CISA Alerts on Git Arbitrary File Write Flaw Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical vulnerability in Git (CVE-2025-48384) that enables arbitrary file writes and…
Category: GBHackers
Google Introduces Enhanced Developer Verification for Play Store App Distribution
Google has announced that all Android apps installed on approved devices will soon need to be able to be traced back to a verified developer…
OneFlip Attack Backdoors AI Systems by Flipping a Single Bit in Neural Networks
CYFIRMA researchers have uncovered a campaign they have codenamed “OneFlip”, an operation that demonstrates how a single-bit modification inside a seemingly benign file can be…
PoC Exploit Published for Chrome 0-Day Already Under Active Attack
A proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid…
Weaponized PuTTY Delivered via Malicious Bing Ads Targets Kerberos and Active Directory services
Cybersecurity incidents increasingly exploit human vulnerabilities, including those of privileged users, as demonstrated in recent compromises involving trojanized versions of the PuTTY SSH client distributed…
Microsoft Launches Tool to Migrate VMware VMs From vCenter to Hyper-V
Microsoft today announced the public preview of a new VM Conversion extension for Windows Admin Center, enabling IT administrators to migrate virtual machines from VMware vCenter to…
Threat Actors Update Android Droppers to Remain Effective with Even Simple Malware
Threat actors are increasingly refining Android droppers to circumvent enhanced security measures, extending their utility beyond sophisticated banking trojans to simpler malware variants like SMS…
Beware! Fake Google Play Store Sites Used to Spread Android Malware
Cybersecurity researchers have identified a resurgence of SpyNote malware campaigns targeting Android users through sophisticated fake Google Play Store websites. The malicious actor behind these…
Users of WhatsApp Desktop on Windows Face Code Execution Risk Via Python
A critical security risk has emerged for Windows users of WhatsApp Desktop who also have Python installed. Attackers can exploit a flaw in how WhatsApp…
Chinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade Detection
Google Threat Intelligence Group (GTIG) has uncovered a multifaceted cyber espionage operation attributed to the PRC-nexus threat actor UNC6384, believed to be associated with TEMP.Hex…
Maryland Transportation Systems Disrupted Following Cyberattack
Maryland’s transit network experienced widespread disruption this week after a sophisticated cyberattack targeted critical information systems, forcing the Maryland Transit Administration (MTA) and the Department…
X/Twitter Found to Be Most Aggressive Social Media App in Tracking User Location Data
A comprehensive study examining the location data practices of the top 10 social media platforms has uncovered concerning patterns of user tracking that extend far…