Critical Salesforce Flaws Allow Remote Code Execution
Salesforce has disclosed a series of critical security vulnerabilities in its Tableau Server platform that could allow attackers to execute remote code and gain unauthorized…
Category: GBHackers
Hackers Exploit Official Gaming Mouse Software to Spread Windows-based Xred Malware
Gaming peripheral manufacturer Endgame Gear has disclosed a security incident involving malware-infected software distributed through their official website, affecting users who downloaded the OP1w 4k…
Microsoft Investigates Leak in Early Warning System Used by Chinese Hackers to Exploit SharePoint Vulnerabilities
Chinese laws requiring vulnerability disclosure to the government create transparency issues and potential conflicts for international cybersecurity efforts. Microsoft is probing whether a leak from…
Arizona Woman Sentenced for Aiding North Korean IT Workers in Cyber Operations
Christina Marie Chapman, a 50-year-old Arizona woman, has been sentenced to 102 months in prison for her role in an elaborate fraud scheme that helped…
New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies
AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its Live View > Dark Web…
Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems
Wiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on…
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection…
Fake Indian Banking Apps on Android Steal Login Credentials from Users
A malicious Android application has been uncovered, impersonating legitimate Indian banking apps to orchestrate credential theft, surveillance, and unauthorized financial transactions. This malware employs a…
Fire Ant Hackers Target VMware ESXi and vCenter Flaws to Infiltrate Organizations
Cybersecurity firm Sygnia has been tracking and mitigating a sophisticated espionage operation dubbed Fire Ant, which zeroes in on virtualization and networking infrastructure, particularly VMware…
Hackers Exploit Google Forms to Trick Victims into Stealing Cryptocurrency
Cybercriminals are increasingly using Google Forms to plan cryptocurrency theft in a sophisticated evolution of phishing assaults, taking advantage of the platform’s built-in credibility and…
Phishing Attack Spoofs Facebook Login Page to Capture Credentials
Cybercriminals are using a variety of dishonest tactics in a sophisticated phishing effort aimed at Facebook users in order to obtain login information. The attack…
US Announces $15M Reward for North Korean IT Scheme Leaders
The United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and…