Initial access broker Storm-0249 has evolved from a mass phishing operation into a sophisticated threat actor weaponizing legitimate Endpoint Detection and Response (EDR) processes through sideloading techniques to conceal malicious activity as routine security operations. This represents a significant escalation in the group’s capabilities and poses a critical risk to organizations relying on traditional defense […]

The post Storm-0249: EDR Process Sideloading to Conceal Malicious Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused by Telegram enforcement actions. The group returned in August 2025 with version 2.x, featuring advanced Telegram-based automation and cross-platform capabilities targeting both Linux and Windows systems. VolkLocker is built in […]

The post New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

NVIDIA has released urgent security patches for its Merlin machine learning framework after discovering two high-severity deserialization vulnerabilities that could enable attackers to execute malicious code, trigger denial-of-service attacks, and compromise sensitive data on Linux systems. The security bulletin, published on December 9, 2025, identifies critical flaws in the NVTabular and Transformers4Rec components of NVIDIA […]

The post NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been discovered in Plesk, a widely used web hosting control panel, that enables unauthorised users to escalate privileges and gain root-level access to affected systems. This flaw poses a significant threat to web hosting providers and organisations that rely on Plesk for server management. Vulnerability Overview The vulnerability allows malicious […]

The post Critical Plesk Vulnerability Allows Users to Gain Root-Level Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new critical vulnerability in pgAdmin 4 allows remote attackers to bypass security filters and execute arbitrary shell commands on the host server. The flaw, tracked as CVE-2025-13780, exploits a weakness in how the popular PostgreSQL management tool processes database restoration files. CVE ID CVE-2025-13780 Severity Critical Vulnerability Type Remote Code Execution (RCE) Affected Component […]

The post Critical pgAdmin Flaw Allows Attackers to Execute Shell Commands on Host appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated new ransomware group known as “Gentlemen” has emerged as a significant threat to global enterprise security, employing a ruthless double extortion model that combines data theft with advanced encryption protocols. First identified in August 2025, the group has rapidly escalated its operations, impacting organizations across 17 countries in North America, South America, the […]

The post Gentlemen Ransomware Emerges as a Threat to Corporate Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered a critical unpatched vulnerability in the Windows Remote Access Connection Manager (RasMan) service that enables attackers to crash the service and facilitate local arbitrary code execution with Local System privileges. This discovery emerged during an investigation of CVE-2025-59230, which Microsoft patched in October 2025. CVE-2025-59230 represents an elevation-of-privilege vulnerability conceptually similar […]

The post Windows Remote Access Connection Manager Flaw Allows Arbitrary Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalogue, warning organisations about active exploitation in the wild. Critical File Upload Vulnerability Under Active Attack The vulnerability, tracked as CVE-2018-4063, involves an unrestricted file upload with a dangerous type weakness […]

The post CISA Adds Actively Exploited Sierra Router Flaw to KEV Catalog appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical zero-day vulnerability in Google Chrome that is being actively exploited in the wild. The flaw, tracked as CVE-2025-14174, poses a significant risk to millions of users across multiple web browsers. Vulnerability Details Security researchers discovered an out-of-bounds memory access vulnerability within […]

The post CISA Alerts on Actively Exploited Google Chromium Zero-Day Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated AI-generated supply chain attack is targeting researchers, developers, and security professionals through compromised GitHub repositories, according to findings from Morphisec Threat Labs. The campaign leverages dormant GitHub accounts and polished, AI-crafted repositories to distribute a previously undocumented backdoor known as PyStoreRAT. Attack Methodology The attackers employed a carefully orchestrated strategy by reactivating dormant […]

The post Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researcher has officially released Empire 6.3.0, a significant update to the widely used post-exploitation and adversary emulation framework designed for Red Teams and Penetration Testers. This latest version reinforces the tool’s modular architecture, offering operator flexibility through a robust server/client model. Written primarily in Python 3, Empire 6.3.0 continues to streamline remote engagements with built-in encrypted communications […]

The post Empire 6.3.0 Released as Updated Post-Exploitation Framework for Red Teams appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Apple has issued critical security patches addressing two actively exploited zero-day vulnerabilities affecting iPhone and iPad devices. The tech giant confirmed that both flaws were leveraged in extremely sophisticated attacks targeting specific individuals before iOS 26 was released. Critical WebKit Vulnerabilities Under Active Exploitation The vulnerabilities, tracked as CVE-2025-43529 and CVE-2025-14174, reside in WebKit, Apple’s […]

The post Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The release of Kali Linux 2025.4 marks a significant milestone for the ethical hacking distribution, bringing major architectural changes and a suite of fresh tools. This update focuses on stripping away “fluff” to prioritize performance, essential utilities, and improved hardware support. With the transition to Kernel 6.16, the platform is now faster and more stable than ever. […]

The post Kali Linux 2025.4 Released Featuring 3 New Hacking Tools and Wifipumpkin3 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals are increasingly abandoning traditional programming languages like C and C++ in favor of modern alternatives such as Rust, Golang, and Nim. This strategic shift enables threat actors to write malicious code once and compile it for both Windows and Linux with minimal changes. Leading this trend is “Luca Stealer,” a newly identified information-stealing malware […]

The post Hackers Launch Rust-Based Luca Stealer Targeting Linux and Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Seqrite Labs has uncovered an active Russian phishing campaign that delivers Phantom information-stealing malware through malicious ISO files embedded in fake payment confirmation emails. The sophisticated attack primarily targets finance and accounting professionals in Russia, using social engineering tactics to deceive victims into executing malicious payloads that steal credentials, cryptocurrency wallets, browser data, and sensitive […]

The post Hackers Target Windows Systems Using Phantom Stealer Hidden in ISO Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly disclosed. Shortly after publication, multiple security vendors reported scanning activity and suspected exploitation attempts, and CISA has since added the flaw to its Known Exploited Vulnerabilities […]

The post Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated information-stealing tool known as JSCEAL has evolved significantly in recent months, deploying advanced anti-analysis techniques and hardened command-and-control infrastructure to target users of cryptocurrency applications on Windows systems. Security researchers from Cato CTRL discovered the enhanced malware variant during an active campaign that began in August 2025, marking a substantial shift in the […]

The post New JSCEAL Infostealer Malware Targets Windows Systems to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

MITRE has released its annual Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list for 2025, identifying the most critical vulnerabilities affecting software development worldwide. The comprehensive analysis draws from over 39,080 CVE records, providing security professionals and developers with actionable intelligence to strengthen their defenses. MITRE 2025 list reveals significant shifts in the vulnerability […]

The post MITRE Unveils 2025’s Top 25 Most Dangerous Software Weaknesses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New research from Kaspersky has mapped the complete lifecycle of data stolen during phishing attacks, revealing a sophisticated “shadow market conveyor belt” where victim information is instantly commoditized. The analysis traces the digital trail from the initial click on a fraudulent link to the eventual sale of credentials on dark web markets, highlighting how automated […]

The post Research Findings on the Fate of Data Stolen in Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency has released critical guidance on managing UEFI Secure Boot configurations across enterprise systems. The comprehensive advisory addresses growing concerns about boot-level security vulnerabilities that have exposed organizations to firmware-based threats and persistent malware attacks.​ Recent vulnerabilities, including PKFail, BlackLotus, and BootHole, have demonstrated significant gaps in Secure Boot implementations […]

The post CISA Issues New Guidance for Securing UEFI Secure Boot on Enterprise Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.