Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User
A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITYSYSTEM privileges via...
Read more →Category: GBHackers
Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header
A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware’s Spring Framework has been patched, affecting multiple versions of the...
Read more →
New Tools, Smartwatch and Car Hacking Added
Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in...
Read more →
Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale
Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced the release of its new Vishing Simulation...
Read more →
NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures
The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help organizations implement Zero Trust Architectures (ZTAs)...
Read more →
Amazon Cloud Cam Flaw Allows Attackers to Intercept and Modify Network Traffic
A critical vulnerability (CVE-2025-6031) has been identified in Amazon Cloud Cam devices, which reached end-of-life (EOL) status in December 2022....
Read more →
Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access
A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of...
Read more →
HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation
HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to...
Read more →
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing...
Read more →
TokenBreak Exploit Tricks AI Models Using Minimal Input Changes
HiddenLayer’s security research team has uncovered TokenBreak, a novel attack technique that bypasses AI text classification models by exploiting tokenization...
Read more →
PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability
Microsoft addressed a high-severity elevation of privilege vulnerability (CVE-2025-21420) in its Windows Disk Cleanup Utility (cleanmgr.exe) during February 2025’s Patch...
Read more →
Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected
On June 12, 2025, concurrent infrastructure failures at Cloudflare and Google caused widespread service disruptions, highlighting vulnerabilities in modern cloud...
Read more →