Evalian’s Security Operations Centre has uncovered an active, sophisticated phishing campaign targeting HubSpot customers, combining business email compromise (BEC) tactics with website compromise to distribute a credential-stealing malware to unsuspecting users. The multi-layered attack demonstrates how modern threat actors are evolving their techniques to bypass traditional email security controls. The phishing campaign employs a deceptive […]

The post Targeted Phishing Attack Strikes HubSpot Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean cybercriminals shattered previous records in 2025, stealing at least $2.02 billion in cryptocurrency through a sophisticated campaign that represents the most successful year ever for state-sponsored digital theft despite fewer confirmed attacks. This unprecedented haul marks a 51% increase year-over-year. It brings the regime’s cumulative cryptocurrency theft to a staggering $6.75 billion, cementing […]

The post North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Clop ransomware group has launched a new data extortion campaign targeting internet-facing Gladinet CentreStack file servers, exploiting an unknown vulnerability to steal sensitive corporate information. Incident responders from the Curated Intelligence community first identified this campaign, which marks the latest in a series of Clop attacks targeting enterprise file transfer and storage solutions. […]

The post Clop Ransomware Group Targets Gladinet CentreStack Servers to Exfiltrate Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RansomHouse, a ransomware-as-a-service (RaaS) operation managed by the threat group Jolly Scorpius, has significantly enhanced its encryption capabilities, marking a critical escalation in the threat landscape. Recent analysis of RansomHouse binaries reveals a sophisticated upgrade from basic linear encryption to a complex multi-layered encryption methodology, demonstrating how ransomware operators continue to evolve their technical sophistication […]

The post RansomHouse RaaS Enhances Double Extortion with Data Theft and Encryption appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers from Hunt.io and Acronis Threat Research Unit have uncovered a sophisticated network of operational infrastructure controlled by North Korean state-sponsored threat actors Lazarus and Kimsuky. The collaborative investigation revealed previously undocumented connections between these groups’ campaigns, exposing active command-and-control servers, credential-theft environments, tunneling nodes, and certificate-linked infrastructure that had remained hidden from public […]

The post New Lazarus and Kimsuky Infrastructure Discovered with Active Tools and Tunneling Nodes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign utilizing a weaponized PDF document named “NEW Purchase Order # 52177236.pdf” has been identified, employing legitimate cloud infrastructure and encrypted messaging apps to steal corporate credentials. The attack vector was brought to light after security researchers analyzed a blocked link reported by a customer, revealing a complex chain of obfuscation designed […]

The post Beware of Malicious Scripts in Weaponized PDF Purchase Orders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Iranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Episode 4, the latest intelligence dump, fundamentally rewrites that assessment. What emerges is not a hacker collective but a government department, complete with […]

The post APT35 Leak Reveals Spreadsheets Containing Domains, Payments, and Server Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ReversingLabs (RL) researchers have uncovered a sophisticated malware campaign targeting the .NET developer ecosystem via the NuGet package manager. The campaign, which began in July 2025, involves 14 malicious packages designed to mimic legitimate cryptocurrency libraries. These packages are engineered to steal crypto wallets, redirect funds, and exfiltrate Google Ads OAuth tokens, marking a significant […]

The post NuGet Malware Mimic: .NET Integration Library Steals Crypto Wallets and OAuth Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Check Point Research has uncovered a sophisticated malware distribution campaign leveraging the YouTube Ghost Network to deploy GachiLoader, a novel, heavily obfuscated Node.js-based loader designed to deliver the Rhadamanthys infostealer to unsuspecting victims. The campaign, which commenced in December 2024, represents a significant evolution in malware delivery tactics and demonstrates how threat actors continue to […]

The post GachiLoader Deploys Payloads Using Obfuscated Node.js Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

TEL AVIV, Israel, Dec. 17, 2025 Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery of React2Shell (CVE-2025-55182) serving as a stark real-world validation of these vulnerabilities. The research, titled “Beat the Bypass: A Benchmark Study of WAF Weaknesses and AI Mitigation,” demonstrates that traditional […]

The post New Reports Reveal WAFs Are Ineffective Against Latest React2Shell Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ink Dragon, a Chinese espionage group, has significantly expanded its operational reach from Southeast Asia and South America into European government networks, according to ongoing research by Check Point Research. The threat actor employs a methodical approach that combines strategic server compromises with sophisticated relay infrastructure to maintain persistent access and support global operations. The […]

The post Chinese Ink Dragon Breaches European Government Networks, Affecting Asia and South America appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Sophisticated malware employs a multi-stage infection chain and advanced evasion techniques to exfiltrate sensitive information. Phantom, a sophisticated stealer malware variant, is conducting targeted attacks to harvest sensitive data from infected systems, including passwords, browser cookies, credit card information, and cryptocurrency wallet credentials. Security researchers have identified Version 3.5 of the malware, which employs a […]

The post Phantom Stealer Targeting Users to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As the global holiday shopping season reaches its peak, cybersecurity researchers have uncovered a massive, industrialized operation designed to defraud consumers through a sophisticated network of counterfeit e-commerce sites. In a report released in November 2025, PreCrime™ Labs, the research division of BforeAI, identified a coordinated campaign involving the mass registration of fake online shop […]

The post Cybercriminals Registering Fake Shopping Domains to Target Users This Holiday Season appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered Android botnet dubbed “Kimwolf” has silently compromised over 1.8 million devices globally, primarily targeting Android TV boxes in residential networks. The massive operation, which at one point saw its command-and-control (C2) domain surpass Google in global popularity rankings, represents a significant evolution in IoT malware sophistication and scale.​ Security researchers at XLab […]

The post Kimwolf Android Botnet Compromises 1.8 Million Devices Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones. The ENKI WhiteHat Threat Research Team identified the latest iteration of “DOCSWAP” malware being distributed through an intricate social […]

The post Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety for exploiting CVE-2025-2783, a zero-day vulnerability in Google Chrome, their latest offensive relies on refined social engineering tactics and commercial red […]

The post ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Imagine cruising down the highway in your brand-new electric car when suddenly the multimedia display fills with Doom, the iconic 3D shooter game completely replacing your navigation map and vehicle controls. Shockingly, this isn’t science fiction. Security researchers have demonstrated that this scenario is entirely possible in today’s connected vehicles, exposing a critical vulnerability in […]

The post Hackers Can Seize Control of Car Dashboards Through Modem Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated Chinese threat actor tracked as Ink Dragon has been weaponizing a custom ShadowPad IIS Listener module to convert compromised servers into distributed relay nodes, according to research by Check Point Research. The tactic represents a significant escalation in the group’s operational capabilities, enabling attackers to establish persistent, multi-layered command-and-control infrastructure that spans victim […]

The post Chinese Hackers Turn Compromised Servers Into ShadowPad Nodes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Singularity, a stealth-focused Linux Kernel Module (LKM) rootkit targeting modern 6.x kernels, has added a powerful log‐evasion capability that prevents its detection through traditional kernel logging interfaces such as klogctl. Designed as a “final boss” rootkit for defenders, Singularity notes deep kernel hooking, advanced log sanitization, and EDR evasion techniques to stay invisible on compromised systems. […]

The post Singularity Linux Kernel Rootkit with klogctl Detection Evasion appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated malware campaign dubbed “GhostPoster” has compromised approximately 50,000 Firefox users by exploiting browser extension icons. Security researchers at Koi Security discovered that malicious actors are embedding hidden malware payloads directly within PNG logo files, turning seemingly innocent visual elements into dangerous delivery mechanisms that evade traditional security scanning. The campaign spans 17 Firefox […]

The post GhostPoster Attack Uses PNG Icons to Compromise 50,000 Firefox Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.