Category: GBHackers

New Phishing Scam Aims at PyPI Maintainers to Steal Login Information
25
Sep
2025

New Phishing Scam Aims at PyPI Maintainers to Steal Login Information

A fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI…

Share: X : New Phishing Scam Aims at PyPI Maintainers to Steal Login InformationFacebook : New Phishing Scam Aims at PyPI Maintainers to Steal Login InformationLinkedin : New Phishing Scam Aims at PyPI Maintainers to Steal Login InformationReddit : New Phishing Scam Aims at PyPI Maintainers to Steal Login InformationTelegram : New Phishing Scam Aims at PyPI Maintainers to Steal Login InformationWhatsApp : New Phishing Scam Aims at PyPI Maintainers to Steal Login InformationEmail : New Phishing Scam Aims at PyPI Maintainers to Steal Login Information
SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack Setups
25
Sep
2025

SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack Setups

Security researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in…

Share: X : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsFacebook : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsLinkedin : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsReddit : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsTelegram : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsWhatsApp : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack SetupsEmail : SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack Setups
Malware Deployment via Copyright Takedown Claims by Threat Actors
25
Sep
2025

Malware Deployment via Copyright Takedown Claims by Threat Actors

Threat actors from the Lone None group are exploiting copyright takedown notices to distribute sophisticated malware, including Pure Logs Stealer…

Share: X : Malware Deployment via Copyright Takedown Claims by Threat ActorsFacebook : Malware Deployment via Copyright Takedown Claims by Threat ActorsLinkedin : Malware Deployment via Copyright Takedown Claims by Threat ActorsReddit : Malware Deployment via Copyright Takedown Claims by Threat ActorsTelegram : Malware Deployment via Copyright Takedown Claims by Threat ActorsWhatsApp : Malware Deployment via Copyright Takedown Claims by Threat ActorsEmail : Malware Deployment via Copyright Takedown Claims by Threat Actors
Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access
25
Sep
2025

Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access

Attackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even…

Share: X : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessFacebook : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessLinkedin : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessReddit : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessTelegram : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessWhatsApp : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin AccessEmail : Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access
Hackers Exploit Hikvision Camera Flaw to Steal Sensitive Data
25
Sep
2025

Hackers Exploit Hikvision Camera Flaw to Steal Sensitive Data

Security researchers have observed renewed exploit campaigns targeting an eight-year-old backdoor in Hikvision cameras to harvest configuration files, user lists,…

Share: X : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive DataFacebook : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive DataLinkedin : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive DataReddit : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive DataTelegram : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive DataWhatsApp : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive DataEmail : Hackers Exploit Hikvision Camera Flaw to Steal Sensitive Data
BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign
25
Sep
2025

BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign

Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked…

Share: X : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignFacebook : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignLinkedin : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignReddit : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignTelegram : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignWhatsApp : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New CampaignEmail : BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign
Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code
25
Sep
2025

Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code

A critical vulnerability in the Linux Kernel’s ksmbd file sharing component allows remote attackers to execute code with kernel privileges….

Share: X : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeFacebook : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeLinkedin : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeReddit : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeTelegram : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeWhatsApp : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary CodeEmail : Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code
NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access
25
Sep
2025

NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access

A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by…

Share: X : NVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessFacebook : NVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessLinkedin : NVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessReddit : NVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessTelegram : NVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessWhatsApp : NVIDIA Merlin Flaw Enables Remote Code Execution with Root AccessEmail : NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access
Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification
24
Sep
2025

Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification

In January 2025, Supermicro released patches addressing critical vulnerabilities in its Baseboard Management Controller (BMC) firmware validation logic. Despite these…

Share: X : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationFacebook : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationLinkedin : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationReddit : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationTelegram : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationWhatsApp : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature VerificationEmail : Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification
Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension Loads
24
Sep
2025

Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension Loads

A new study has uncovered a method for silently installing custom extensions on Chromium-based browsers running in Windows domain environments….

Share: X : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsFacebook : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsLinkedin : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsReddit : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsTelegram : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsWhatsApp : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension LoadsEmail : Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension Loads
GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More
24
Sep
2025

GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More

A large-scale campaign targeting Mac users is leveraging fake GitHub pages to distribute information-stealing malware disguised as popular legitimate applications….

Share: X : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreFacebook : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreLinkedin : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreReddit : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreTelegram : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreWhatsApp : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and MoreEmail : GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More
Multiple Apps on Google's Firebase Platform Exposing Sensitive Data
24
Sep
2025

Multiple Apps on Google’s Firebase Platform Exposing Sensitive Data

A comprehensive security analysis has revealed a widespread vulnerability affecting Firebase-powered mobile applications, with over 150 popular apps inadvertently exposing…

Share: X : Multiple Apps on Google’s Firebase Platform Exposing Sensitive DataFacebook : Multiple Apps on Google’s Firebase Platform Exposing Sensitive DataLinkedin : Multiple Apps on Google’s Firebase Platform Exposing Sensitive DataReddit : Multiple Apps on Google’s Firebase Platform Exposing Sensitive DataTelegram : Multiple Apps on Google’s Firebase Platform Exposing Sensitive DataWhatsApp : Multiple Apps on Google’s Firebase Platform Exposing Sensitive DataEmail : Multiple Apps on Google’s Firebase Platform Exposing Sensitive Data