Qilin Ransomware Dominates July with Over 70 Claimed Victims
The Qilin ransomware group has solidified its position as the most active threat actor in July 2025, marking its third top ranking in four months…
Category: GBHackers
‘AI Induced Destruction’ – How AI Misuse is Creating New Attack Vectors
Cybersecurity firms are reporting a disturbing new trend in 2025: artificial intelligence assistants designed to boost productivity are inadvertently becoming destructive forces, causing massive system…
Windows Out-of-Box-Experience Flaw Enables Full Administrative Command Prompt Access
A newly documented vulnerability in Windows’ Out-of-Box-Experience (OOBE) allows users to bypass security restrictions and gain full administrative access to command prompt functionality, even when…
FireWood Malware Targets Linux Systems for Command Execution and Data Theft
Intezer’s Research Team has uncovered a new, low-detection variant of the FireWood backdoor, a sophisticated Linux-based remote access trojan (RAT) initially discovered by ESET researchers.…
CISA Publishes Operational Technology Guide for Critical Infrastructure Stakeholders
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with eight other national cyber agencies, has released a comprehensive “Foundations for OT Cybersecurity: Asset Inventory…
Microsoft IIS Web Deploy Vulnerability Allows Remote Code Execution
Microsoft has disclosed a critical security vulnerability in its Internet Information Services (IIS) Web Deploy tool that could allow attackers to execute arbitrary code remotely…
EncryptHub Turns Brave Support Into a Dropper; MMC Flaw Completes the Run
Trustwave SpiderLabs researchers have uncovered a sophisticated EncryptHub campaign that ingeniously abuses the Brave Support platform to deliver malicious payloads, leveraging the recently disclosed CVE-2025-26633…
Splunk Publishes Defender’s Guide to Spot ESXi Ransomware Early
Splunk has released a comprehensive defender’s guide aimed at helping cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause widespread…
Attackers Need Just One Vulnerability to Own Your Rooted Android
Android privilege escalation has been transformed by rooting frameworks such as KernelSU, APatch, and SKRoot, which use advanced kernel patching techniques to enable unauthorized code…
Proxyware Campaign Piggybacks on Popular YouTube Video Download Services
The AhnLab Security Intelligence Center (ASEC) has uncovered fresh instances of proxyware distribution by threat actors leveraging deceptive advertising on freeware sites. Building on prior…
Critical WordPress Plugin Vulnerability Puts 70,000+ Sites at Risk of Remote Code Execution
A severe security vulnerability has been discovered in a popular WordPress plugin used by over 70,000 websites worldwide, potentially exposing them to complete takeover by…
Xerox FreeFlow Core Vulnerability Allows Remote Code Execution — PoC Now Public
Security researchers have disclosed critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code on vulnerable systems. The proof-of-concept exploits…