LLM-Powered MalTerminal Malware Uses OpenAI GPT-4 to Create Ransomware Code
LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than embedded in code. Our research…
Category: GBHackers
Gladinet CentreStack and Triofox 0-Day Flaw Under Active Attack
Gladinet CentreStack and Triofox have come under active attack as threat actors exploit an unauthenticated local file inclusion flaw (CVE-2025-11371). The flaw lets attackers read…
RondoDox Botnet Targets Over 50 Vulnerabilities to Compromise Routers, CCTV Systems, and Web Servers
The RondoDox campaign’s “exploit shotgun” method leverages over 50 vulnerabilities across more than 30 vendors to infiltrate network devices, highlighting the urgent need for rapid…
ClayRat Android Malware Masquerades as WhatsApp & Google Photos
ClayRat, a rapidly evolving Android spyware campaign, has surged in activity over the past three months, with zLabs researchers observing more than 600 unique samples…
Snake Keylogger Uses Weaponized Emails and PowerShell to Steal Sensitive Data
A newly observed information‐stealing campaign is deploying a stealthy variant of the SnakeKeylogger malware via weaponized e-mails that masquerade as legitimate remittance advice from CPA…
Authorities Dismantle BreachForums’ Reemerged Clearnet Marketplace
In a coordinated effort, international law enforcement agencies seized the clearnet domain breachforums[.]hn, shutting down yet another incarnation of the notorious cybercrime marketplace BreachForums. The…
Google Issues Alert on CL0P Ransomware Actively Exploiting Oracle E-Business Suite Zero-Day
Organizations using Oracle E-Business Suite must apply the October 4 emergency patches immediately to mitigate active, in-the-wild exploitation by CL0P extortion actors and hunt for…
Credit Card Payment Terminal Exploited for Remote Access
A security researcher has uncovered a significant vulnerability in a widely used payment terminal that could enable attackers to gain full control of the device…
7-Zip Vulnerabilities Allowing Remote Code Execution
Two critical vulnerabilities in 7-Zip’s handling of ZIP archives have emerged, enabling remote attackers to execute arbitrary code by exploiting directory traversal flaws. Both issues…
Threat Actors Exploit DFIR Tool Velociraptor in Ransomware Attacks
Cisco Talos has confirmed that ransomware operators are now leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool, to gain stealthy, persistent access…
Lightship Security and OpenSSL Submit Version 3.5.4 for FIPS 140-3 Validation
Newark, United States, October 9th, 2025, CyberNewsWire Lightship Security, an Applus+ Laboratories company and accredited cryptographic security test laboratory, and the OpenSSL Corporation, the co-maintainer…
SquareX Reveals AI Browsers Vulnerable to OAuth Attacks and Malware Threats
Palo Alto, California, October 9th, 2025, CyberNewsWire As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that…