Coordinated Cyberattacks Seek to Cripple Critical Infrastructure
A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past…
Category: GBHackers
North Korean Chollima Actors Added BeaverTail and OtterCookie to its Arsenal
Famous Chollima, a DPRK-aligned threat group, has evolved its arsenal, with BeaverTail and OtterCookie increasingly merging functionalities to steal credentials and cryptocurrency via deceptive job…
Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files
In the latter half of 2025, the Qilin ransomware group has solidified its standing as a formidable threat, continuing to post details of more than…
Critical CoPhish Exploit Uses Copilot Studio to Hijack OAuth Tokens
Security researchers at Datadog have uncovered a sophisticated phishing technique that weaponizes Microsoft Copilot Studio to conduct OAuth token theft attacks. Dubbed “CoPhish,” this attack…
Microsoft Adds Wi-Fi-Based Work Location Auto-Detection to Teams
Microsoft is preparing to introduce a groundbreaking feature in Teams that will revolutionise how hybrid workers manage their presence information. The new capability will automatically…
WhatsApp 0-Click Exploit Disclosed to Meta at Pwn2Own Security Event
Cybersecurity researchers from Team Z3 have withdrawn their planned demonstration of a zero-click remote code execution vulnerability in WhatsApp at the Pwn2Own Ireland 2025 hacking…
706,000+ BIND 9 DNS Resolvers Exposed to Cache Poisoning
A critical vulnerability affecting more than 706,000 BIND 9 DNS resolvers worldwide has been disclosed with proof-of-concept exploit code now publicly available. The security flaw…
Hackers Use ClickFix Technique to Deploy NetSupport RAT Loaders
Cybercriminals are increasingly using a technique known as “ClickFix” to deploy the NetSupport remote administration tool (RAT) for malicious purposes. According to a new report…
Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild
Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing unauthenticated attackers to install malicious…
CISA Beware! Hackers Are Actively Exploiting Windows Server Update Services RCE Flaw in the Wild
Cybersecurity researchers are sounding the alarm after discovering that hackers are actively exploiting a critical remote code execution (RCE) vulnerability in Microsoft’s Windows Server Update…
New RedTiger Tool Targets Gamers and Discord Accounts in the Wild
Gamers face a growing threat from cybercriminals exploiting popular gaming and communication platforms. A dangerous infostealer called RedTiger is now actively circulating in the wild,…
Google Warns of Cybercriminals Using Fake Job Postings to Spread Malware and Steal Credentials
Google’s Threat Intelligence Group (GTIG) has uncovered a sophisticated social engineering campaign orchestrated by financially motivated threat actors based in Vietnam. The ultimate objective is…