Severe WSO2 SOAP Flaw Allows Unauthorized Password Resets for Any Use
A newly disclosed vulnerability, CVE-2024-6914, has shocked the enterprise software community, affecting a wide range of WSO2 products. The flaw,...
Read more →Category: GBHackers
Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application for managing crypto assets via...
Read more →
Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier....
Read more →
Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000
A threat actor known as #LongNight has reportedly put up for sale remote code execution (RCE) access to Burger King...
Read more →
Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt DNS infrastructure, manipulate Non-Human Identity...
Read more →
Researchers Uncover Infrastructure and TTPs Behind ALCATRAZ Malware
Elastic Security Labs has recently exposed a sophisticated new malware family dubbed DOUBLELOADER, observed in conjunction with the RHADAMANTHYS infostealer....
Read more →
GitLab Duo Vulnerability Exploited to Inject Malicious Links and Steal Source Code
A security vulnerability was recently discovered in GitLab Duo, the AI-powered coding assistant integrated into GitLab and based on Anthropic’s...
Read more →
New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data
A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently...
Read more →
EU Targets Stark Industries in Cyberattack Sanctions Crackdown
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing new restrictive measures against 21...
Read more →
GenAI Assistant DIANNA Uncovers New Obfuscated Malware
Deep Instinct’s GenAI-powered assistant, DIANNA, has identified a sophisticated new malware strain dubbed BypassERWDirectSyscallShellcodeLoader. This malware, reportedly crafted with the...
Read more →
Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as an “uncensored” and “private” alternative...
Read more →
Hackers Expose 184 Million User Passwords via Open Directory
A major cybersecurity incident has come to light after researcher Jeremiah Fowler discovered a publicly accessible database containing 184,162,718 unique...
Read more →