Category: GBHackers

Ukrainian Hackers Ramp Up Brute-Force and Password-Spraying Attacks on VPN and RDP Systems
02
Sep
2025

Ukrainian Hackers Ramp Up Brute-Force and Password-Spraying Attacks on VPN and RDP Systems

In mid-2025, a coalition of Ukraine-based autonomous systems orchestrated unprecedented brute-force and password-spraying campaigns against exposed SSL VPN and Remote…

Hackers Can Hijack Your Chats
02
Sep
2025

Hackers Can Hijack Your Chats

Users of the popular messaging app WhatsApp are being targeted by a new, highly deceptive scam that grants attackers full…

Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps
02
Sep
2025

Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps

Exposing an ASP.NET Core appsettings.json file containing Azure Active Directory (Azure AD) credentials poses a critical attack vector, effectively handing adversaries…

HashiCorp Vault Vulnerability Allows Attackers to Crash Servers
02
Sep
2025

HashiCorp Vault Vulnerability Allows Attackers to Crash Servers

A critical vulnerability in HashiCorp Vault—tracked as CVE-2025-6203 and HCSEC-2025-24—has been disclosed that allows malicious actors to submit specially crafted…

Lazarus Hackers Exploit 0-Day to Deploy Three Remote Access Trojans
02
Sep
2025

Lazarus Hackers Exploit 0-Day to Deploy Three Remote Access Trojans

Over the past two years, Fox-IT and NCC Group have tracked a sophisticated Lazarus subgroup targeting financial and cryptocurrency firms….

Microsoft to Require Multi-Factor Authentication on Azure Portal Logins
02
Sep
2025

Microsoft to Require Multi-Factor Authentication on Azure Portal Logins

Microsoft announced that it will enforce mandatory multi-factor authentication (MFA) for all sign-in attempts to the Azure portal and other administrative interfaces….

New TinkyWinkey Trojan Targets Windows Systems With Sophisticated Keylogging
02
Sep
2025

New TinkyWinkey Trojan Targets Windows Systems With Sophisticated Keylogging

A sophisticated new keylogger malware dubbed “TinkyWinkey” that is targeting Windows systems with advanced stealth capabilities and comprehensive data exfiltration…

Critical Next.js Flaw Lets Attackers Bypass Authorization Controls
01
Sep
2025

Critical Next.js Flaw Lets Attackers Bypass Authorization Controls

A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers to bypass middleware-based authorization checks…

Phishing Campaign Exploits Ads to Breach Hotel Property Management Systems
01
Sep
2025

Phishing Campaign Exploits Ads to Breach Hotel Property Management Systems

A sophisticated malvertising campaign has emerged that specifically targets hoteliers and vacation rental operators by impersonating well-known service providers. Okta…

Google Web Designer Vulnerability Lets Hackers Take Over Client Systems
01
Sep
2025

Google Web Designer Vulnerability Lets Hackers Take Over Client Systems

A critical client-side remote code execution (RCE) vulnerability in Google Web Designer exposed Windows users to full system compromise, according…

Criminal IP Expands into European Cybersecurity Market through Partnership with DotForce
01
Sep
2025

Criminal IP Expands into European Cybersecurity Market through Partnership with DotForce

Criminal IP, the AI-powered threat intelligence and attack surface management (ASM) platform developed by AI SPERA, announced its official entry…

Microsoft Enforces MFA for Logging into Azure Portal
01
Sep
2025

Microsoft Enforces MFA for Logging into Azure Portal

In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for…