FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages
Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing campaigns are delivered via Telegram...
Read more →Category: GBHackers
PoC Exploit Released for Ivanti Connect Secure RCE Vulnerability
A serious security flaw has been identified in Ivanti Connect Secure, designated as CVE-2025-0282, which enables remote unauthenticated attackers to execute...
Read more →
$40,000 Reward for Escalating Limited Path Traversal to RCE
As a dedicated bug bounty hunter with an enviable track record on BugCrowd, Abdullah Nawaf, Full full-time bug Bounty Hunter, thrives...
Read more →
Let’s Encrypt Unveils Six-Day Certificate and IP Address Options for 2025
Let’s Encrypt has announced plans to introduce six-day certificate options and support for IP address certificates in 2025. This initiative...
Read more →
CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in...
Read more →
BitMEX Fined $100 Million for Violating Bank Secrecy Act
In a significant legal development, HDR Global Trading Ltd., operating under the name BitMEX, has been fined $100 million for...
Read more →
Hackers Deploy Web Shell To Abuse IIS Worker And Exfiltrate Data
An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload...
Read more →
CISA Releases Guidelines For Closing Software Understanding Gap
The Cybersecurity and Infrastructure Security Agency (CISA) has released a pivotal report calling for urgent action to address the “software...
Read more →
Russian Threat Actor “Star Blizzard” Exploit WhatsApp Accounts Using QR Codes
Microsoft Threat Intelligence has identified a concerning strategic shift by the notorious Russian threat actor group “Star Blizzard.” Known for...
Read more →
Thousands of PHP-based Web Applications Exploited to Deploy Malware
A significant cybersecurity threat has emerged, threatening the integrity of thousands of PHP-based web applications. A report from Imperva Threat...
Read more →
New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware
Botnets are the networks of compromised devices that have evolved significantly since the internet’s inception. Threat actors exploit vulnerabilities to...
Read more →
AIRASHI Botnet Exploiting 0DAY Vulnerabilities In Large Scale DDoS Attacks
AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August 2024 that leveraged a 0DAY vulnerability...
Read more →