Microsoft Teams Guest Chat Flaw Could Let Hackers Deliver Malware
Security researchers have discovered a critical vulnerability in Microsoft Teams that allows attackers to bypass all Defender for Office 365 protections by inviting users into…
Category: GBHackers
Legacy Python Package Vulnerabilities Enable PyPI Attacks Through Domain Takeover
ReversingLabs researchers have sounded the alarm over a vulnerability lurking in legacy Python packages one that exposes users of the Python Package Index (PyPI) to…
Lapsus$ Hunters Register 40+ Domains Impersonating Zendesk Environments
ReliaQuest’s Threat Research team has uncovered a significant new campaign from the notorious threat collective “Scattered Lapsus$ Hunters,” this time targeting users and organizations that…
Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0
New API capabilities and AI-powered Threat Encyclopedia eliminate manual audit preparation, providing real-time compliance evidence and instant threat intelligence Quttera today announced major enhancements to…
One Identity Safeguard Named a Visionary in the 2025 Gartner Magic Quadrant for PAM
Alisa Viejo, CA, USA, November 27th, 2025, CyberNewsWire Gartner has recognized One Identity as a Visionary in the 2025 Gartner Magic Quadrant for Privileged Access Management…
“Dead Man’s Switch” Triggers Massive npm Supply Chain Malware Attack
GitLab’s security team has discovered a severe, ongoing attack spreading dangerous malware through npm, the world’s most extensive code library. The malware uses an alarming…
Handala Hacker Group Targets Israeli High-Tech and Aerospace Professionals
A sophisticated cyber intimidation campaign by the Handala hacker group has targeted Israeli high-tech and aerospace professionals, publishing their personal information alongside aggressive, misleading descriptions…
Apache SkyWalking Flaw Allows Attackers to Launch XSS Attacks
A recently discovered vulnerability in Apache SkyWalking, a popular application performance monitoring tool, could allow attackers to execute malicious scripts and launch cross-site scripting (XSS)…
OpenAI Reveals Mixpanel Data Breach Exposing User Details
OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring usage…
INE Expands Cross-Skilling Innovations
Cary, North Carolina, USA, November 26th, 2025, CyberNewsWire New courses, certifications, and hands-on training strengthen workforce readiness. INE, the leading provider of hands-on IT and…
New Malware-as-a-Service ‘Olymp Loader’ Emerges on Hacker Forums With Advanced Anti-Analysis Features
Olymp Loader has emerged as a sophisticated Malware-as-a-Service (MaaS) platform since its public debut in June 2025, quickly establishing itself as a notable threat across…
Developers Are Exposing Passwords and API Keys Through Online Code Tools
Security researchers at watchTowr Labs uncovered a massive leak of sensitive credentials after scanning popular online JSON formatting tools. Developers and administrators have been pasting…