Electronics Manufacturer Data I/O Suffers Ransomware Breach
Data I/O Corporation, a well-known electronics firm that specializes in device programming and security provisioning solutions, revealed a ransomware attack that penetrated its internal IT…
Category: GBHackers
Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers
The notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix technique to penetrate Windows 11…
ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations
Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has…
U.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons Programs
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung…
New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios
Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-depth analysis by cybersecurity company…
Cisco Nexus 3000 & 9000 Vulnerability Enables DoS Attacks
Cisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches that could allow attackers to…
Using dMSAs for Credential Theft and Lateral Movement in AD
Akamai researchers evaluated Microsoft’s patch for the BadSuccessor vulnerability (CVE-2025-53779) to determine its scope and limitations. While the update effectively blocks the original direct escalation…
CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability…
New TamperedChef Attack Uses Weaponized PDF Editor to Steal Sensitive Data and Login Credentials
Cybersecurity researchers at Truesec have uncovered a sophisticated malware campaign distributing a weaponized PDF editor under the guise of “AppSuite PDF Editor.” This operation, which…
New Research and PoC Reveal Security Risks in LLM-Based Coding
A recent investigation has uncovered that relying solely on large language models (LLMs) to generate application code can introduce critical security vulnerabilities, according to a…
CISA Releases Guide to Hunt and Mitigate Chinese State-Sponsored Threats
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled a comprehensive Cybersecurity Advisory (CSA) designed to empower network defenders to detect, hunt, and mitigate the activities…
Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit
A critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited…