New PyPI Supply Chain Attacks Target Python and NPM Users on Windows and Linux
Checkmarx Zero researcher Ariel Harush has uncovered a sophisticated malicious package campaign targeting Python and NPM users across Windows and...
Read more →Category: GBHackers
Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
Security researchers have identified a sophisticated phishing campaign leveraging a fake CAPTCHA verification system dubbed “HuluCaptcha” that covertly executes malicious...
Read more →
Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands
On May 30, 2025, CERT Polska coordinated the public disclosure of three significant security vulnerabilities affecting preinstalled Android applications on...
Read more →
IBM DataStage Bug Exposes Database Credentials in Plain Tex
A recently disclosed vulnerability in IBM InfoSphere DataStage, tracked as CVE-2025-1499, has raised concerns across the enterprise data management sector....
Read more →
Critical MediaTek Flaws Allow Hackers to Gain Elevated Access with No User Input
MediaTek has published its latest Product Security Bulletin, revealing several security vulnerabilities affecting a wide range of its chipsets used...
Read more →
Realtek Bluetooth Driver Flaw Allows Attackers to Delete Any File on Windows Systems
A high-severity security vulnerability has been identified in the Realtek Bluetooth Host Controller Interface (HCI) Adaptor, raising significant concerns for...
Read more →
Haozi’s Plug-and-Play Phishing Attack Steals Over $280,000 from Users
Netcraft security researchers have identified a significant resurgence of the Chinese-language Haozi Phishing-as-a-Service (PhaaS) operation, distinguished by its cartoon mouse...
Read more →
CISO Roles Take on Strategic Security Leadership Roles Beyond Cybersecurity as Organizations
A comprehensive analysis of over 800 Chief Information Security Officers reveals a fundamental transformation in the cybersecurity leadership landscape, with...
Read more →
Critical Denodo Scheduler Flaw Allows Remote Code Execution by Attackers
Denodo, a provider of logical data management software, recently faced a critical security vulnerability in its Denodo Scheduler product. This...
Read more →
Critical Roundcube Flaw Allows Remote Code Execution by Attackers
Roundcube Webmail, one of the most widely used browser-based IMAP clients, has released urgent security updates for its 1.6 and...
Read more →
Active Exploits Detected Targeting Critical vBulletin Vulnerability
Two critical vulnerabilities—CVE-2025-48827 and CVE-2025-48828—have been assigned to vBulletin, the widely used PHP/MySQL forum software, following public disclosure and observed...
Read more →
Severe Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System Takeover
Two severe cybersecurity vulnerabilities have been disclosed in the Consilium Safety CS5000 Fire Panel, a widely deployed industrial control system...
Read more →