YONO SBI Banking App Vulnerability Exposes Users to Man-in-the-Middle Attack
A critical security flaw has been discovered in the widely used YONO SBI: Banking & Lifestyle app, potentially exposing millions of users to man-in-the-middle (MITM)…
Category: GBHackers
Office 365 Introduces New Mail Bombing Detection to Shield Users
Microsoft has announced a significant security upgrade for its Office 365 platform, introducing a new Mail Bombing Detection feature within Microsoft Defender for Office 365.…
CISA Issues Alert on TeleMessage TM SGNL Flaws Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert after adding two newly discovered vulnerabilities in the TeleMessage TM SGNL messaging…
International Criminal Court Hacked via Sophisticated Cyber Campaign
The International Criminal Court (ICC), the global tribunal responsible for prosecuting serious international crimes, has been targeted by a sophisticated and highly focused cyberattack late…
DCRat Targets Windows Systems for Remote Control, Keylogging, Screen Capture, and Data Theft
A sophisticated email-based attack distributing a Remote Access Trojan (RAT) known as DCRat has been recently identified by the FortiMail IR team, specifically targeting organizations…
Nessus Vulnerabilities on Windows Enables Arbitrary System File Overwrites
A critical security vulnerability has been discovered and patched in Tenable’s Nessus vulnerability scanner for Windows, potentially allowing non-administrative users to overwrite any system file…
Microsoft Intune Update Wipes Custom Security Baseline Tweaks – Admins Alerted
Microsoft has confirmed a significant issue affecting its Intune security baseline update process, causing concern among IT administrators worldwide. The problem, acknowledged by Microsoft in…
FileFix Attack Exploits Windows Browser Loophole to Evade Mark-of-the-Web Security
A newly identified attack vector, dubbed the “FileFix Attack,” has surfaced, exploiting a subtle yet critical loophole in how modern browsers like Google Chrome and…
U.S. Treasury Sanctions Bulletproof Hosting Firm Fueling Ransomware Campaigns
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sweeping sanctions on Aeza Group, a Russia-based bulletproof hosting (BPH) provider, for…
Over 600K WordPress Sites at Risk Due to Critical Plugin Vulnerability
A critical security flaw in the popular Forminator WordPress plugin has put more than 600,000 websites worldwide at risk of remote takeover, according to recent disclosures from…
Anthropic MCP Inspector Vulnerability Lets Hackers Run Arbitrary Code Remotely
A newly disclosed vulnerability in Anthropic’s Model Context Protocol (MCP) Inspector tool has sent shockwaves through the AI development community, exposing a critical attack vector…
Snake Keyloggers Exploit Java Utilities to Evade Detection by Security Tools
The S2 Group Intelligence team has uncovered a Russian-origin malware known as Snake Keylogger, a stealer coded in .NET, leveraging legitimate Java utilities to bypass…