How SafeLine WAF Turns Hackers’ Scanners into Trash
When web application protection is no longer a million-dollar luxury, and when every developer can build their own security perimeter with just a few clicks—that…
Category: GBHackers
Cisco IMC Virtual Keyboard Vulnerability Allows Attackers to Redirect Users to Malicious Websites
Cisco has released urgent security updates to remediate a high-severity vulnerability in its Integrated Management Controller (IMC) virtual keyboard video monitor (vKVM) module that could…
Cisco UCS Manager Software Flaw Allows Attackers to Inject Malicious Commands
Cisco has released urgent security updates to remediate two medium-severity command injection vulnerabilities in its UCS Manager Software that could allow authenticated administrators to execute…
Threat Actors Exploit Velociraptor Incident Response Tool for Remote Access
Researchers from the Counter Threat Unit (CTU) at Sophos uncovered a sophisticated intrusion where threat actors repurposed the legitimate open-source Velociraptor digital forensics and incident…
Electronics Manufacturer Data I/O Suffers Ransomware Breach
Data I/O Corporation, a well-known electronics firm that specializes in device programming and security provisioning solutions, revealed a ransomware attack that penetrated its internal IT…
Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers
The notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix technique to penetrate Windows 11…
ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations
Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has…
U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung…
New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios
Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-depth analysis by cybersecurity company…
Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks
Cisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches that could allow attackers to…
Using dMSAs for Credential Theft and Lateral Movement in AD
Akamai researchers evaluated Microsoft’s patch for the BadSuccessor vulnerability (CVE-2025-53779) to determine its scope and limitations. While the update effectively blocks the original direct escalation…
CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability…