Mozilla Launches Firefox 141 With Critical Security Fixes – Update Immediately
Mozilla has today released Firefox 141, addressing a broad spectrum of security vulnerabilities that range from high-impact memory safety bugs to moderate issues in URL…
Category: GBHackers
Hackers Injected Malicious Firefox Packages in Arch Linux Repo
Cybersecurity researchers have identified a sophisticated supply chain attack targeting Arch Linux users through malicious packages designed to masquerade as Firefox browser variants. Three compromised…
CISA Alerts on Active Exploitation of Microsoft SharePoint Code Injection and Authentication Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding the active exploitation of two critical Microsoft SharePoint vulnerabilities, with organizations facing a…
Apache Jena Vulnerability Allows Arbitrary File Access
Critical security vulnerabilities in Apache Jena have been disclosed that enable administrators to access and create files outside designated server directories, potentially compromising system security.…
New Web3 Phishing Scam Uses Fake AI Platforms to Steal Credentials
The threat actor group LARVA-208, notorious for phishing attacks and social engineering against English-speaking IT staff, has pivoted to targeting Web3 developers. Employing spearphishing links…
Iranian Hackers Target Global Airlines to Steal Sensitive Data
APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised internal systems of the Iranian…
Scavenger Malware Compromises Popular npm Packages to Target Developers
The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes.…
ETQ Reliance RCE Flaw Grants Full SYSTEM Access with a Single Space
Hexagon ETQ’s Java-based quality management system, ETQ Reliance, has several serious flaws, according to a new security research revelation by Assetnote. The software, which facilitates…
Threat Actors Target Linux SSH Servers to Deploy SVF Botnet
AhnLab Security Intelligence Center (ASEC) has been actively tracking cyber threats exploiting vulnerable Linux servers through strategically deployed honeypots, with SSH services using weak credentials…
ClickFake Interview Attack Leverages ClickFix Technique to Deploy GolangGhost Malware
Cybersecurity researchers have provided insight into a persistent threat cluster linked to the well-known North Korean state-sponsored hacker outfit Lazarus, according to a comprehensive analysis…
UK Bans Public Sector from Paying Ransomware Gangs
The UK government has announced a comprehensive ban preventing public sector organizations from paying ransom demands to cybercriminals, marking a significant escalation in the fight…
Hackers Selling macOS 0-Day LPE Exploit on Dark Forums
A threat actor claiming to possess a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system has emerged on underground cybercriminal forums, offering…