A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism. […]

The post New Linux Kernel Rust Vulnerability Triggers System Crashes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Amazon has uncovered a North Korean imposter posing as a U.S.-based systems administrator. The discovery was made not through traditional background checks but by analyzing the subtle timing of the worker’s typing. According to a report from Bloomberg, Amazon security specialists flagged the employee due to suspicious “keystroke input lag.” For a genuine remote worker in […]

The post Amazon Identified North Korean IT Worker by Tracking Keystroke Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Evalian’s Security Operations Centre has uncovered an active, sophisticated phishing campaign targeting HubSpot customers, combining business email compromise (BEC) tactics with website compromise to distribute a credential-stealing malware to unsuspecting users. The multi-layered attack demonstrates how modern threat actors are evolving their techniques to bypass traditional email security controls. The phishing campaign employs a deceptive […]

The post Targeted Phishing Attack Strikes HubSpot Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has released an out-of-band security update to address a significant vulnerability in Message Queuing (MSMQ) functionality that impacts Windows 10 systems running IIS web servers and enterprise environments. The flaw, discovered and documented in the December 9, 2025 update (KB5071546), affects Windows 10 version 22H2 and version 21H2. The Vulnerability The MSMQ bug causes […]

The post Microsoft Patches MSMQ Flaw That Affects IIS Web Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Roundcube, the widely used open-source webmail software, has officially released critical security updates to address two significant vulnerabilities in its 1.6 and 1.5 LTS (Long-Term Support) versions. These flaws could allow attackers to execute malicious scripts or expose sensitive information, posing a risk to organizations and individuals relying on the platform for email communication. The […]

The post Roundcube Flaws Let Attackers Execute Malicious Scripts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

WatchGuard has issued an urgent warning regarding a critical zero-day vulnerability in its Firebox firewall appliances that is currently being exploited in the wild. The flaw, tracked as CVE-2025-14733, allows remote attackers to seize control of affected devices without needing any authentication. Technical Details and Impact The vulnerability is an Out-of-Bounds Write flaw located in the iked process, which handles […]

The post WatchGuard Zero-Day Actively Exploited to Seize Control of Firewalls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean cybercriminals shattered previous records in 2025, stealing at least $2.02 billion in cryptocurrency through a sophisticated campaign that represents the most successful year ever for state-sponsored digital theft despite fewer confirmed attacks. This unprecedented haul marks a 51% increase year-over-year. It brings the regime’s cumulative cryptocurrency theft to a staggering $6.75 billion, cementing […]

The post North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Clop ransomware group has launched a new data extortion campaign targeting internet-facing Gladinet CentreStack file servers, exploiting an unknown vulnerability to steal sensitive corporate information. Incident responders from the Curated Intelligence community first identified this campaign, which marks the latest in a series of Clop attacks targeting enterprise file transfer and storage solutions. […]

The post Clop Ransomware Group Targets Gladinet CentreStack Servers to Exfiltrate Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The University of Sydney has alerted its community to a significant cybersecurity breach involving the unauthorized access of a code library. The incident, confirmed by university officials on December 18, 2025, has exposed the personal information of thousands of current and former staff members, as well as a smaller group of students and alumni. University […]

The post University of Sydney Suffers Cyberattack, Student and Staff Data Exposed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

OpenAI has officially released GPT-5.2-Codex, marking a significant leap forward in AI-driven software engineering and defensive cybersecurity. Described as the most advanced “agentic” coding model to date, this new iteration is optimized to handle complex, long-horizon tasks, making it a powerful tool for developers and security researchers alike. Unlike previous models that excelled at short code […]

The post OpenAI’s GPT-5.2 Codex Boosts Agentic Coding and Cyber Vulnerability Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RansomHouse, a ransomware-as-a-service (RaaS) operation managed by the threat group Jolly Scorpius, has significantly enhanced its encryption capabilities, marking a critical escalation in the threat landscape. Recent analysis of RansomHouse binaries reveals a sophisticated upgrade from basic linear encryption to a complex multi-layered encryption methodology, demonstrating how ransomware operators continue to evolve their technical sophistication […]

The post RansomHouse RaaS Enhances Double Extortion with Data Theft and Encryption appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers from Hunt.io and Acronis Threat Research Unit have uncovered a sophisticated network of operational infrastructure controlled by North Korean state-sponsored threat actors Lazarus and Kimsuky. The collaborative investigation revealed previously undocumented connections between these groups’ campaigns, exposing active command-and-control servers, credential-theft environments, tunneling nodes, and certificate-linked infrastructure that had remained hidden from public […]

The post New Lazarus and Kimsuky Infrastructure Discovered with Active Tools and Tunneling Nodes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign utilizing a weaponized PDF document named “NEW Purchase Order # 52177236.pdf” has been identified, employing legitimate cloud infrastructure and encrypted messaging apps to steal corporate credentials. The attack vector was brought to light after security researchers analyzed a blocked link reported by a customer, revealing a complex chain of obfuscation designed […]

The post Beware of Malicious Scripts in Weaponized PDF Purchase Orders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Iranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Episode 4, the latest intelligence dump, fundamentally rewrites that assessment. What emerges is not a hacker collective but a government department, complete with […]

The post APT35 Leak Reveals Spreadsheets Containing Domains, Payments, and Server Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A severe security vulnerability has been discovered in Hewlett Packard Enterprise OneView software, threatening enterprise infrastructure across data centers and hybrid cloud environments. The flaw, tracked as CVE-2025-37164, carries a maximum CVSS 3.1 severity score of 10.0, indicating critical risk requiring immediate remediation. The vulnerability permits unauthenticated remote attackers to execute arbitrary code on affected […]

The post HPE OneView Vulnerability Allows Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The United States Attorney’s Office for the Eastern District of Michigan announced a coordinated international enforcement action targeting E-Note, a cryptocurrency exchange allegedly used by transnational cybercriminals to launder money stolen from U.S. healthcare providers and critical infrastructure operators. The operation, conducted with Michigan State Police and international partners, dismantled the online infrastructure supporting the […]

The post FBI Shuts Down Crypto Exchange Linked to Criminal Money Laundering Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ReversingLabs (RL) researchers have uncovered a sophisticated malware campaign targeting the .NET developer ecosystem via the NuGet package manager. The campaign, which began in July 2025, involves 14 malicious packages designed to mimic legitimate cryptocurrency libraries. These packages are engineered to steal crypto wallets, redirect funds, and exfiltrate Google Ads OAuth tokens, marking a significant […]

The post NuGet Malware Mimic: .NET Integration Library Steals Crypto Wallets and OAuth Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Check Point Research has uncovered a sophisticated malware distribution campaign leveraging the YouTube Ghost Network to deploy GachiLoader, a novel, heavily obfuscated Node.js-based loader designed to deliver the Rhadamanthys infostealer to unsuspecting victims. The campaign, which commenced in December 2024, represents a significant evolution in malware delivery tactics and demonstrates how threat actors continue to […]

The post GachiLoader Deploys Payloads Using Obfuscated Node.js Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security awareness training platforms empower organizations to combat rising cyber threats by educating employees on phishing, ransomware, and social engineering in 2026. These top 10 solutions deliver simulated attacks, personalized learning, and measurable risk reduction for businesses seeking robust human firewalls. Why Best Security Awareness Training Platforms Rising phishing success rates and AI-driven attacks make […]

The post Best Security Awareness Training Platforms For 2026 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. CVE-2025-59374 affects ASUS Live Update software and stems from a sophisticated supply chain compromise that embedded malicious code into legitimate software distributions. Supply Chain Attack Details The vulnerability involves […]

The post Actively Exploited ASUS Vulnerability Added to CISA’s KEV List appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.