Cybersecurity researchers at Rapid7 Labs have uncovered a sophisticated new threat: SantaStealer, a malware-as-a-service information stealer actively promoted on Telegram channels and underground hacker forums. The malware, which recently rebranded from “BluelineStealer,” is scheduled for release before the end of 2025 and represents a growing threat to users worldwide due to its ability to exfiltrate […]

The post SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and has been rated High severity (CVSS v4.0: 8.5). JumpCloud is a widely used cloud-based Directory-as-a-Service and […]

The post JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal data belonging to current and former employees. This disclosure marks the luxury automaker’s first public admission regarding the full scope of the incident, following a month-long production shutdown that cost the company hundreds of millions […]

The post Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A popular browser extension promoted as a free and secure VPN has been discovered secretly capturing user conversations across multiple AI chatbot platforms including ChatGPT, Claude, Gemini, and Microsoft Copilot raising fresh concerns over privacy and data exploitation in the age of generative AI. Researchers using the Wings agentic‑AI risk engine uncovered that Urban VPN […]

The post Chrome Extension with 6M+ Users Found Collecting AI Chatbot Inputs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft’s December 2025 security update has introduced a significant compatibility issue affecting Message Queuing (MSMQ) functionality across Windows Server and client environments. The problematic update, identified as KB5071546 (OS Build 19045.6691), was released on December 9, 2025, and has already impacted organizations relying on MSMQ for inter-application communication, particularly in Internet Information Services (IIS) deployments. […]

The post Microsoft December 2025 Security Updates Disrupt MSMQ Functionality on IIS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Since December 2025, security operations centers have identified a rising threat targeting Japanese enterprises through the exploitation of React2Shell (CVE-2025-55182), a critical remote code execution vulnerability affecting React and Next.js applications. While initial attacks primarily deployed cryptocurrency miners, researchers discovered a more dangerous payload a previously unknown malware family designated ZnDoor. Evidence suggests this threat […]

The post ZnDoor Malware Actively Exploits React2Shell to Breach Network Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated attack campaign attributed to a group identifying as “PCP” has compromised 59,128 servers in less than 48 hours by exploiting critical Next.js vulnerabilities. Security researchers discovered the large-scale operation while monitoring a Docker honeypot, uncovering an industrialized attack infrastructure with command-and-control capabilities targeting React-based applications globally. The campaign leverages CVE-2025-29927 and CVE-2025-66478, two […]

The post PCPcat Malware Leverages React2Shell Vulnerability to Breach 59,000+ Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

xHunt, a sophisticated cyber-espionage group with a laser focus on organizations in Kuwait, has continued to demonstrate advanced capabilities in infiltrating critical infrastructure. The group’s persistent, multi-year campaigns targeting the shipping, transportation, and government sectors underscore the evolving threat landscape facing Middle Eastern enterprises. Since its first documented operations in July 2018, xHunt has refined […]

The post xHunt APT Exploits Microsoft Exchange and IIS to Deploy Custom Backdoors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Wireshark, the world’s leading network protocol analyzer, has released version 4.6.2 with critical security updates and important bug fixes. The update addresses compatibility issues, resolves multiple vulnerability concerns, and enhances protocol support for enterprise users and network engineers worldwide. Security Vulnerabilities Patched The latest release fixes two critical security vulnerabilities that could have impacted network […]

The post Wireshark 4.6.2 Released With Crash Vulnerability Fixes and Protocol Updates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Keygraph has unveiled Shannon, a fully autonomous artificial intelligence pentester designed to discover and execute real exploits in web applications. Unlike conventional vulnerability scanners that generate false positives, Shannon bridges a critical security gap by delivering proof-of-concept exploits that demonstrate actual risk before attackers do. The modern development workflow has created a significant security paradox. Teams […]

The post Shannon: AI Pentesting Tool That Autonomously Identifies and Exploits Code Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kaspersky security researchers have uncovered a sophisticated Android banking Trojan called Frogblight that targets Turkish users by impersonating legitimate government applications. First detected in August 2025, this advanced malware combines banking credential theft with extensive spyware functionality, marking a significant threat to mobile users in the region.​ The malware employs a deceptive social engineering approach, […]

The post Frogblight Android Malware Spoofs Government Sites to Collect SMS and Device Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated Android malware campaign dubbed NexusRoute is actively targeting Indian users by impersonating the Indian Government Ministry, mParivahan, and e-Challan services to steal credentials and carry out large-scale financial fraud. The operation combines phishing, malware, and surveillance capabilities. It is being distributed via malicious APKs hosted on GitHub and clusters of phishing domains that […]

The post Android Users at Risk as Malware Poses as mParivahan and e-Challan Apps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have identified a resurgence in the abuse of legacy Windows protocols, specifically the finger.exe command, to facilitate social engineering attacks. Since November 2025, threat actors have integrated this decades-old utility into the “ClickFix” malware distribution campaigns. Recent investigations conducted in mid-December confirm that two prominent campaigns, KongTuke and SmartApeSG, are actively leveraging this […]

The post ClickFix Attack Abuses finger.exe to Execute Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Initial access broker Storm-0249 has evolved from a mass phishing operation into a sophisticated threat actor weaponizing legitimate Endpoint Detection and Response (EDR) processes through sideloading techniques to conceal malicious activity as routine security operations. This represents a significant escalation in the group’s capabilities and poses a critical risk to organizations relying on traditional defense […]

The post Storm-0249: EDR Process Sideloading to Conceal Malicious Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused by Telegram enforcement actions. The group returned in August 2025 with version 2.x, featuring advanced Telegram-based automation and cross-platform capabilities targeting both Linux and Windows systems. VolkLocker is built in […]

The post New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

NVIDIA has released urgent security patches for its Merlin machine learning framework after discovering two high-severity deserialization vulnerabilities that could enable attackers to execute malicious code, trigger denial-of-service attacks, and compromise sensitive data on Linux systems. The security bulletin, published on December 9, 2025, identifies critical flaws in the NVTabular and Transformers4Rec components of NVIDIA […]

The post NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been discovered in Plesk, a widely used web hosting control panel, that enables unauthorised users to escalate privileges and gain root-level access to affected systems. This flaw poses a significant threat to web hosting providers and organisations that rely on Plesk for server management. Vulnerability Overview The vulnerability allows malicious […]

The post Critical Plesk Vulnerability Allows Users to Gain Root-Level Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new critical vulnerability in pgAdmin 4 allows remote attackers to bypass security filters and execute arbitrary shell commands on the host server. The flaw, tracked as CVE-2025-13780, exploits a weakness in how the popular PostgreSQL management tool processes database restoration files. CVE ID CVE-2025-13780 Severity Critical Vulnerability Type Remote Code Execution (RCE) Affected Component […]

The post Critical pgAdmin Flaw Allows Attackers to Execute Shell Commands on Host appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated new ransomware group known as “Gentlemen” has emerged as a significant threat to global enterprise security, employing a ruthless double extortion model that combines data theft with advanced encryption protocols. First identified in August 2025, the group has rapidly escalated its operations, impacting organizations across 17 countries in North America, South America, the […]

The post Gentlemen Ransomware Emerges as a Threat to Corporate Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered a critical unpatched vulnerability in the Windows Remote Access Connection Manager (RasMan) service that enables attackers to crash the service and facilitate local arbitrary code execution with Local System privileges. This discovery emerged during an investigation of CVE-2025-59230, which Microsoft patched in October 2025. CVE-2025-59230 represents an elevation-of-privilege vulnerability conceptually similar […]

The post Windows Remote Access Connection Manager Flaw Allows Arbitrary Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.