Colt Confirms Ransomware Attack Resulted in Customer Data Theft
Industrial technology company Colt has confirmed that a recent ransomware attack on its business support systems resulted in the theft of customer data, marking the…
Category: GBHackers
NIST Releases New Control Overlays to Manage Cybersecurity Risks in AI Systems
The National Institute of Standards and Technology (NIST) has unveiled a comprehensive initiative to address the growing cybersecurity challenges associated with artificial intelligence systems through…
14 Million-Download SHA JavaScript Library Exposes Users to Hash Manipulation Attacks
A critical security vulnerability has been discovered in the widely-used sha.js npm package, exposing millions of applications to sophisticated hash manipulation attacks that could compromise…
Windows Docker Desktop Vulnerability Allows Full Host Compromise
A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side…
ChatGPT-5 Downgrade Attack Allows Hackers to Evade AI Defenses With Minimal Prompts
Security researchers from Adversa AI have uncovered a critical vulnerability in ChatGPT-5 and other major AI systems that allows attackers to bypass safety measures using…
Threat Actors Exploiting Victims’ Machines for Bandwidth Monetization
Cybersecurity researchers have uncovered an ongoing campaign where threat actors exploit the critical CVE-2024-36401 vulnerability in GeoServer, a geospatial database, to remotely execute code and…
Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data
Quishing, a powerful form of phishing that uses malicious hyperlinks contained in QR codes to expose user credentials and sensitive data, has surfaced in the…
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
Researchers have discovered a complex campaign using trojanized software that uses authentic code-signing certificates to avoid detection and turn compromised machines into unintentional residential proxies,…
AI Website Generators Repurposed by Adversaries for Malware Campaigns
Adversaries are using AI-powered website builders to expedite the development of harmful infrastructure in a quickly changing threat landscape, hence reducing the entry barriers for…
Warlock Ransomware Exploits SharePoint Flaws for Initial Access and Credential Theft
The Warlock ransomware group has intensified its operations by targeting unpatched on-premises Microsoft SharePoint servers, leveraging critical vulnerabilities to achieve remote code execution and initial…
Threat Actors Abuse Internet Archive to Host Stealthy JScript Loader
An Malicious actors are using reliable internet resources, such as the Internet Archive, more frequently to disseminate clandestine malware components in a worrying increase in…
Paper Werewolf Exploits WinRAR Zero-Day Vulnerability to Deliver Malware
Cyber spies associated with the threat actor group Paper Werewolf have demonstrated advanced capabilities in bypassing email security filters by delivering malware through seemingly legitimate…