Zimbra Classic Web Client Vulnerability Allows Arbitrary JavaScript Execution
A critical security flaw has been discovered and patched in the Zimbra Collaboration Suite (ZCS) Classic Web Client, exposing millions of business users to the…
Category: GBHackers
NCSC Warns of SHOE RACK Malware Targeting Fortinet Firewalls via DOH & SSH Protocols
The National Cyber Security Centre (NCSC) has issued a critical alert regarding a newly identified malware, dubbed SHOE RACK, which has been observed targeting Fortinet…
Critical Convoy Flaw Allows Remote Code Execution on Servers
Credential Abuse Unmasked Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with…
OPPO Clone Phone Vulnerability Leaks Sensitive Data via Weak WiFi Hotspot
A newly disclosed security vulnerability in OPPO’s widely used Clone Phone app has raised significant concerns over user privacy, as it exposes sensitive data through…
North Korean Hackers Use Malicious Zoom Apps to Execute System-Takeover Attacks
Cybersecurity researchers and targeted individuals have reported a highly sophisticated scam orchestrated by suspected North Korean hackers. This attack, disguised as a legitimate Zoom meeting,…
LapDogs Hackers Compromise 1,000 SOHO Devices Using Custom Backdoor for Stealthy Attacks
Security researchers at SecurityScorecard have uncovered a sprawling cyber-espionage campaign orchestrated by the LapDogs Operational Relay Box (ORB) Network, a sophisticated infrastructure compromising over 1,000…
Advanced Malware Campaign Targets WordPress and WooCommerce Sites with Hidden Skimmers
The Wordfence Threat Intelligence Team uncovered a sophisticated malware campaign during a routine site cleanup, revealing a family of malicious code targeting WordPress and WooCommerce…
OWASP Launches AI Testing Guide to Uncover Vulnerabilities in AI Systems
As artificial intelligence (AI) becomes a cornerstone of modern industry, the Open Web Application Security Project (OWASP) has announced the release of its AI Testing…
Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass
A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller—cloud networking software used to manage multi-cloud environments. The flaws enable full system…
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users at risk of remote code…
Notepad++ Vulnerability Allows Full System Takeover — PoC Released
A critical privilege escalation vulnerability (CVE-2025-49144) in Notepad++ v8.8.1 enables attackers to achieve full system control through a supply-chain attack. The flaw exploits the installer’s…
New Echo Chamber Attack Breaks AI Models Using Indirect Prompts
A groundbreaking AI jailbreak technique, dubbed the “Echo Chamber Attack,” has been uncovered by researchers at Neural Trust, exposing a critical vulnerability in the safety…