1,500 Jenkins Servers Vulnerable to Command Injection via Git Parameter Plugin
Jenkins disclosed CVE-2025-53652, also known as SECURITY-3419, as part of a batch of 31 plugin vulnerabilities. Initially rated as medium severity, this flaw affects the…
Category: GBHackers
PoisonSeed Phishing Kit Bypasses MFA to Steal Credentials from Users and Organizations
The threat actor known as PoisonSeed, loosely affiliated with groups like Scattered Spider and CryptoChameleon, has deployed an active phishing kit designed to circumvent multi-factor…
ShinyHunters Claims BreachForums Seized by Law Enforcement, Now a Honeypot
The threat actor known as ShinyHunters has publicly disclosed what they claim is a covert seizure of BreachForums, a notorious online platform used for trading…
Fortinet SSL VPN Targeted by Hackers from 780 Unique IP Addresses
Cybersecurity researchers at GreyNoise have detected an alarming surge in brute-force attacks against Fortinet SSL VPN systems, with over 780 unique IP addresses launching coordinated…
Ivanti Connect Secure, Policy Secure, and ZTA Flaws Allow Attackers to Launch DoS Attacks
Ivanti has released critical security updates addressing multiple vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateway products that could allow remote attackers to…
Citrix NetScaler Flaw (CVE-2025-6543) Is Being Actively Exploited to Breach Organizations
The National Cyber Security Centre (NCSC) in the Netherlands has issued an urgent update on a series of sophisticated cyberattacks exploiting a zero-day vulnerability in…
Scattered Spider’s New Telegram Channel Names Targeted Organizations
A new Telegram channel that combined the names of well-known threat actor organizations Shiny Hunters, Scattered Spider, and Lapsus$ emerged on Friday afternoon in a…
SAP Security Patch Day Fixes 15 Flaws, Including 3 Injection Vulnerabilities
SAP released critical security updates on August 12, 2025, addressing 15 vulnerabilities across its enterprise software portfolio, with three severe code injection flaws receiving the…
Royal Enfield Reportedly Targeted in Ransomware Attack, Hackers Claim Data Encryption
Royal Enfield, the storied motorcycle manufacturer celebrated for its classic designs and global fan base, is reportedly grappling with a significant cybersecurity breach. A hacker…
Record $250K Bug Bounty Awarded for Discovering Critical Chrome RCE Flaw
Google has awarded a record-breaking $250,000 bug bounty to security researcher Micky for discovering a critical remote code execution vulnerability in Google Chrome that could…
Researchers Detail Script-Masking Tactics That Bypass Defenses
Security researchers and cybersecurity professionals are highlighting the growing sophistication of payload obfuscation techniques that allow malicious actors to bypass traditional defense mechanisms. As organizations…
North Korean Kimsuky Hackers Suffer Data Breach as Insiders Leak Information Online
A member of North Korea’s notorious Kimsuky espionage group has experienced a significant data breach after insiders leaked hundreds of gigabytes of internal files and…