New Tool Blocks Network Traffic to Bypass EDR and Antivirus
A newly released open-source tool called SilentButDeadly is raising security concerns by demonstrating how attackers can effectively turn off Endpoint Detection and Response systems and…
Category: GBHackers
Encryption Mechanics, Operational Model, and Data Exfiltration Methods
A newly identified ransomware group, Yurei, has emerged as a significant threat to organizations worldwide, with confirmed attacks targeting entities in Sri Lanka and Nigeria…
CISA Alerts on Critical Lynx+ Gateway Flaw Leaks Data in Cleartext
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device. Released on…
Inside the Criminal Networks Hijacking Payroll Systems
Cyber threats don’t always come with warning signs. Sometimes, they arrive as sponsored ads. Since mid-2023, a financially motivated network has been quietly hijacking payroll…
70 Million Devices Vulnerable Due to Logic Flaw Exposing Internal Networks
A critical logic flaw discovered in the widely used mPDF PHP library could expose internal networks and sensitive services on approximately 70 million devices worldwide.…
FortiWeb WAF Flaw Actively Exploited to Establish Admin Access and Seize Total Control
Fortinet has released urgent security updates to address a critical vulnerability in its FortiWeb Web Application Firewall (WAF) that is being actively exploited in the…
Hackers Weaponize XWiki Flaw to Build and Rent Out Botnet Networks
Cybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency…
New Detection Methods Uncovered for Outlook NotDoor Backdoor Malware
Cybersecurity researchers have unveiled comprehensive detection methodologies for NotDoor, a sophisticated backdoor malware that leverages Microsoft Outlook macros for covert command and control operations. The…
North Korean Hackers Breach 136 U.S. Companies, Earning $2.2 Million
The U.S. Justice Department has announced a significant crackdown on North Korean cybercrime operations, securing five guilty pleas and initiating civil forfeiture actions totaling over…
Iran-Linked SpearSpecter Campaign Leveraging Personalized Social Engineering Against High-Value Officials
Iranian threat actors aligned with the Islamic Revolutionary Guard Corps Intelligence Organization (IRGC-IO) are conducting a sophisticated espionage campaign tracked as SpearSpecter, systematically targeting high-value…
Critical RCE Flaws in AI Inference Engines Expose Meta, Nvidia, and Microsoft Frameworks
Security researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies.…
IBM AIX Flaw Allows Remote Attackers to Run Arbitrary Commands
IBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal…