North Korean Hackers’ Secret Linux Malware Surfaces Online
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit tactics, compromised system details, and…
Category: GBHackers
Workday Data Breach Exposes HR Records via Third-Party CRM Hack
Enterprise software giant Workday has disclosed a security incident involving unauthorized access to employee information through a compromised third-party customer relationship management (CRM) platform. The…
How LLMs Revive Classic Cyber Threats
In an era where users rely on vigilance against shady websites and file hashing via platforms like VirusTotal, a new wave of trojan horses is…
Scammers Target Back-to-School Deals, Diverting Shoppers to Fraud Sites
As the back-to-school season intensifies, cybercriminals are exploiting the heightened online shopping activity by deploying sophisticated scams aimed at siphoning funds and personal data from…
Hundreds of TeslaMate Servers Expose Real-Time Vehicle Data
A security researcher has discovered that hundreds of self-hosted TeslaMate servers are exposing sensitive Tesla vehicle data to the public internet without any authentication, revealing…
Rockwell ControlLogix Ethernet Vulnerability Exposes Systems to Remote Code Execution
A critical vulnerability in Rockwell Automation’s ControlLogix Ethernet modules has been discovered that could allow remote attackers to execute malicious code on industrial control systems.…
Critical PostgreSQL Flaws Allow Code Injection During Restoration
The PostgreSQL Global Development Group released emergency security updates on August 14, 2025, addressing three critical vulnerabilities that enable code injection attacks during database restoration…
Elastic EDR 0-Day Flaw Lets Hackers Evade Detection, Run Malware, and Trigger BSOD
AshES Cybersecurity has disclosed a severe zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) software that transforms the security tool into a weapon against…
PoC Released for Fortinet FortiSIEM Command Injection Flaw
Security researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise enterprise security monitoring systems without…
Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages
A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to…
Chinese Hackers Exploit Web Hosting Infrastructure for Cyberattacks
Cisco Talos researchers have uncovered a sophisticated Chinese-speaking advanced persistent threat (APT) group, designated UAT-7237, that has been actively targeting web hosting infrastructure in Taiwan…
Cisco IOS, IOS XE, and Secure Firewall Flaws Allow Remote DoS Attacks
Cisco Systems has issued a high-priority security advisory addressing multiple critical vulnerabilities in the Internet Key Exchange Version 2 (IKEv2) feature across its networking and…