Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more…
Category: GBHackers
OpenSSL Conference 2025: Just 21 Days Until It Begins – GBHackers Security
Newark, New Jersey, United States, September 16th, 2025, CyberNewsWire The OpenSSL Conference 2025 will take place on October 7 – 9 in Prague. The program will bring…
700K Customer Records Accessed by Ex-Employee
A major data breach at American First Finance, LLC has exposed sensitive information for nearly 700,000 customers. The breach, which occurred on May 31, 2024,…
CrowdStrike npm Packages Hit by Supply Chain Attack
A new supply chain attack has compromised multiple npm packages maintained by the crowdstrike-publisher account, marking a worrying continuation of the so-called “Shai-Halud attack.” Developers…
Las Vegas, United States, September 16th, 2025, CyberNewsWire
Seraphic today announced at Fal.Con 2025 that its Secure Enterprise Browser (SEB) solution is now available for purchase in the CrowdStrike Marketplace, a one-stop destination…
APT28 Exploits Signal Messenger to Deploy eardShell and Covenant Malware
Sekoia.io’s Threat Detection and Response (TDR) team has uncovered a sophisticated campaign by APT28 that weaponizes Signal Messenger to deploy two previously undocumented malware families—BeardShell…
LG WebOS TV Vulnerability Enables Full Device Takeover by Bypassing Authentication
A security vulnerability has been discovered in LG WebOS TV systems that allows attackers to gain complete control over affected devices by bypassing authentication mechanisms.…
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against…
The Hidden Risks of Backdoor Injections
AI code assistants integrated into IDEs, like GitHub Copilot, offer powerful chat, auto-completion, and test-generation features. However, threat actors and careless users can exploit these…
New Persistence Technique Attackers Use to Hide in AWS Cloud Environments
As more companies move their critical systems and data to Amazon Web Services (AWS), attackers are finding new ways to stay hidden inside cloud environments.…
WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login
A critical vulnerability in the Case Theme User plugin for WordPress allows unauthenticated attackers to hijack any account on vulnerable sites, including administrative accounts, by…
Threat Actors Exploit MCP Servers to Steal Sensitive Data
Unvetted Model Context Protocol (MCP) servers introduce a stealthy supply chain attack vector, enabling adversaries to harvest credentials, configuration files, and other secrets without deploying…