IIS WebDeploy RCE Vulnerability Gets Public PoC
A newly disclosed remote code execution (RCE) vulnerability in Microsoft’s IIS Web Deploy toolchain has captured industry attention after the...
Read more →Category: GBHackers
Hackers Use Hexstrike-AI to Exploit Zero-Day Flaws in Just 10 Minutes
Within hours of its release, the newly unveiled framework Hexstrike-AI has emerged as a game-changer for cybercriminals, enabling them to scan, exploit...
Read more →
Devices Exploited for Instant DDoS Attacks
A newly uncovered variant of the notorious RapperBot malware is covertly commandeering internet-connected devices—particularly outdated network video recorders (NVRs)—and transforming...
Read more →
Cloudflare Confirms Data Breach – Customer Data Exposed via Salesforce Attack
Cloudflare has disclosed a significant data breach affecting customer information following a sophisticated supply chain attack targeting its Salesforce integration...
Read more →
Top 10 Best API Penetration Testing Companies In 2025
Best API Penetration Testing Companies Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of...
Read more →
Threat Hunting Guide Designed for SOC Analysts and MSSPs
Proactive threat hunting has become an essential discipline for Security Operations Center (SOC) analysts and Managed Security Service Providers (MSSPs)....
Read more →
Mapping the Web of Commercial Spyware: Targets and Attack Chains
A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs), exposing the methods...
Read more →
OneDrive Phishing Attack Targets Corporate Executives for Credential Theft
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document‐sharing notifications....
Read more →
Google Debunks Reports of Major Gmail Security Alert
Google has firmly rejected widespread reports suggesting it issued a global security alert to its 2.5 billion Gmail users, calling...
Read more →
ESPHome Vulnerability Allows Unauthorized Access to Smart Devices
A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to...
Read more →
Palo Alto Networks Confirms Data Breach via Compromised Salesforce Instances
Cybersecurity vendor Palo Alto Networks disclosed that its Salesforce environment was breached through a compromised Salesloft Drift integration, marking the...
Read more →
Massive 11.5 Tbps UDP Flood DDoS Attack Originated From Google Cloud
Cloudflare disclosed that its automated defenses intercepted and neutralized a record-shattering Distributed Denial-of-Service (DDoS) assault peaking at 11.5 terabits per...
Read more →