Category: GBHackers

New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
23
Jan
2025

New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code

A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users….

New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies
23
Jan
2025

New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies

A new attack technique known as the “cookie sandwich” has surfaced, raising significant concerns among cybersecurity professionals. This technique enables…

Wordpress Plugin Vulnerability Exposes 23k+ Websites to Hacking
23
Jan
2025

WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking

Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled…

Cisco Warns of Meeting Management API Privilege Escalation Vulnerability
23
Jan
2025

Cisco Warns of Meeting Management API Privilege Escalation Vulnerability

Cisco has issued a critical advisory regarding a privilege escalation vulnerability in its Meeting Management REST API. The flaw tracked…

AI-Powered Static Application Security Testing in the Developer Toolkit
22
Jan
2025

AI-Powered Static Application Security Testing in the Developer Toolkit

In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the…

Ex-CIA analyst pleaded guilty For Leaking Top Secret National Defense Information
22
Jan
2025

Ex-CIA analyst pleaded guilty For Leaking Top Secret National Defense Information

A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining and transmitting Top Secret National Defense…

Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
22
Jan
2025

Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome

A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling…

SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL
22
Jan
2025

SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL

In a recent discovery, a security researcher uncovered a critical SQL injection vulnerability on Microsoft’s DevBlogs website (accessible at https://devblogs.microsoft.com). This…

Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet
22
Jan
2025

Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet

 The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October 29, 2024, peaking at an astonishing…

Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education
22
Jan
2025

Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education

AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a global provider of software in education,…

Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations
22
Jan
2025

Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations

The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights…

Security Researchers Discover Critical RCE Vulnerability, Earn $40,000 Bounty
22
Jan
2025

Security Researchers Discover Critical RCE Vulnerability, Earn $40,000 Bounty

Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution…