Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate with alarming sophistication. Intellexa, a prominent mercenary spyware provider known for its “Predator” surveillance tool, has adapted to evade international sanctions and restrictions, establishing itself as one of the most prolific exploiters of zero-day vulnerabilities targeting mobile devices. Recent analysis from Google’s Threat […]

The post New iOS Zero-Day Exploit Chain Enables Advanced Surveillance by Mercenary Spyware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

JFrog Security Research has uncovered three critical zero-day vulnerabilities in PickleScan, a widely-adopted industry-standard tool for scanning machine learning models and detecting malicious content. These vulnerabilities would enable attackers to completely bypass PickleScan’s malware detection mechanisms, potentially facilitating large-scale supply chain attacks by distributing malicious ML models containing undetectable code. The discoveries underscore a fundamental […]

The post PickleScan Uncovers 0-Day Vulnerabilities Allowing Arbitrary Code Execution via Malicious PyTorch Models appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated remote code execution with root privileges.​ CVE ID Vulnerability Type Affected Product Impact CVE-2025-64446 Authentication Bypass Fortinet FortiWeb Administrative account creation, privilege escalation CVE-2025-58034 Command Injection Fortinet FortiWeb Remote […]

The post Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.