Frankfurt am Main, Germany, December 16th, 2025, CyberNewsWire Link11, a European provider of web infrastructure security solutions, has released new insights outlining five key cybersecurity developments expected to influence how organizations across Europe prepare for and respond to threats in 2026. The findings are based on analysis of current threat activity, industry research, and insights […]

The post Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild.  CVE-2025-43529 represents a severe use-after-free vulnerability in WebKit, Apple’s rendering engine, that poses a significant risk to millions of users across iOS, iPadOS, macOS, and other […]

The post CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian state-sponsored hackers are intensifying attacks on misconfigured network edge devices across Western critical infrastructure, marking a significant tactical shift as 2025 comes to a close. According to new insights from Amazon Threat Intelligence, this campaign linked with high confidence to Russia’s Main Intelligence Directorate (GRU) and the Sandworm/APT44/Seashell Blizzard cluster has deprioritized overt vulnerability […]

The post Russian Hackers Launch Attacks on Network Edge Devices in Western Critical Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SoundCloud has publicly disclosed a significant data breach affecting approximately 20% of its user base. The music streaming platform confirmed that unauthorized actors gained access to limited user account information through a compromised ancillary service dashboard, prompting immediate containment measures and a comprehensive security response. The Incident Details The company discovered unauthorized activity within an […]

The post SoundCloud Confirms Data Breach After Hackers Steal User Account Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SentinelLABS has released a comprehensive assessment regarding the integration of Large Language Models (LLMs) into the ransomware ecosystem, concluding that while AI is not yet driving a fundamental transformation in tactics, it is significantly accelerating the operational lifecycle. The research indicates that measurable gains in speed, volume, and multilingual reach are reshaping the threat landscape, […]

The post LLM-Driven Automation: A New Catalyst for Ransomware and RaaS Ecosystems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Red Hat has disclosed a significant security flaw in OpenShift GitOps that could allow authenticated users to take complete control of a cluster. Assigned the identifier CVE-2025-13888, this vulnerability allows namespace administrators to elevate their privileges beyond their intended scope, potentially gaining root access to the entire system. Category Information CVE ID CVE-2025-13888 Vendor Severity Important […]

The post OpenShift GitOps Vulnerability Allows Attackers to Escalate Privileges to Root appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The rapid global expansion of solar energy infrastructure has created an unprecedented cyber vulnerability. As millions of homes, businesses, and hospitals adopt renewable power sources supported by government initiatives like the U.S. Inflation Reduction Act and Europe’s Renewable Energy Directive. Security researchers have uncovered a critical flaw: many solar systems still rely on decades-old industrial […]

The post Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Fortinet’s FortiGate appliances face immediate threat from two critical authentication bypass vulnerabilities being actively exploited in production environments. Fortinet released advisories for CVE-2025-59718 and CVE-2025-59719 on December 9, 2025, identifying critical flaws in FortiCloud SSO authentication mechanisms. These vulnerabilities enable unauthenticated attackers to bypass SSO login protections through crafted SAML messages when FortiCloud SSO is […]

The post Critical FortiGate SSO Vulnerability Actively Exploited in Real-World Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has released comprehensive guidance on CVE-2025-55182, a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and the Next.js framework. Assigned a maximum CVSS score of 10.0, this vulnerability enables attackers to execute arbitrary code on vulnerable servers through a single malicious HTTP request, representing an unprecedented risk to modern React-based web […]

The post Microsoft Outlines Mitigation for React2Shell RCE Vulnerability in React Server Components appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A novel WhatsApp account-takeover campaign dubbed “GhostPairing Attack” has emerged, enabling threat actors to gain complete access to victim accounts without stealing passwords or conducting SIM swaps. Security researchers at Gen have uncovered the sophisticated social engineering scheme that exploits WhatsApp’s legitimate device pairing feature to compromise accounts across multiple countries silently. The GhostPairing Attack […]

