BlackSuit Ransomware Breaches Corporate Network Using Single Compromised VPN Credential
A major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN…
Category: GBHackers
CISA Alerts on Rapid7 Velociraptor Flaw Exploited in Ransomware Campaigns
The Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Rapid7 Velociraptor to its Known Exploited Vulnerabilities catalogue, warning that threat actors are…
TigerJack Hackers Target Developer Marketplaces with 11 Malicious VS Code Extensions
Sophisticated Threat Actor Compromises 17,000+ Developers Through Trojan Extensions That Steal Code and Mine Cryptocurrency. Operating since early 2025 under multiple publisher accounts (ab-498, 498,…
Chrome Use-After-Free Flaw Lets Attackers Execute Arbitrary Code
Google has released a critical security update for Chrome browser users after discovering a dangerous use-after-free vulnerability that could allow cybercriminals to execute malicious code…
Microsoft IIS Exploit Allows Unauthenticated Attackers to Run Arbitrary Code
A serious security flaw has been discovered in Microsoft’s Internet Information Services (IIS) that lets attackers run arbitrary code without logging in. The vulnerability affects…
Critical Veeam Backup RCE Flaws Allow Remote Execution of Malicious Code
Veeam has released an urgent security patch to address multiple critical remote code execution (RCE) vulnerabilities in Veeam Backup & Replication version 12. These flaws…
FortiPAM & FortiSwitch Manager Flaw Allows Attackers to Bypass Authentication
Fortinet has disclosed a critical security vulnerability affecting FortiPAM and FortiSwitchManager products that could enable attackers to bypass authentication mechanisms through brute-force attacks. The vulnerability,…
GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users
The GhostBat RAT campaign leverages diverse infection vectors—WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites—to distribute malicious Android droppers. Once installed, these droppers…
Hackers Exploit Windows Remote Access Connection Manager 0-Day in Ongoing Attacks
Microsoft has confirmed active exploitation of a critical zero-day vulnerability affecting the Windows Remote Access Connection Manager, designated as CVE-2025-59230. The security flaw, disclosed on…
UEFI Shell Flaws Let Hackers Disable Secure Boot on Over 200,000 Laptops
Security researchers have uncovered critical vulnerabilities in signed UEFI shells that allow attackers to completely bypass Secure Boot protections on approximately 200,000 Framework laptops and…
Chinese Hackers Use Geo-Mapping Tool for Year-Long Persistence
The China-backed advanced persistent threat group Flax Typhoon maintained year-long access to an ArcGIS system by turning trusted software into a persistent backdoor—an attack so…
End of Support for Windows 10 Sparks Security Fears Among Millions of Users
Microsoft officially ended support for Windows 10 on October 14, 2025, leaving millions of users worldwide facing critical security concerns. The decision marks the end…