FreePBX SQL Injection Vulnerability Leads to Database Tampering
A critical SQL injection vulnerability in FreePBX, designated as CVE-2025-57819, has been actively exploited by attackers to modify the database and achieve arbitrary code execution on…
Category: GBHackers
Crimson Collective Exploits AWS Services to Steal Sensitive Data
A newly identified threat group called Crimson Collective has emerged as a significant security concern for organizations using Amazon Web Services (AWS), employing sophisticated techniques to steal…
BK Technologies Data Breach, IT Systems Compromised, Data Stolen
BK Technologies Corporation, a Florida-based communications equipment manufacturer, disclosed a significant cybersecurity incident that compromised its IT systems and potentially exposed employee data. The company…
“Mic-E-Mouse” Attack Lets Hackers Steal Sensitive Data via Mouse Sensors
A groundbreaking cybersecurity vulnerability has been discovered that transforms everyday computer mice into sophisticated eavesdropping tools. Researchers have developed the “Mic-E-Mouse” attack, which exploits high-performance…
Why Cross-Training in Networking and Cybersecurity Matters
Raleigh, United States, October 7th, 2025, CyberNewsWire Report Shows Cross-Training as Strategic Solution to Operational Friction Between Networking and Cybersecurity Teams INE Security, a leading…
Cavalry Werewolf APT Targets Russian Organizations Using FoalShell and Telegram C2
Cavalry Werewolf, a Russian-focused advanced persistent threat (APT) cluster, has intensified its offensive operations by experimenting with new malware variants and leveraging Telegram-based command-and-control (C2).…
CISA Alerts on Oracle E-Business Suite 0-Day Actively Exploited for Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical zero-day vulnerability in Oracle E-Business Suite that cybercriminals are actively…
Kibana CrowdStrike Connector Flaw Exposes Sensitive Credentials
A security issue in the Kibana CrowdStrike Connector allows attackers to access stored CrowdStrike credentials. The flaw affects multiple versions of Kibana and can expose…
Red Hat Breach Impacts 5,000+ High-Value Enterprise Customers, Data at Risk
An extortion group calling itself Crimson Collective claimed responsibility for a major breach at Red Hat Consulting. With only 22 followers on Telegram at the…
CrowdStrike Alerts on Oracle E-Business Suite 0-Day Under Mass Exploitation
A novel zero-day vulnerability in Oracle E-Business Suite (CVE-2025-61882) is being actively exploited in a large-scale data exfiltration campaign, with CrowdStrike Intelligence attributing primary involvement…
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day
The notorious Cl0p ransomware group has been actively exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign…
Hackers Exploit Legitimate Commands to Breach Databases
In recent years, adversaries have abandoned traditional malware in favor of “living-off-the-land” operations against cloud and SaaS environments. Rather than deploying custom ransomware binaries, many…