New npm Malware Steals Browser Passwords via Steganographic QR Code
A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and…
Category: GBHackers
Hackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious Content
Leveraging a native IIS module named BadIIS, attackers manipulated search engine crawler traffic to poison search results and redirect legitimate users to scam or adult-oriented…
U.S. Secret Service Shuts Down 300 SIM Servers and 100K SIM Cards Disabling Cell Towers
The U.S. Secret Service has dismantled a sophisticated network of electronic devices scattered across the New York tri-state area. These devices posed an imminent threat…
Threat Actors Breach Enterprise Infrastructure Within 18 Minutes of Initial Access
Attackers are accelerating their foothold in corporate networks: over the past three months (June 1 to August 31, 2025), the average time from initial breach…
2/3 of Organizations Fear Identity Attacks, But Blind Spots Remain
Austin, Texas, USA, September 23rd, 2025, CyberNewsWire New SpyCloud 2025 Identity Threat Report reveals dangerous disconnect between perceived security readiness and operational reality. SpyCloud, the…
Microsoft Publishes Guide for Certificate-Based Authentication in Windows Admin Center
Microsoft has released comprehensive guidance for implementing certificate-based authentication in Windows Admin Center (WAC), providing administrators with enhanced security through smart card integration and Active…
Zloader Malware Used as Gateway for Ransomware Deployment in Corporate Networks
Zloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused purpose to become a dangerous…
Beware of Fake Online Speedtest Apps with Hidden JavaScript Code
These fake online speedtest applications prey on users seeking to measure their internet performance, yet they harbor hidden payloads that compromise system integrity and privacy.…
Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground for…
GitHub Introduces npm Security with Stronger Authentication and Trusted Publishing
Open source software powers much of today’s technology, enabling developers around the world to build and share tools, libraries, and applications. However, the same openness…
Massive 22.2 Tbps DDoS Attack Sets New World Record
Cloudflare announced today that it has successfully mitigated the largest distributed denial-of-service (DDoS) attack ever recorded. The hyper-volumetric assault peaked at a staggering 22.2 terabits…
European Airport Operations Disrupted by Ransomware
Passengers across Europe are facing another day of flight delays after a cyber-attack struck the company behind the check-in and boarding software used at many…