructure Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Elastic has released critical security updates to address a dangerous cross-site scripting (XSS) vulnerability affecting multiple versions of Kibana. The vulnerability, tracked as CVE-2025-68385, allows authenticated attackers to inject malicious scripts into web pages served to other users. Vulnerability Details The flaw stems from improper input neutralization during web page generation, specifically within Kibana’s Vega […]

The post New Kibana Vulnerabilities Allow Attackers to Embed Malicious Scripts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Scripted Sparrow, a prolific Business Email Compromise (BEC) collective with members spanning three continents, has raised significant concerns among cybersecurity researchers due to the sophisticated automation infrastructure underlying their large-scale fraudulent operations. Recent analysis by Fortra’s Intelligence and Research Experts (FIRE) reveals that the group’s staggering operational scale estimated at 3 million highly targeted messages […]

The post Scripted Sparrow Utilizes Automation to Generate and Dispatch Attack Messages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism. […]

The post New Linux Kernel Rust Vulnerability Triggers System Crashes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Amazon has uncovered a North Korean imposter posing as a U.S.-based systems administrator. The discovery was made not through traditional background checks but by analyzing the subtle timing of the worker’s typing. According to a report from Bloomberg, Amazon security specialists flagged the employee due to suspicious “keystroke input lag.” For a genuine remote worker in […]

The post Amazon Identified North Korean IT Worker by Tracking Keystroke Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Evalian’s Security Operations Centre has uncovered an active, sophisticated phishing campaign targeting HubSpot customers, combining business email compromise (BEC) tactics with website compromise to distribute a credential-stealing malware to unsuspecting users. The multi-layered attack demonstrates how modern threat actors are evolving their techniques to bypass traditional email security controls. The phishing campaign employs a deceptive […]

The post Targeted Phishing Attack Strikes HubSpot Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has released an out-of-band security update to address a significant vulnerability in Message Queuing (MSMQ) functionality that impacts Windows 10 systems running IIS web servers and enterprise environments. The flaw, discovered and documented in the December 9, 2025 update (KB5071546), affects Windows 10 version 22H2 and version 21H2. The Vulnerability The MSMQ bug causes […]

The post Microsoft Patches MSMQ Flaw That Affects IIS Web Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Roundcube, the widely used open-source webmail software, has officially released critical security updates to address two significant vulnerabilities in its 1.6 and 1.5 LTS (Long-Term Support) versions. These flaws could allow attackers to execute malicious scripts or expose sensitive information, posing a risk to organizations and individuals relying on the platform for email communication. The […]

The post Roundcube Flaws Let Attackers Execute Malicious Scripts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

WatchGuard has issued an urgent warning regarding a critical zero-day vulnerability in its Firebox firewall appliances that is currently being exploited in the wild. The flaw, tracked as CVE-2025-14733, allows remote attackers to seize control of affected devices without needing any authentication. Technical Details and Impact The vulnerability is an Out-of-Bounds Write flaw located in the iked process, which handles […]

The post WatchGuard Zero-Day Actively Exploited to Seize Control of Firewalls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean cybercriminals shattered previous records in 2025, stealing at least $2.02 billion in cryptocurrency through a sophisticated campaign that represents the most successful year ever for state-sponsored digital theft despite fewer confirmed attacks. This unprecedented haul marks a 51% increase year-over-year. It brings the regime’s cumulative cryptocurrency theft to a staggering $6.75 billion, cementing […]

The post North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Clop ransomware group has launched a new data extortion campaign targeting internet-facing Gladinet CentreStack file servers, exploiting an unknown vulnerability to steal sensitive corporate information. Incident responders from the Curated Intelligence community first identified this campaign, which marks the latest in a series of Clop attacks targeting enterprise file transfer and storage solutions. […]

The post Clop Ransomware Group Targets Gladinet CentreStack Servers to Exfiltrate Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The University of Sydney has alerted its community to a significant cybersecurity breach involving the unauthorized access of a code library. The incident, confirmed by university officials on December 18, 2025, has exposed the personal information of thousands of current and former staff members, as well as a smaller group of students and alumni. University […]

The post University of Sydney Suffers Cyberattack, Student and Staff Data Exposed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

OpenAI has officially released GPT-5.2-Codex, marking a significant leap forward in AI-driven software engineering and defensive cybersecurity. Described as the most advanced “agentic” coding model to date, this new iteration is optimized to handle complex, long-horizon tasks, making it a powerful tool for developers and security researchers alike. Unlike previous models that excelled at short code […]

The post OpenAI’s GPT-5.2 Codex Boosts Agentic Coding and Cyber Vulnerability Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RansomHouse, a ransomware-as-a-service (RaaS) operation managed by the threat group Jolly Scorpius, has significantly enhanced its encryption capabilities, marking a critical escalation in the threat landscape. Recent analysis of RansomHouse binaries reveals a sophisticated upgrade from basic linear encryption to a complex multi-layered encryption methodology, demonstrating how ransomware operators continue to evolve their technical sophistication […]

The post RansomHouse RaaS Enhances Double Extortion with Data Theft and Encryption appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers from Hunt.io and Acronis Threat Research Unit have uncovered a sophisticated network of operational infrastructure controlled by North Korean state-sponsored threat actors Lazarus and Kimsuky. The collaborative investigation revealed previously undocumented connections between these groups’ campaigns, exposing active command-and-control servers, credential-theft environments, tunneling nodes, and certificate-linked infrastructure that had remained hidden from public […]

The post New Lazarus and Kimsuky Infrastructure Discovered with Active Tools and Tunneling Nodes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.