Report Reveals Tool Overload Driving Fatigue and Missed Threats in MSPs
New Heimdal study reveals how tool sprawl creates blind spots, with over half of providers experiencing daily or weekly burnout. Survey of 80 North American…
Category: GBHackers
Erlang/OTP SSH RCE Vulnerability Actively Exploited to Target OT Networks
A severe vulnerability, designated CVE-2025-32433 with a CVSS score of 10.0, has been identified in the Secure Shell (SSH) daemon of the Erlang programming language’s…
UAC-0099 Tactics, Techniques, Procedures and Attack Methods Revealed
UAC-0099, a persistent threat actor active since at least 2022, has conducted sophisticated cyber-espionage operations against Ukrainian government, military, and defense entities, evolving its toolkit…
Meta’s New Feature Turns Instagram into a Real-Time Location Broadcaster
Meta has introduced a transformative update to Instagram, evolving the platform from a simple photo-sharing service into an always-on real-time location broadcaster via its new…
Linux Webcams Weaponized to Inject Keystrokes and Execute Attacks
Security researchers have uncovered a concerning vulnerability that transforms everyday USB webcams into covert attack tools capable of injecting malicious keystrokes and executing unauthorized commands…
Silent Watcher Targets Windows Systems, Steals Data via Discord Webhooks
K7 Labs investigated the Cmimai Stealer, a Visual Basic Script (VBS)-based infostealer that surfaced in June 2025 and uses PowerShell and native Windows scripting to…
Smart Bus System Flaw Allows Hackers to Remotely Track and Control Vehicles
A critical security vulnerability in smart bus systems has been discovered that enables hackers to remotely track vehicle locations and potentially take control of essential…
CastleLoader Malware Hits 400+ Devices via Cloudflare-Themed ClickFix Phishing Attack
CastleLoader, a sophisticated malware loader, has compromised over 400 devices since its debut in early 2025, with cybersecurity firm PRODAFT reporting 469 infections out of…
Legitimate System Functions Exploited to Steal Secrets in Shared Linux Setups
Security researcher Ionuț Cernica revealed how commonplace Linux utilities can be weaponized to siphon sensitive data in multi-tenant environments. His talk, “Silent Leaks: Harvesting Secrets…
Multiple Critical Flaws Hit Zero Trust Products from Check Point, Zscaler, and Netskope
Security researchers at AmberWolf have uncovered critical vulnerabilities in leading Zero Trust Network Access (ZTNA) solutions from major cybersecurity vendors, potentially exposing thousands of organizations…
Malware Campaign Masquerades as Tesla in Poisoned Google Ads
A malware operation has surfaced in the context of a complex cyber threat landscape, using tainted Google Ads to pose as Tesla and trick consumers…
Windows RPC Protocol Exploited to Launch Server Spoofing Attacks
A vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) protocol has been discovered that allows attackers to manipulate core system communications and launch sophisticated server…