Category: GBHackers

Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
12
Sep
2025

Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts

In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted…

Share: X : Sidewinder Hackers Exploit LNK Files to Deploy Malicious ScriptsFacebook : Sidewinder Hackers Exploit LNK Files to Deploy Malicious ScriptsLinkedin : Sidewinder Hackers Exploit LNK Files to Deploy Malicious ScriptsReddit : Sidewinder Hackers Exploit LNK Files to Deploy Malicious ScriptsTelegram : Sidewinder Hackers Exploit LNK Files to Deploy Malicious ScriptsWhatsApp : Sidewinder Hackers Exploit LNK Files to Deploy Malicious ScriptsEmail : Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
Microsoft to Deprecate VBScript in Windows, Urges Developers to Update Projects
12
Sep
2025

Microsoft to Deprecate VBScript in Windows, Urges Developers to Update Projects

Microsoft announced the phased deprecation of VBScript in Windows, significantly impacting VBA developers who rely on VBScript libraries for regular…

Share: X : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update ProjectsFacebook : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update ProjectsLinkedin : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update ProjectsReddit : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update ProjectsTelegram : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update ProjectsWhatsApp : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update ProjectsEmail : Microsoft to Deprecate VBScript in Windows, Urges Developers to Update Projects
LAPSUS$ Hunters 4.0 Announce Permanent Shutdown
12
Sep
2025

LAPSUS$ Hunters 4.0 Announce Permanent Shutdown

In a startling development on September 8, the Telegram channel “scattered LAPSUS$ hunters 4.0” declared its intention to “go dark”…

Share: X : LAPSUS$ Hunters 4.0 Announce Permanent ShutdownFacebook : LAPSUS$ Hunters 4.0 Announce Permanent ShutdownLinkedin : LAPSUS$ Hunters 4.0 Announce Permanent ShutdownReddit : LAPSUS$ Hunters 4.0 Announce Permanent ShutdownTelegram : LAPSUS$ Hunters 4.0 Announce Permanent ShutdownWhatsApp : LAPSUS$ Hunters 4.0 Announce Permanent ShutdownEmail : LAPSUS$ Hunters 4.0 Announce Permanent Shutdown
New K2 Think AI Model Falls to Jailbreak in Record Time
12
Sep
2025

New K2 Think AI Model Falls to Jailbreak in Record Time

A groundbreaking vulnerability has emerged in the newly released K2 Think AI model from UAE’s Mohamed bin Zayed University of…

Share: X : New K2 Think AI Model Falls to Jailbreak in Record TimeFacebook : New K2 Think AI Model Falls to Jailbreak in Record TimeLinkedin : New K2 Think AI Model Falls to Jailbreak in Record TimeReddit : New K2 Think AI Model Falls to Jailbreak in Record TimeTelegram : New K2 Think AI Model Falls to Jailbreak in Record TimeWhatsApp : New K2 Think AI Model Falls to Jailbreak in Record TimeEmail : New K2 Think AI Model Falls to Jailbreak in Record Time
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
12
Sep
2025

New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence

The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service….

Share: X : New ToneShell Variant Uses Task Scheduler COM Service to Maintain PersistenceFacebook : New ToneShell Variant Uses Task Scheduler COM Service to Maintain PersistenceLinkedin : New ToneShell Variant Uses Task Scheduler COM Service to Maintain PersistenceReddit : New ToneShell Variant Uses Task Scheduler COM Service to Maintain PersistenceTelegram : New ToneShell Variant Uses Task Scheduler COM Service to Maintain PersistenceWhatsApp : New ToneShell Variant Uses Task Scheduler COM Service to Maintain PersistenceEmail : New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
Daikin Security Gateway Vulnerability Allows Unauthorized System Access
12
Sep
2025

Daikin Security Gateway Vulnerability Allows Unauthorized System Access

A critical security flaw in Daikin Security Gateway systems has been discovered that could enable attackers to bypass authentication and…

Share: X : Daikin Security Gateway Vulnerability Allows Unauthorized System AccessFacebook : Daikin Security Gateway Vulnerability Allows Unauthorized System AccessLinkedin : Daikin Security Gateway Vulnerability Allows Unauthorized System AccessReddit : Daikin Security Gateway Vulnerability Allows Unauthorized System AccessTelegram : Daikin Security Gateway Vulnerability Allows Unauthorized System AccessWhatsApp : Daikin Security Gateway Vulnerability Allows Unauthorized System AccessEmail : Daikin Security Gateway Vulnerability Allows Unauthorized System Access
Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed
12
Sep
2025

Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed

Cornwell Quality Tools, a leading automotive and industrial tool supplier, has confirmed a significant data breach that compromised the personal…

Share: X : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records ExposedFacebook : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records ExposedLinkedin : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records ExposedReddit : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records ExposedTelegram : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records ExposedWhatsApp : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records ExposedEmail : Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed
Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
11
Sep
2025

Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext

A newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems allows service account passwords to…

Share: X : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in CleartextFacebook : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in CleartextLinkedin : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in CleartextReddit : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in CleartextTelegram : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in CleartextWhatsApp : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in CleartextEmail : Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
Cyber Attack Exposes LNER Train Passengers' Personal Data
11
Sep
2025

Cyber Attack Exposes LNER Train Passengers’ Personal Data

London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details…

Share: X : Cyber Attack Exposes LNER Train Passengers’ Personal DataFacebook : Cyber Attack Exposes LNER Train Passengers’ Personal DataLinkedin : Cyber Attack Exposes LNER Train Passengers’ Personal DataReddit : Cyber Attack Exposes LNER Train Passengers’ Personal DataTelegram : Cyber Attack Exposes LNER Train Passengers’ Personal DataWhatsApp : Cyber Attack Exposes LNER Train Passengers’ Personal DataEmail : Cyber Attack Exposes LNER Train Passengers’ Personal Data
Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD
11
Sep
2025

Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD

A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This…

Share: X : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCDFacebook : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCDLinkedin : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCDReddit : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCDTelegram : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCDWhatsApp : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCDEmail : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD
CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block Updates
11
Sep
2025

CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block Updates

A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches for years, effectively blocking legitimate…

Share: X : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block UpdatesFacebook : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block UpdatesLinkedin : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block UpdatesReddit : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block UpdatesTelegram : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block UpdatesWhatsApp : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block UpdatesEmail : CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block Updates
Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks
11
Sep
2025

Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks

In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed…

Share: X : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record AttacksFacebook : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record AttacksLinkedin : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record AttacksReddit : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record AttacksTelegram : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record AttacksWhatsApp : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record AttacksEmail : Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks