New “ToolShell” Exploit Targets SharePoint Servers for Full Takeover
FortiGuard Labs has identified a critical new exploit chain dubbed “ToolShell” that is actively being used by multiple threat actors to target on-premises Microsoft SharePoint…
Category: GBHackers
Leak Zone Dark Web Forum Breach Exposes 22 Million User IPs and Locations
A significant data breach has exposed sensitive information about users of Leakzone, a prominent dark web forum known for trading hacking tools and compromised accounts.…
Stealing Login Credentials from 19 Major Browsers
A sophisticated new information stealer named SHUYAL was recently discovered by Hybrid Analysis. It has demonstrated extensive capabilities in credential extraction from 19 different web…
LG Innotek Camera Flaws Could Give Hackers Full Admin Access
A critical security vulnerability has been discovered in LG Innotek’s LNV5110R CCTV camera model that could allow remote attackers to gain complete administrative control over…
Critical Salesforce Flaws Allow Remote Code Execution
Salesforce has disclosed a series of critical security vulnerabilities in its Tableau Server platform that could allow attackers to execute remote code and gain unauthorized…
Hackers Exploit Official Gaming Mouse Software to Spread Windows-based Xred Malware
Gaming peripheral manufacturer Endgame Gear has disclosed a security incident involving malware-infected software distributed through their official website, affecting users who downloaded the OP1w 4k…
Microsoft Investigates Leak in Early Warning System Used by Chinese Hackers to Exploit SharePoint Vulnerabilities
Chinese laws requiring vulnerability disclosure to the government create transparency issues and potential conflicts for international cybersecurity efforts. Microsoft is probing whether a leak from…
Arizona Woman Sentenced for Aiding North Korean IT Workers in Cyber Operations
Christina Marie Chapman, a 50-year-old Arizona woman, has been sentenced to 102 months in prison for her role in an elaborate fraud scheme that helped…
New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies
AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its Live View > Dark Web…
Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems
Wiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on…
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection…
Fake Indian Banking Apps on Android Steal Login Credentials from Users
A malicious Android application has been uncovered, impersonating legitimate Indian banking apps to orchestrate credential theft, surveillance, and unauthorized financial transactions. This malware employs a…