ASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on Windows
A critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a recent…
Category: GBHackers
Hackers Exploiting Chrome Zero‑Day Vulnerability in the Wild
A newly discovered zero-day vulnerability in Google Chrome, tracked as CVE-2025-2783, is being actively exploited by hackers in sophisticated cyber-espionage campaigns. Security researchers have observed…
150K+ Users Affected by Malicious Loan Apps on iOS and Google Play
Over 150,000 users across Google Play and the Apple App Store have fallen victim to a malicious SpyLoan application named “RapiPlata,” which was identified in…
How Threat Actors Abuse OEM Permissions for Privilege Escalation
Threat actors are increasingly exploiting legitimate channels to achieve privilege escalation, posing a severe risk to millions of devices worldwide. While conventional exploits remain a…
iOS Zero Click Flaw Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert following the discovery and active exploitation of a critical zero-click vulnerability in…
GCHQ Intern Sentenced to 7 Years for Illegally Copying Secret Files to Smartphone
A former intern at the UK’s intelligence agency GCHQ has been sentenced to seven and a half years in prison after admitting to smuggling top…
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks
The Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of the world’s most widely used…
Zyxel Devices Under Attack as Hackers Exploit UDP Port RCE Flaw
A sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE)…
Malicious Payload Found in JPEG Image Using Steganography and Base64 Obfuscation
Cybersecurity enthusiast Xavier shed light on a sophisticated method of hiding malicious payloads within seemingly innocuous JPEG images. This discovery has sparked significant interest in…
Hackers Upload Weaponized Packages to PyPI Repositories to Steal AWS Tokens and Sensitive Data
The JFrog Security Research team has uncovered a sophisticated malicious package named “chimera-sandbox-extensions” on the Python Package Index (PyPI), a widely used repository for Python…
Katz Stealer Boosts Credential Theft with System Fingerprinting and Persistence Mechanisms
The emergence of Katz Stealer, a sophisticated information-stealing malware-as-a-service (MaaS) that is redefining the boundaries of credential theft. First detected this year, Katz Stealer combines…
Washington Post Hacked – Multiple Journalists’ Email Accounts Compromised
The Washington Post confirmed late last week that its email systems were targeted in a cyberattack, resulting in the compromise of several journalists’ email accounts.…