Category: GBHackers

A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document‐sharing notifications….

Google has firmly rejected widespread reports suggesting it issued a global security alert to its 2.5 billion Gmail users, calling…

A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to…

Cybersecurity vendor Palo Alto Networks disclosed that its Salesforce environment was breached through a compromised Salesloft Drift integration, marking the…

Cloudflare disclosed that its automated defenses intercepted and neutralized a record-shattering Distributed Denial-of-Service (DDoS) assault peaking at 11.5 terabits per…

A sophisticated spear-phishing campaign that exploited a compromised mailbox belonging to the Ministry of Foreign Affairs of Oman. The operation,…

Researchers have demonstrated that advanced prompt injection techniques can turn defensive AI agents into potent vectors for system compromise. The…

In mid-2025, a coalition of Ukraine-based autonomous systems orchestrated unprecedented brute-force and password-spraying campaigns against exposed SSL VPN and Remote…

Users of the popular messaging app WhatsApp are being targeted by a new, highly deceptive scam that grants attackers full…

Exposing an ASP.NET Core appsettings.json file containing Azure Active Directory (Azure AD) credentials poses a critical attack vector, effectively handing adversaries…

A critical vulnerability in HashiCorp Vault—tracked as CVE-2025-6203 and HCSEC-2025-24—has been disclosed that allows malicious actors to submit specially crafted…

Over the past two years, Fox-IT and NCC Group have tracked a sophisticated Lazarus subgroup targeting financial and cryptocurrency firms….