The post GhostPairing Attack Exposes WhatsApp Accounts to Full Takeover via Phone Numbers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Rapid7 Labs have uncovered a sophisticated new threat: SantaStealer, a malware-as-a-service information stealer actively promoted on Telegram channels and underground hacker forums. The malware, which recently rebranded from “BluelineStealer,” is scheduled for release before the end of 2025 and represents a growing threat to users worldwide due to its ability to exfiltrate […]

The post SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and has been rated High severity (CVSS v4.0: 8.5). JumpCloud is a widely used cloud-based Directory-as-a-Service and […]

The post JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal data belonging to current and former employees. This disclosure marks the luxury automaker’s first public admission regarding the full scope of the incident, following a month-long production shutdown that cost the company hundreds of millions […]

The post Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A popular browser extension promoted as a free and secure VPN has been discovered secretly capturing user conversations across multiple AI chatbot platforms including ChatGPT, Claude, Gemini, and Microsoft Copilot raising fresh concerns over privacy and data exploitation in the age of generative AI. Researchers using the Wings agentic‑AI risk engine uncovered that Urban VPN […]

The post Chrome Extension with 6M+ Users Found Collecting AI Chatbot Inputs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft’s December 2025 security update has introduced a significant compatibility issue affecting Message Queuing (MSMQ) functionality across Windows Server and client environments. The problematic update, identified as KB5071546 (OS Build 19045.6691), was released on December 9, 2025, and has already impacted organizations relying on MSMQ for inter-application communication, particularly in Internet Information Services (IIS) deployments. […]

The post Microsoft December 2025 Security Updates Disrupt MSMQ Functionality on IIS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Since December 2025, security operations centers have identified a rising threat targeting Japanese enterprises through the exploitation of React2Shell (CVE-2025-55182), a critical remote code execution vulnerability affecting React and Next.js applications. While initial attacks primarily deployed cryptocurrency miners, researchers discovered a more dangerous payload a previously unknown malware family designated ZnDoor. Evidence suggests this threat […]

The post ZnDoor Malware Actively Exploits React2Shell to Breach Network Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated attack campaign attributed to a group identifying as “PCP” has compromised 59,128 servers in less than 48 hours by exploiting critical Next.js vulnerabilities. Security researchers discovered the large-scale operation while monitoring a Docker honeypot, uncovering an industrialized attack infrastructure with command-and-control capabilities targeting React-based applications globally. The campaign leverages CVE-2025-29927 and CVE-2025-66478, two […]

The post PCPcat Malware Leverages React2Shell Vulnerability to Breach 59,000+ Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

xHunt, a sophisticated cyber-espionage group with a laser focus on organizations in Kuwait, has continued to demonstrate advanced capabilities in infiltrating critical infrastructure. The group’s persistent, multi-year campaigns targeting the shipping, transportation, and government sectors underscore the evolving threat landscape facing Middle Eastern enterprises. Since its first documented operations in July 2018, xHunt has refined […]

The post xHunt APT Exploits Microsoft Exchange and IIS to Deploy Custom Backdoors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Wireshark, the world’s leading network protocol analyzer, has released version 4.6.2 with critical security updates and important bug fixes. The update addresses compatibility issues, resolves multiple vulnerability concerns, and enhances protocol support for enterprise users and network engineers worldwide. Security Vulnerabilities Patched The latest release fixes two critical security vulnerabilities that could have impacted network […]

The post Wireshark 4.6.2 Released With Crash Vulnerability Fixes and Protocol Updates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Keygraph has unveiled Shannon, a fully autonomous artificial intelligence pentester designed to discover and execute real exploits in web applications. Unlike conventional vulnerability scanners that generate false positives, Shannon bridges a critical security gap by delivering proof-of-concept exploits that demonstrate actual risk before attackers do. The modern development workflow has created a significant security paradox. Teams […]

The post Shannon: AI Pentesting Tool That Autonomously Identifies and Exploits Code Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.