Malicious NPM Packages Exploit Ethereum Wallets with Obfuscated JavaScript
A recent wave of malicious NPM packages has emerged as a significant threat to cryptocurrency users, specifically targeting Ethereum wallet...
Read more →Category: GBHackers
Threat Actors Target PerimeterX CAPTCHA to Automate Microsoft Account Creation
A recent post on an underground forum has brought renewed attention to the escalating arms race between cybercriminals and anti-bot...
Read more →
SolarWinds Dameware Vulnerability Could Let Attackers Gain Elevated Privileges
June 3, 2025 – SolarWinds Worldwide, LLC has announced the release of Dameware 12.3.2, a critical service update focused on...
Read more →
Critical HPE StoreOnce Flaws Allow Remote Code Execution by Attackers
Hewlett-Packard Enterprise (HPE) has issued a critical security bulletin (HPESBST04847 rev. 1) warning users of multiple high-impact vulnerabilities in its...
Read more →
Threat Actors Leverage ClickFix Technique to Deploy EddieStealer Malware
Cybersecurity researchers have identified a sophisticated malware campaign utilizing deceptive CAPTCHA interfaces to distribute EddieStealer, a Rust-based information stealing malware...
Read more →
Stealth Syscall Technique Allows Hackers to Evade Event Tracing and EDR Detection
Advanced threat actors have developed sophisticated stealth syscall execution techniques that successfully bypass modern security infrastructure, including Event Tracing for...
Read more →
Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint
CloudSEK’s BeVigil platform has uncovered a critical security vulnerability affecting an aviation giant, where an exposed JavaScript file containing an...
Read more →
Hackers Weaponize Free SSH Client PuTTY to Deliver Malware on Windows
OpenSSH has become a standard tool for secure remote management on both Linux and Windows systems. Since its inclusion as...
Read more →
New PyPI Supply Chain Attacks Target Python and NPM Users on Windows and Linux
Checkmarx Zero researcher Ariel Harush has uncovered a sophisticated malicious package campaign targeting Python and NPM users across Windows and...
Read more →
Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
Security researchers have identified a sophisticated phishing campaign leveraging a fake CAPTCHA verification system dubbed “HuluCaptcha” that covertly executes malicious...
Read more →
Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands
On May 30, 2025, CERT Polska coordinated the public disclosure of three significant security vulnerabilities affecting preinstalled Android applications on...
Read more →
IBM DataStage Bug Exposes Database Credentials in Plain Tex
A recently disclosed vulnerability in IBM InfoSphere DataStage, tracked as CVE-2025-1499, has raised concerns across the enterprise data management sector....
Read more →