Category: GBHackers

PoC Released for Linux-PAM Flaw Enabling Local Root Privilege Escalation
20
Oct
2025

PoC Released for Linux-PAM Flaw Enabling Local Root Privilege Escalation

A new proof-of-concept (PoC) has been released for a serious vulnerability tracked as CVE-2025-8941, affecting the Pluggable Authentication Modules (PAM)…

Volkswagen Allegedly Hacked in Ransomware Attack as 8Base Claims Data Leak
19
Oct
2025

Volkswagen Allegedly Hacked in Ransomware Attack as 8Base Claims Data Leak

Volkswagen Group is investigating claims from the 8Base ransomware group, which asserts it has stolen sensitive company data. While the…

Windows 11 24H2/25H2 Update Breaks Mouse and Keyboard in Recovery Mode
19
Oct
2025

Windows 11 24H2/25H2 Update Breaks Mouse and Keyboard in Recovery Mode

Microsoft’s latest cumulative update for Windows 11, KB5066835, is causing significant disruptions for users, most notably by rendering USB keyboards…

Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards
18
Oct
2025

Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards

Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other…

Critical Zimbra SSRF Flaw Exposes Sensitive Data
18
Oct
2025

Critical Zimbra SSRF Flaw Exposes Sensitive Data

Zimbra has released an emergency security patch to address a critical Server-Side Request Forgery (SSRF) vulnerability that could allow attackers…

Microsoft Windows 11 October Update Disrupts Localhost (127.0.0.1) Connectivity
18
Oct
2025

Microsoft Windows 11 October Update Disrupts Localhost (127.0.0.1) Connectivity

Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security…

ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware
17
Oct
2025

ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware

A North Korean-linked group, WaterPlum’s Cluster B, has evolved its tactics by introducing OtterCandy—a Node.js–based RAT and information stealer—through the…

WatchGuard VPN Flaw Allows Remote Attackers to Execute Arbitrary Code
17
Oct
2025

WatchGuard VPN Flaw Allows Remote Attackers to Execute Arbitrary Code

A critical security vulnerability has been discovered in WatchGuard Firebox appliances that could allow remote attackers to execute arbitrary code…

Attackers Exploit Zendesk Authentication Issue to Flood Targets’ Inboxes with Corporate Notifications
17
Oct
2025

Attackers Exploit Zendesk Authentication Issue to Flood Targets’ Inboxes with Corporate Notifications

Cybercriminals have discovered a gap in Zendesk’s ticket submission process and are using it to bombard victims with waves of…

TikTok Videos Weaponized to Deliver Self-Compiling PowerShell Malware
17
Oct
2025

TikTok Videos Weaponized to Deliver Self-Compiling PowerShell Malware

Attackers are exploiting TikTok’s massive reach to trick users into executing malware through seemingly innocuous videos. In one popular TikTok…

APT28 Deploys BeardShell and Covenant Modules via Weaponized Office Documents
17
Oct
2025

APT28 Deploys BeardShell and Covenant Modules via Weaponized Office Documents

Security researchers at Sekoia.io have uncovered a sophisticated cyberattack campaign orchestrated by APT28, the notorious Russian state-sponsored threat actor, targeting…

ConnectWise Flaws Let Attackers Deliver Malicious Software Updates
17
Oct
2025

ConnectWise Flaws Let Attackers Deliver Malicious Software Updates

ConnectWise has issued a critical security update for its Automate platform after uncovering vulnerabilities that could allow attackers to intercept…