PoC Released for Nothing Phone Code-Execution Vulnerability
A proof-of-concept exploit has been published for a critical flaw in the secure boot process of the Nothing Phone (2a) and CMF Phone 1. This…
Category: GBHackers
VirusTotal Introduces Simplified Platform Access and New Contributor Model
VirusTotal, the collaborative malware analysis platform, has announced a major update to simplify access and reward contributors. The changes aim to make the platform easier…
PoC Released for Linux Kernel ksmbd Filesystem Vulnerability
Security researcher Norbert Szetei published the final installment of his deep-dive into the ksmbd filesystem module, culminating in a working proof-of-concept exploit targeting CVE-2025-37947. Unlike…
Hackers Targeting WordPress Plugin Vulnerability to Seize Admin Access
A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began…
Polymorphic Python Malware That Mutates Every Time It Runs
A newly spotted Python remote access trojan (RAT) on VirusTotal employs advanced polymorphic and self-modifying techniques, allowing it to alter its code signature on every…
Hackers Enhance ClickFix Attack Using Cache Smuggling to Stealthily Download Malicious Files
Cybersecurity researchers have discovered a sophisticated evolution of the ClickFix attack technique that leverages browser cache smuggling to covertly place malicious files on target systems…
GitLab Releases Security Update to Patch Multiple DoS-Enabling Vulnerabilities
GitLab has issued a critical security update to address several denial-of-service (DoS) vulnerabilities affecting both Community Edition (CE) and Enterprise Edition (EE). Self-managed installations should…
Discord Data Breach Exposes 1.5 TB of Data and 2 Million Government ID Photos
The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data…
Data-Leak Sites Surge to Record Levels Amid Scattered Spider RaaS and LockBit 5.0 Rise
Ransomware threats reached a tipping point in Q3 2025 as data-leak sites surged to a record 81 active platforms, driven by major developments across the…
Chinese Hackers Weaponize Nezha Tool to Run Commands on Web Servers
Security researchers have uncovered a sophisticated cyberattack campaign where Chinese threat actors are exploiting web applications using an innovative log poisoning technique to deploy web…
CrowdStrike Falcon Windows Sensor Flaw Could Let Attackers Execute Code and Delete Files
CrowdStrike has disclosed two critical vulnerabilities affecting its Falcon sensor for Windows that could enable attackers to delete arbitrary files and potentially compromise system stability.…
Miggo Security Named a Gartner® Cool Vendor in AI Security
Tel Aviv, Israel, October 8th, 2025, CyberNewsWire Miggo Security, pioneer and innovator in Application Detection & Response (ADR) and AI Runtime Defense, today announced it…