WordPress Plugin Vulnerability Lets Attackers Read Any Server File
A critical security flaw has been discovered in the Anti-Malware Security and Brute-Force Firewall WordPress plugin, putting more than 100,000 websites at risk. The vulnerability,…
Category: GBHackers
CISA Alerts on Active Exploitation of WSUS Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about active exploitation of a critical vulnerability affecting Windows Server Update Service (WSUS).…
PhantomRaven Attack Discovered in 126 Malicious npm Packages, Exceeding 86,000 Downloads
The global developer community has been rocked by the emergence of PhantomRaven, a far-reaching campaign involving 126 malicious npm packages with more than 86,000 downloads.…
Cybercriminals Launch Flood of Fake Forex Platforms to Harvest Logins
Fraudulent investment platforms impersonating legitimate cryptocurrency and forex exchanges have emerged as the primary financial threat across Asia, with organized crime groups operating at unprecedented…
Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide
Microsoft experienced a widespread service outage on Wednesday, October 29, 2025, affecting its Azure cloud platform and Microsoft 365 suite, leaving thousands of users unable…
Google Wear OS Flaw Lets Any App Send Texts on Behalf of Users
A critical vulnerability discovered in Google Messages for Wear OS has exposed millions of smartwatch users to a significant security risk. Identified as CVE-2025-12080, the…
Sweet Security Brings Runtime-CNAPP Power to Windows
Tel Aviv, Israel, October 29th, 2025, CyberNewsWire Sweet Security Brings Runtime-CNAPP Power to Windows Sweet Security, a leader in Runtime Cloud and AI security solutions,…
PureHVNC RAT Distributed via Weaponized Judicial Documents
The campaign leverages judicial document themes to distribute Hijackloader malware, which subsequently deploys PureHVNC remote access trojan (RAT)—marking the first observed instance where this combination…
Google Publishes New Guide to Help Defenders Monitor Privileged Accounts
Google has released comprehensive guidance on protecting privileged accounts, recognizing that stolen credentials have become one of the most dangerous attack vectors facing modern organizations.…
Russian Hackers Target Government with Stealthy “Living-Off-the-Land” Tactics
Russian-linked attackers have intensified their targeting of Ukrainian organizations through sophisticated intrusions that rely heavily on legitimate Windows tools rather than malware. The attackers demonstrated…
Massive 4TB EY Database Backup Found Publicly Accessible on Azure
A critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four…
New ‘Gentlemen’ RaaS Appears on Hacking Forums, Targeting Windows, Linux and ESXi
Threat intelligence researchers have identified a new ransomware-as-a-service (RaaS) operation called The Gentlemen’s RaaS, being actively recruited on underground hacking forums by an operator using…