Insight Partners Confirms Data Breach Exposing Users’ Personal Data
Insight Partners, a global venture capital and private equity firm, has officially confirmed a significant data breach that exposed personal information of individuals connected to…
Category: GBHackers
Splunk Publishes Guide to Spot Remote Work Fraud in Organizations
Splunk today unveiled a comprehensive guide designed to empower security teams to detect Remote Employment Fraud (REF) during the critical onboarding phase—when imposters have already…
PureVPN Vulnerability Reveals IPv6 Address While Reconnecting to Wi-Fi
A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections that…
Warlock Ransomware Deployed via Compromised GOLD SALEM Networks and Bypassed Security Solutions
Counter Threat Unit (CTU) researchers are tracking a sophisticated threat actor known as Warlock Group, which CTU designates as GOLD SALEM. Since March 2025, the…
200+ Fake News Sites Target US, Canada, and France
The Russian covert influence network known as CopyCop has significantly expanded its disinformation operations, creating over 200 new fake websites since March 2025 to target…
TP-Link Router Zero-Day Lets Attackers Execute Code by Bypassing ASLR
Researchers have uncovered a zero-day vulnerability in TP-Link routers that allows attackers to bypass Address Space Layout Randomization (ASLR) and execute arbitrary code remotely. Tracked…
Critical WatchGuard Vulnerability Lets Unauthenticated Attackers Run Arbitrary Code
WatchGuard released an advisory detailing a critical vulnerability in its Firebox line of network security appliances. Tracked as CVE-2025-9242, the flaw resides in the iked…
Malicious Typosquatted PyPI Packages Spreading SilentSync RAT
On August 4, 2025, Zscaler ThreatLabz uncovered two malicious Python packages—sisaws and secmeasure—that deliver SilentSync, a Python-based remote access trojan (RAT), to unsuspecting developers. Both…
Hackers Abuse RTL/LTR Text Tricks and Browser Flaws to Mask Malicious Links
Cybersecurity researchers at Varonis Threat Labs have uncovered a persistent vulnerability that has remained unaddressed for over a decade, allowing attackers to exploit browser handling…
Google Chrome 0-Day Under Active Attack – Update Immediately
Google has released an urgent security update for Chrome browser users worldwide, addressing four critical vulnerabilities, including one zero-day exploit that is currently being actively…
Google Play Flooded With 224 Malicious Apps, 38 Million Downloads Deliver Malware
A global ad fraud and click fraud operation, dubbed SlopAds, comprising 224 Android apps that collectively amassed more than 38 million downloads across 228 countries…
New Magecart Attack Injects Malicious JavaScript to Steal Payment Data
A new Magecart-style campaign has emerged that leverages malicious JavaScript injections to skim payment data from online checkout forms. The threat surfaced after security researcher…