Hackers Leverage 607 Malicious Domains to Spread APK Malware with Remote Command Execution
PreCrime Labs at BforeAI discovered a complex cyber threat operation in which hackers have used a vast network of 607 rogue domains to spread fake…
Category: GBHackers
Threat Actors Weaponize WordPress Sites to Redirect Visitors to Malicious Domains
Security researchers identified a sophisticated malware campaign targeting WordPress websites, where threat actors embedded malicious code within core files to facilitate unauthorized redirects and search…
NimDoor MacOS Malware Abuses Zoom SDK Updates to Steal Keychain Credentials
SentinelOne researchers have discovered NimDoor, a sophisticated MacOS malware campaign ascribed to North Korean-affiliated attackers, most likely the Stardust Chollima gang, in a notable increase…
Gmail Message Exploit Triggers Code Execution in Claude, Bypassing Protections
A cybersecurity researcher has demonstrated how a carefully crafted Gmail message can trigger code execution through Claude Desktop, Anthropic’s AI assistant application, highlighting a new…
Dark Partners Hacker Group Drains Crypto Wallets Using Fake AI Tools and VPN Services
The financially driven organization known as Dark Partners has been planning massive cryptocurrency theft since at least May 2025, using a complex network of more…
Windows Secure Boot Certificate Expired in June, Microsoft Issues Warning
Microsoft has issued an urgent warning to Windows users about an impending security certificate expiration that could significantly impact device functionality. The tech giant announced…
Chinese ‘Salt Typhoon’ Hackers Infiltrated US National Guard Network for Almost a Year
The Department of Defense (DoD) revealed that an advanced persistent threat (APT) group, known as Salt Typhoon and publicly identified as Chinese state-sponsored actors, had…
Lenovo Vantage Flaws Enable Attackers to Gain SYSTEM-Level Privileges
Security researchers at Atredis have uncovered multiple privilege escalation vulnerabilities in Lenovo Vantage, a pre-installed management platform on Lenovo laptops that handles device updates, configurations,…
Samsung WLAN AP Flaws Let Remote Attackers Run Commands as Root
Security researchers have uncovered a critical chain of vulnerabilities in Samsung’s WEA453e wireless access point that allows unauthenticated remote attackers to execute commands with full…
Google’s AI ‘Big Sleep’ Detects Critical SQLite 0-Day, Halts Ongoing Attacks
Google’s artificial intelligence agent “Big Sleep” has made cybersecurity history by discovering and stopping the exploitation of a critical zero-day vulnerability in SQLite, marking the…
Oracle Issues Critical Update Fixing 309 Vulnerabilities Across Products
Oracle Corporation released its July 2025 Critical Patch Update, addressing a substantial 309 security vulnerabilities across its extensive product portfolio. This quarterly security release represents…
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic…