SQL Server Ransomware: Attack Path and Hardening
Key Takeaways ● Documented SQL Server attacks have moved from initial access to ransomware deployment within the hour when exposure is high…
Category: GBHackers
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security researchers have confirmed that the sophisticated iOS exploit chain known as DarkSword is now accessible outside of its original threat actor groups. Recently, security…
Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies
A United States federal court has sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as an initial access broker.…
511,000+ End-of-Life IIS Instances Found Online, Raising Security Risks
Security researchers at The Shadowserver Foundation have identified a massive internet-facing attack surface, discovering more than 511,000 End-of-Life Microsoft Internet Information Services (IIS) instances currently…
Libyan Refinery Targeted in Prolonged Spy Campaign With AsyncRAT
A targeted cyber espionage campaign against Libyan organizations has compromised an oil refinery, a telecommunications provider, and a state institution between November 2025 and February…
SEO Poisoning Campaign Uses Fake Popular Apps to Deliver AsyncRAT
SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025.An ongoing SEO poisoning campaign abuses search results to trick users into downloading…
Tax Scam Google Ads Push BYOVD EDR Killer, Huntress Finds
Tax-themed Google Ads are being weaponized to deliver a BYOVD-based EDR killer, with Huntress linking a large-scale malvertising campaign to rogue ScreenConnect deployments and a…
Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems
QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network video surveillance solution. Disclosed on…
Navia Confirms Data Breach Exposing Sensitive Information of 2.7 Million Users
Navia Benefit Solutions has confirmed a significant data breach impacting nearly 2.7 million individuals. The incident resulted from unauthorised access to the company’s systems, exposing…
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
The Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration…
FBI and CISA Flag Russian Cyber Operations Targeting Select Individuals via Signal
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released a joint cybersecurity advisory regarding a widespread phishing…
Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials
A highly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered on March 19, 2026,…