TA406 Hackers Target Government Entities to Steal Login Credentials
The North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni, has set its sights on Ukrainian...
Read more →Category: GBHackers
Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware
A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by threat actors deploying Horabot malware, predominantly...
Read more →
New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution
Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in Photoshop 2024 and 2025 that could...
Read more →
Researchers Unveil New Mechanism to Track Compartmentalized Cyber Threats
Cisco Talos, in collaboration with The Vertex Project, has introduced an innovative approach to tackle the rising complexity of compartmentalized...
Read more →
Critical Vulnerability in Windows Remote Desktop Gateway Allows Denial-of-Service Attacks.
Microsoft has disclosed two critical vulnerabilities in its Remote Desktop Gateway (RDG) service, posing significant risks to organizational networks. CVE-2025-26677...
Read more →
Critical Samsung MagicINFO 9 Server Flaw Allows Arbitrary File Writes
Samsung’s SmartTV and digital signage ecosystem faces renewed cybersecurity scrutiny following the disclosure of a critical path traversal vulnerability (CVE-2025-4632)...
Read more →
Windows CLFS Zero-Day Vulnerability Actively Exploited in the Wild
Microsoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being...
Read more →
Microsoft Alerts on AD CS Flaw Enabling Remote Denial-of-Service Attacks
Microsoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as...
Read more →
Weaponized PyPI Package Targets Developers to Steal Source Code
Security researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on...
Read more →
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
EclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide....
Read more →
Researchers Unveil New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse
A group of cybersecurity specialists from Hunters, working under the prestigious Team Axon, have presented sophisticated threat-hunting techniques in a...
Read more →
Windows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin Access.
Microsoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock, tracked...
Read more →