Microsoft’s final Patch Tuesday of 2025 has been released, addressing 56 vulnerabilities across its product suite. The December update includes patches for three zero-day vulnerabilities, one of which is confirmed to be actively exploited in the wild. Among the resolved flaws, two are rated as “Critical,” while the remaining 54 are classified as “Important” in […]

The post Microsoft December 2025 Patch Tuesday Fixes 56 Vulnerabilities Fixed and 3 Zero-days appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Makop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP) systems and integrating new attack components, including antivirus-killer modules and advanced privilege-escalation exploits. Recent investigations by Acronis TRU researchers reveal that Makop operators have evolved their methodology to include multiple evasion techniques and secondary payload […]

The post Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability, tracked as CVE-2025-67460, affects Zoom Rooms for Windows with a High severity rating. This flaw […]

The post Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Chinese advanced persistent threat (APT) group Silver Fox (also known as Void Arachne) has launched a sophisticated search engine optimization (SEO) poisoning campaign targeting Chinese-speaking employees at organizations worldwide. The campaign distributes a counterfeit Microsoft Teams installer laced with ValleyRAT malware, while employing Cyrillic characters and Russian-language elements as deliberate false flags to mislead […]

The post Threat Actors Poison SEO to Spread Fake Microsoft Teams Installer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Between February 2024 and August 2025, security researchers uncovered a significant campaign orchestrated by the GOLD BLADE threat group, previously known as RedCurl, RedWolf, and Earth Kapre. The investigation of nearly 40 intrusions linked to STAC6565 reveals a sophisticated threat actor that has evolved from traditional cyberespionage into a hybrid operation combining data theft with […]

The post GOLD BLADE: Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft Copilot, the AI tool many businesses use daily, is facing significant problems today. Users in the United Kingdom and parts of Europe are reporting that they cannot access the service. Others say that even if they can log in, many features are broken or not working correctly. Microsoft has confirmed the problem. On their […]

The post Microsoft Copilot Outage Disrupts UK and Europe With Access Failures and Broken Features appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hypervisors the invisible backbone of modern corporate IT have become the new primary battleground for ransomware groups. According to new data from Huntress, attacks targeting hypervisors to deploy ransomware have skyrocketed in late 2025. While hypervisors like VMware ESXi and Microsoft Hyper-V power virtually all enterprise virtual machines (VMs), they often lack the security protections […]

The post Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims via Microsoft Teams and culminates in fileless malware execution through memory-based reflection techniques. The infection […]

The post New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of capturing screenshots, hijacking browser sessions, and stealing Wi-Fi passwords. The malicious extensions, identified as “Bitcoin Black” and “Codo […]

The post Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and high‑severity vulnerabilities across key enterprise products. Administrators are strongly advised to review the latest security notes in the SAP Support Portal and apply the patches without delay to protect their SAP environments. The most serious […]

The post SAP Security Patch Day Fixes Critical Flaws in Solution Manager, NetWeaver & More appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal in July 2025. The threat represents a new breed of stealthy malware designed to maintain a low profile while delivering comprehensive remote access and file system manipulation capabilities to threat […]

The post AI-Driven Tools Uncover GhostPenguin Backdoor Attacking Linux Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ActiveScan++, a widely used extension for the popular penetration testing tool Burp Suite, has released a significant upgrade. The scanner now includes specific detection capabilities for the critical “React2Shell” vulnerabilities. This update addresses two high-severity security flaws, CVE-2025-55182 and CVE-2025-66478. Why This Update Matters React2Shell vulnerabilities are critical because they allow attackers to execute remote […]

The post Burp Suite Upgrades Scanner With Detection for Critical React2Shell Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain computational resources, and compromise large language model applications without user detection. The findings reveal three primary attack vectors that exploit the protocol’s inherent trust model and lack of robust security […]

The post Malicious MCP Servers Enable Stealthy Prompt Injection to Drain System Resources appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

LAC’s Cyber Emergency Center has identified a sophisticated cyberespionage campaign targeting Japanese shipping and transportation companies. The operation, orchestrated by a China-based threat actor in April 2025, leveraged critical vulnerabilities in Ivanti Connect Secure (ICS) to deploy “MetaRAT,” a newly identified variant of the notorious PlugX malware family. This campaign highlights the persistent evolution of […]

The post Hackers Exploit Ivanti Connect Secure Vulnerabilities to Spread MetaRAT Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cydome’s Cybersecurity Research Team has uncovered a sophisticated new variant of the notorious Mirai botnet, designated as “Broadside,” currently executing an active campaign against the maritime logistics sector. Unlike generic botnet waves, Broadside is specifically exploiting a critical vulnerability in digital video recorders (DVRs) used on commercial vessels, signaling a strategic shift toward specialized industrial […]

The post New Variant of Mirai Botnet ‘Broadside’ Launches Active Attacks on Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Polish authorities have arrested three Ukrainian citizens after discovering sophisticated hacking equipment, including FLIPPER devices, during a routine traffic stop in Warsaw. The discovery marks a significant operation targeting cybercriminals allegedly traveling across Europe and conducting cyberattacks against critical infrastructure. Officers from Warsaw’s Śródmieście district stopped a Toyota sedan on Senatorska Street. They found three […]

The post Hackers Using FLIPPER Devices to Breach IT Systems Arrested by Authorities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cary, North Carolina, USA, December 4th, 2025, CyberNewsWire Cybersecurity and IT training platform maintains Leader and Momentum Leader positions while expanding regional excellence INE has been recognized with seven G2 Winter 2026 badges, underscoring its continued leadership in online course delivery, technical skills development, and cybersecurity education. This season’s awards include Leader status in the […]

The post INE Earns G2 Winter 2026 Badges Across Global Markets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In the second installment of the “Advent of Configuration Extraction” series, security researchers have unwrapped QuasarRAT, a widely-deployed .NET remote access trojan (RAT), revealing sophisticated techniques for extracting its encrypted configuration from both clean and obfuscated binary samples. The analysis demonstrates a reproducible methodology using Jupyter Notebook, pythonnet, and dnSpy, providing cybersecurity professionals with practical […]

The post Exposing the Core Functionalities of QuasarRAT: Encrypted Configuration and Obfuscation Techniques appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

NVIDIA and Lakera AI have introduced a groundbreaking unified security and safety framework designed to address the emerging challenges posed by autonomous AI agents in enterprise environments. This collaborative effort represents a significant step forward in making agentic systems AI systems capable of independent planning, tool use, and multi-step task execution safer and more secure […]

The post NVIDIA and Lakera AI Propose Unified Framework for Agent Safety appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

India’s government is considering a controversial proposal that could require smartphone manufacturers to enable satellite location tracking on all devices permanently. The plan has sparked significant backlash from major tech companies, including Apple, Google, and Samsung, who argue the measure poses serious privacy and security risks. The proposal originates in India’s telecom industry, specifically the […]

The post Apple, Google, and Samsung May Soon Activate Always-On GPS in India appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.