Threat Actors Poison SEO to Spread Fake Microsoft Teams Installer
The Chinese advanced persistent threat (APT) group Silver Fox (also known as Void Arachne) has launched a sophisticated search engine optimization (SEO) poisoning campaign targeting…
Category: GBHackers
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation…
Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits
Makop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP) systems and integrating new attack…
Microsoft December 2025 Patch Tuesday Fixes 56 Vulnerabilities Fixed and 3 Zero-days
CVE-2025-62554 Microsoft Office Remote Code Execution Vulnerability Critical Remote Code Execution Access of resource using incompatible type (‘type confusion’) in Microsoft Office allows an unauthorized…
Hackers Using FLIPPER Devices to Breach IT Systems Arrested by Authorities
Polish authorities have arrested three Ukrainian citizens after discovering sophisticated hacking equipment, including FLIPPER devices, during a routine traffic stop in Warsaw. The discovery marks…
New Variant of Mirai Botnet ‘Broadside’ Launches Active Attacks on Users
Cydome’s Cybersecurity Research Team has uncovered a sophisticated new variant of the notorious Mirai botnet, designated as “Broadside,” currently executing an active campaign against the…
Hackers Exploit Ivanti Connect Secure Vulnerabilities to Spread MetaRAT Malware
LAC’s Cyber Emergency Center has identified a sophisticated cyberespionage campaign targeting Japanese shipping and transportation companies. The operation, orchestrated by a China-based threat actor in…
Malicious MCP Servers Enable Stealthy Prompt Injection to Drain System Resources
Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain…
Burp Suite Upgrades Scanner With Detection for Critical React2Shell Flaws
ActiveScan++, a widely used extension for the popular penetration testing tool Burp Suite, has released a significant upgrade. The scanner now includes specific detection capabilities…
AI-Driven Tools Uncover GhostPenguin Backdoor Attacking Linux Servers
A sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal…
SAP Security Patch Day Fixes Critical Flaws in Solution Manager, NetWeaver & More
SAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and high‑severity vulnerabilities across key enterprise…
Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent…