Category: GBHackers

Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations
27
Aug
2025

Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations

The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber…

Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS
27
Aug
2025

Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS

Nagios has addressed a significant cross-site scripting (XSS) vulnerability in its enterprise monitoring platform Nagios XI that could allow remote…

NVIDIA NeMo AI Curator Vulnerability Allows Code Execution and Privilege Escalation
27
Aug
2025

NVIDIA NeMo AI Curator Vulnerability Allows Code Execution and Privilege Escalation

NVIDIA released a security bulletin for NVIDIA® NeMo Curator addressing a high-severity vulnerability (CVE-2025-23307) that affects all prior versions of…

Actors Attacking Government Entities With New Tactics, Techniques, and Procedures
27
Aug
2025

Actors Attacking Government Entities With New Tactics, Techniques, and Procedures

The threat actor known as TAG-144, also referred to as Blind Eagle or APT-C-36, has been linked to five distinct…

New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly
27
Aug
2025

New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly

Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero),…

Spotify Launches Direct Messaging Feature Amid Security Concerns
27
Aug
2025

Spotify Launches Direct Messaging Feature Amid Security Concerns

Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the…

CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits
27
Aug
2025

CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine…

Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims
27
Aug
2025

Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims

A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign…

IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection
27
Aug
2025

IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection

A critical vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi) allows authenticated administrators to inject persistent JavaScript code, leading to…

Hackers Abuse Compromised OAuth Tokens to Access and Steal Salesforce Corporate Data
27
Aug
2025

Hackers Abuse Compromised OAuth Tokens to Access and Steal Salesforce Corporate Data

Google Threat Intelligence Group (GTIG) has issued an advisory concerning a broad data theft operation targeting corporate Salesforce instances via…

Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution
27
Aug
2025

Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution

Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics…

Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE
27
Aug
2025

Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE

Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler…