GBHackers - Cybernoz - Cybersecurity News

Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers

28

Aug

2025

Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers

The notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix…

ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations

28

Aug

2025

ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations

Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at…

U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs

28

Aug

2025

U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich…

New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios

28

Aug

2025

New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios

Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent…

Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks

28

Aug

2025

Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks

Cisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches…

Using dMSAs for Credential Theft and Lateral Movement in AD

28

Aug

2025

Using dMSAs for Credential Theft and Lateral Movement in AD

Akamai researchers evaluated Microsoft’s patch for the BadSuccessor vulnerability (CVE-2025-53779) to determine its scope and limitations. While the update effectively…

CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild

28

Aug

2025

CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day…

New TamperedChef Attack Uses Weaponized PDF Editor to Steal Sensitive Data and Login Credentials

28

Aug

2025

New TamperedChef Attack Uses Weaponized PDF Editor to Steal Sensitive Data and Login Credentials

Cybersecurity researchers at Truesec have uncovered a sophisticated malware campaign distributing a weaponized PDF editor under the guise of “AppSuite…

New Research and PoC Reveal Security Risks in LLM-Based Coding

28

Aug

2025

New Research and PoC Reveal Security Risks in LLM-Based Coding

A recent investigation has uncovered that relying solely on large language models (LLMs) to generate application code can introduce critical…

CISA Releases Guide to Hunt and Mitigate Chinese State-Sponsored Threats

28

Aug

2025

CISA Releases Guide to Hunt and Mitigate Chinese State-Sponsored Threats

The Cybersecurity and Infrastructure Security Agency (CISA) unveiled a comprehensive Cybersecurity Advisory (CSA) designed to empower network defenders to detect,…

Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit

28

Aug

2025

Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit

A critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated…

Microsoft Teams Flaw Prevents Users From Accessing Embedded Office Files

28

Aug

2025

Microsoft Teams Flaw Prevents Users From Accessing Embedded Office Files

A widespread service disruption is currently affecting Microsoft Teams users across the globe, preventing access to embedded Office documents within the collaboration…

Search

Category: GBHackers

Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers

ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations

U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs

New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios

Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks

Using dMSAs for Credential Theft and Lateral Movement in AD

CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild

New TamperedChef Attack Uses Weaponized PDF Editor to Steal Sensitive Data and Login Credentials

New Research and PoC Reveal Security Risks in LLM-Based Coding

CISA Releases Guide to Hunt and Mitigate Chinese State-Sponsored Threats

Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit

Microsoft Teams Flaw Prevents Users From Accessing Embedded Office Files