In the second installment of the “Advent of Configuration Extraction” series, security researchers have unwrapped QuasarRAT, a widely-deployed .NET remote access trojan (RAT), revealing sophisticated techniques for extracting its encrypted configuration from both clean and obfuscated binary samples. The analysis demonstrates a reproducible methodology using Jupyter Notebook, pythonnet, and dnSpy, providing cybersecurity professionals with practical […]

The post Exposing the Core Functionalities of QuasarRAT: Encrypted Configuration and Obfuscation Techniques appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

NVIDIA and Lakera AI have introduced a groundbreaking unified security and safety framework designed to address the emerging challenges posed by autonomous AI agents in enterprise environments. This collaborative effort represents a significant step forward in making agentic systems AI systems capable of independent planning, tool use, and multi-step task execution safer and more secure […]

The post NVIDIA and Lakera AI Propose Unified Framework for Agent Safety appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adex, the anti-fraud and traffic-quality platform operating under AdTech Holding, has successfully identified and neutralized a sophisticated, multi-year malware operation linked to the infamous Triada Trojan. This campaign, which has persistently targeted the mobile advertising ecosystem, underscores the evolving dangers of supply-chain attacks in the digital ad space. According to industry data released alongside the […]

The post Hackers Exploit Multiple Ad Networks to Distribute Triada Malware to Android Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Global cybercrime is accelerating toward a projected cost of 15.63 trillion dollars by 2029, up from an estimated 10.5 trillion dollars today, as criminals exploit new technologies faster than businesses can defend against them. Yet 59% of organisations say they suffered at least one successful cyber attack in the past 12 months, and one in […]

The post US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new platform known as the “kitten” project has emerged as a coordination hub for hacktivist campaigns targeting Israel, operating at the intersection of cyber activism and state-aligned influence. While the operators publicly deny direct ties to Iran, technical evidence and infrastructure traces indicate a close relationship with an Iranian cybersecurity ecosystem and pro-Iranian hacktivist […]

The post Operation Kitten: Hacktivist Groups Targeting Israel with Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new security analysis has unveiled “LOLPROX,” a comprehensive catalog of “Living Off The Land” (LOL) techniques specifically targeting Proxmox Virtual Environment (VE). The research, detailed by security researcher Andy Gill (ZephrSec), highlights how threat actors can weaponize the popular open-source hypervisor’s native tools to execute stealthy, deep-persistence attacks that bypass traditional network monitoring and […]

The post LOLPROX Unveils Undetected Exploitation Routes for Stealthy Hypervisor Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising […]

The post Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The advanced persistent threat (APT) group known as OceanLotus (APT32) has been observed launching a sophisticated cyberespionage campaign specifically targeting China’s “Xinchuang” initiative the nation’s strategic push to replace foreign technology with indigenized, secure IT ecosystems. In a notable shift from traditional Windows-centric attacks, OceanLotus is now deploying specialized weaponry designed to compromise domestic Linux-based […]

The post OceanLotus Targets Xinchuang Ecosystem with Sophisticated Supply Chain Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A massive Indonesian-speaking cybercrime operation spanning over 14 years has been uncovered, revealing a sophisticated infrastructure that shows hallmarks of state-level backing and resources typically associated with advanced persistent threat actors. Security researchers at Malanta have exposed what may be one of the largest and most complex Indonesian-speaking cyber operations ever documented a sprawling ecosystem […]

The post Indonesia’s Gambling Industry Reveals Clues of Nationwide Cyber Involvement appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated new “packer-as-a-service” tool known as Shanya has emerged in the cybercriminal underground, rapidly becoming a preferred weapon for major ransomware groups looking to neutralize endpoint defenses. According to new research from Sophos, Shanya is an evolution in the “EDR killer” market, effectively succeeding previous tools like HeartCrypt. The malware is designed to blind […]

The post Shanya EDR Killer: The New Favorite Tool for Ransomware Operators appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A groundbreaking security research project has uncovered a new class of vulnerabilities affecting virtually every major AI-powered integrated development environment (IDE) and coding assistant on the market. Dubbed “IDEsaster,” this attack chain exploits fundamental features of underlying IDE platforms to exfiltrate data and execute remote code, impacting millions of developers worldwide. The research, conducted over […]

The post Critical Vulnerabilities Found in GitHub Copilot, Gemini CLI, Claude, and Other AI Tools Affect Millions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security researchers have documented an evolving threat that leverages social engineering and evasion techniques to avoid detection while mining Monero cryptocurrency on infected systems. In February 2025, AhnLab Security Intelligence Center […]

The post Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading traditional network defenses. Recent intelligence gathered by FortiGuard Labs reveals coordinated campaigns targeting high-value victims across Turkey, Israel, and Azerbaijan, employing social engineering tactics paired with advanced anti-analysis techniques that […]

The post MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cybersecurity landscape continues to evolve as threat actors deploy increasingly sophisticated tools to compromise Windows-based infrastructure. CastleRAT, a Remote Access Trojan that emerged around March 2025, represents a significant addition to the malware arsenal that defenders must now contend with. This newly discovered threat demonstrates the convergence of multiple attack techniques, enabling attackers to […]

The post Hackers Using CastleRAT Malware to Attack Windows Systems and Gain Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian state-linked hackers are impersonating high-profile European security conferences to compromise cloud email and collaboration accounts at governments, think tanks, and policy organizations, according to new research from cybersecurity firm Volexity. The campaigns, active through late 2025, abuse legitimate Microsoft and Google authentication workflows and rely on painstaking social engineering to trick victims into effectively […]

The post Russian Hackers Imitate European Events in Coordinated Phishing Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian intelligence-linked cyber threat actors have intensified their operations against NATO research organizations, Western defense contractors, and NGOs supporting Ukraine, employing sophisticated phishing and credential harvesting techniques. The Calisto intrusion set, attributed to Russia’s FSB intelligence service, has escalated its spear-phishing campaigns throughout 2025, leveraging the ClickFix malicious code technique to target high-value entities across […]

The post Russian Calisto Hackers Target NATO Research with ClickFix Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August 2025. According to alerts from JPCERT/CC, threat actors are leveraged the vulnerability to install webshells and establish persistent network access, marking a significant escalation in targeting enterprise VPN infrastructure. The […]

The post Hackers Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Throughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKSTORM malware. WARP PANDA exhibits sophisticated technical capabilities, advanced operations security skills, and extensive knowledge of cloud and virtual machine environments. In addition to BRICKSTORM, WARP PANDA has deployed JSP web shells […]

The post China-Nexus Hackers Target VMware vCenter Systems to Deploy Web Shells and Malware Implants appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Within hours of the public disclosure of CVE-2025-55182 on December 3, 2025, Amazon threat intelligence teams detected active exploitation attempts from multiple China-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Components carries a maximum CVSS score of 10.0 and poses an immediate threat to organizations running vulnerable versions […]

The post China-Nexus Hackers Exploiting React2Shell Vulnerability in Active Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers uncover a sophisticated Linux campaign that blends legacy botnet capabilities with modern evasion techniques. A newly discovered Linux malware campaign is demonstrating the evolving sophistication of threat actors by combining Mirai-derived distributed denial-of-service (DDoS) functionality with a stealthy, fileless cryptocurrency mining operation. According to research from Cyble Research & Intelligence Labs (CRIL), the […]

The post New Stealthy Linux Malware Merges Mirai-based DDoS Botnet with Fileless Cryptominer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.