Popular npm Library Used in AI and NLP Projects Exposes Systems to RCE
A critical remote code execution vulnerability has been discovered in the widely used JavaScript library expr-eval, affecting thousands of projects that rely on it for…
Category: GBHackers
Threat Actors Attacking Outlook and Google Bypassing Traditional Email Defenses
Threat actors are systematically compromising Outlook and Google mailboxes with alarming success, leveraging sophisticated techniques that sidestep traditional email defenses entirely. According to VIPRE’s Q3…
LangGraph Deserialization Flaw Enables Execution of Malicious Python Code
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component,…
HackGPT Launches as AI-Driven Penetration Testing Suite Using GPT-4 and Other Models
HackGPT Enterprise has officially launched as a production-ready, cloud-native AI-powered penetration testing platform designed specifically for enterprise security teams. Created by Yashab Alam, Founder and…
Ransomware Operators Exploit RMM Tools to Deploy Medusa and DragonForce
Cybersecurity researchers at Zensec have exposed a sophisticated supply-chain attack campaign that weaponised trusted Remote Monitoring and Management (RMM) infrastructure to deploy ransomware across multiple…
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links.…
Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case
An extract from “The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy” by Francesco Cancellato, published by Rizzoli on November…
APT Groups Target Construction Firms to Steal RDP, SSH, and Citrix Credentials
The construction industry has emerged as a primary target for sophisticated cyber adversaries in 2025, with threat actors including state-sponsored APT groups, ransomware operators, and…
Ex-Intel Employee Hid 18,000 Sensitive Documents Prior to Leaving the Company
Intel is pursuing legal action against a former software engineer who the company claims downloaded thousands of confidential files shortly after being fired in July.…
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation…
New Whisper-Based Attack Reveals User Prompts Hidden Inside Encrypted AI Traffic
Microsoft researchers have unveiled a sophisticated side-channel attack targeting remote language models that could allow adversaries to infer conversation topics from encrypted network traffic. Despite…
Monsta FTP Remote Code Execution Flaw Being Exploited in the Wild
Security researchers have discovered an actively exploited remote code execution vulnerability in Monsta FTP, a web-based FTP client used by financial institutions, enterprises, and individual…