Hypervisors the invisible backbone of modern corporate IT have become the new primary battleground for ransomware groups. According to new data from Huntress, attacks targeting hypervisors to deploy ransomware have skyrocketed in late 2025. While hypervisors like VMware ESXi and Microsoft Hyper-V power virtually all enterprise virtual machines (VMs), they often lack the security protections […]

The post Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims via Microsoft Teams and culminates in fileless malware execution through memory-based reflection techniques. The infection […]

The post New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of capturing screenshots, hijacking browser sessions, and stealing Wi-Fi passwords. The malicious extensions, identified as “Bitcoin Black” and “Codo […]

The post Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and high‑severity vulnerabilities across key enterprise products. Administrators are strongly advised to review the latest security notes in the SAP Support Portal and apply the patches without delay to protect their SAP environments. The most serious […]

The post SAP Security Patch Day Fixes Critical Flaws in Solution Manager, NetWeaver & More appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal in July 2025. The threat represents a new breed of stealthy malware designed to maintain a low profile while delivering comprehensive remote access and file system manipulation capabilities to threat […]

The post AI-Driven Tools Uncover GhostPenguin Backdoor Attacking Linux Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ActiveScan++, a widely used extension for the popular penetration testing tool Burp Suite, has released a significant upgrade. The scanner now includes specific detection capabilities for the critical “React2Shell” vulnerabilities. This update addresses two high-severity security flaws, CVE-2025-55182 and CVE-2025-66478. Why This Update Matters React2Shell vulnerabilities are critical because they allow attackers to execute remote […]

The post Burp Suite Upgrades Scanner With Detection for Critical React2Shell Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain computational resources, and compromise large language model applications without user detection. The findings reveal three primary attack vectors that exploit the protocol’s inherent trust model and lack of robust security […]

The post Malicious MCP Servers Enable Stealthy Prompt Injection to Drain System Resources appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

LAC’s Cyber Emergency Center has identified a sophisticated cyberespionage campaign targeting Japanese shipping and transportation companies. The operation, orchestrated by a China-based threat actor in April 2025, leveraged critical vulnerabilities in Ivanti Connect Secure (ICS) to deploy “MetaRAT,” a newly identified variant of the notorious PlugX malware family. This campaign highlights the persistent evolution of […]

The post Hackers Exploit Ivanti Connect Secure Vulnerabilities to Spread MetaRAT Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cydome’s Cybersecurity Research Team has uncovered a sophisticated new variant of the notorious Mirai botnet, designated as “Broadside,” currently executing an active campaign against the maritime logistics sector. Unlike generic botnet waves, Broadside is specifically exploiting a critical vulnerability in digital video recorders (DVRs) used on commercial vessels, signaling a strategic shift toward specialized industrial […]

The post New Variant of Mirai Botnet ‘Broadside’ Launches Active Attacks on Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Polish authorities have arrested three Ukrainian citizens after discovering sophisticated hacking equipment, including FLIPPER devices, during a routine traffic stop in Warsaw. The discovery marks a significant operation targeting cybercriminals allegedly traveling across Europe and conducting cyberattacks against critical infrastructure. Officers from Warsaw’s Śródmieście district stopped a Toyota sedan on Senatorska Street. They found three […]

The post Hackers Using FLIPPER Devices to Breach IT Systems Arrested by Authorities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cary, North Carolina, USA, December 4th, 2025, CyberNewsWire Cybersecurity and IT training platform maintains Leader and Momentum Leader positions while expanding regional excellence INE has been recognized with seven G2 Winter 2026 badges, underscoring its continued leadership in online course delivery, technical skills development, and cybersecurity education. This season’s awards include Leader status in the […]

The post INE Earns G2 Winter 2026 Badges Across Global Markets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In the second installment of the “Advent of Configuration Extraction” series, security researchers have unwrapped QuasarRAT, a widely-deployed .NET remote access trojan (RAT), revealing sophisticated techniques for extracting its encrypted configuration from both clean and obfuscated binary samples. The analysis demonstrates a reproducible methodology using Jupyter Notebook, pythonnet, and dnSpy, providing cybersecurity professionals with practical […]

The post Exposing the Core Functionalities of QuasarRAT: Encrypted Configuration and Obfuscation Techniques appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

NVIDIA and Lakera AI have introduced a groundbreaking unified security and safety framework designed to address the emerging challenges posed by autonomous AI agents in enterprise environments. This collaborative effort represents a significant step forward in making agentic systems AI systems capable of independent planning, tool use, and multi-step task execution safer and more secure […]

The post NVIDIA and Lakera AI Propose Unified Framework for Agent Safety appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

India’s government is considering a controversial proposal that could require smartphone manufacturers to enable satellite location tracking on all devices permanently. The plan has sparked significant backlash from major tech companies, including Apple, Google, and Samsung, who argue the measure poses serious privacy and security risks. The proposal originates in India’s telecom industry, specifically the […]

The post Apple, Google, and Samsung May Soon Activate Always-On GPS in India appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adex, the anti-fraud and traffic-quality platform operating under AdTech Holding, has successfully identified and neutralized a sophisticated, multi-year malware operation linked to the infamous Triada Trojan. This campaign, which has persistently targeted the mobile advertising ecosystem, underscores the evolving dangers of supply-chain attacks in the digital ad space. According to industry data released alongside the […]

The post Hackers Exploit Multiple Ad Networks to Distribute Triada Malware to Android Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Global cybercrime is accelerating toward a projected cost of 15.63 trillion dollars by 2029, up from an estimated 10.5 trillion dollars today, as criminals exploit new technologies faster than businesses can defend against them. Yet 59% of organisations say they suffered at least one successful cyber attack in the past 12 months, and one in […]

The post US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been discovered affecting billions of WhatsApp and Signal users worldwide. Researchers found that hackers can exploit delivery receipts to secretly monitor user activity, track daily routines, and drain battery life, all without leaving any visible trace.​ The attack, called “Careless Whisper,” uses the delivery receipt feature that confirms when messages reach their […]

The post Hackers Exploit Delivery Receipts in Messaging Apps to Steal Users’ Private Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new platform known as the “kitten” project has emerged as a coordination hub for hacktivist campaigns targeting Israel, operating at the intersection of cyber activism and state-aligned influence. While the operators publicly deny direct ties to Iran, technical evidence and infrastructure traces indicate a close relationship with an Iranian cybersecurity ecosystem and pro-Iranian hacktivist […]

The post Operation Kitten: Hacktivist Groups Targeting Israel with Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new security analysis has unveiled “LOLPROX,” a comprehensive catalog of “Living Off The Land” (LOL) techniques specifically targeting Proxmox Virtual Environment (VE). The research, detailed by security researcher Andy Gill (ZephrSec), highlights how threat actors can weaponize the popular open-source hypervisor’s native tools to execute stealthy, deep-persistence attacks that bypass traditional network monitoring and […]

The post LOLPROX Unveils Undetected Exploitation Routes for Stealthy Hypervisor Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity vulnerability affecting Meta’s React Server Components to its Known Exploited Vulnerabilities (KEV) catalog. Assigned the identifier CVE-2025-55182, the security flaw dubbed “React2Shell” by the security community is currently being exploited in the wild, prompting urgent calls for remediation. React2Shell is a Remote Code Execution […]

The post CISA Adds Critical React2Shell Vulnerability to KEV Catalog After Active Exploitation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.