State-Sponsored Groups Intensify Attacks on Manufacturing Sector and OT Systems
The manufacturing sector has emerged as a prime target for cyber attackers in 2024, with a staggering 71% surge in active threat actors compared to…
Category: GBHackers
Researchers Reveal Container-Based Attacks Through Host-Based Log Analysis
Cybersecurity researchers have shed light on the often-underestimated vulnerabilities in containerized environments, emphasizing the critical role of host-based log analysis in uncovering sophisticated attacks. Containers,…
New Linux PumaBot Targets IoT Devices with SSH Credential Brute-Force Attack
A new and insidious threat has surfaced in the cybersecurity landscape as Darktrace’s Threat Research team uncovers PumaBot, a Go-based Linux botnet meticulously designed to…
Russian Hacker Black Owl Targets Critical Industries to Steal Financial Data
A pro-Ukrainian hacktivist group known as BO Team, also operating under aliases such as Black Owl, Lifting Zmiy, and Hoody Hyena, has emerged as a…
Top Russian Dark Web Market Tools Drive Surge in Credential Theft Attacks
In a chilling revelation for cybersecurity professionals, the Russian Market has solidified its position as the leading hub for stolen credentials, fueling a dramatic rise…
Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads
A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified…
New Safari XSS Vulnerability Exploits JavaScript Error Handling to Run Arbitrary Code
Cross-site scripting (XSS) remains one of the most persistent threats in web security, but most discussions focus on traditional vectors. A lesser-known but intriguing avenue…
Hackers Abuse AI Tool Misconfigurations to Execute Malicious AI-Generated Payloads
A malicious threat actor has exploited a misconfigured instance of Open WebUI, a widely-used self-hosted AI interface with over 95,000 stars on GitHub, designed to…
New Research Uncovers Strengths and Vulnerabilities in Cloud-Based LLM Guardrails
Cybersecurity researchers have shed light on the intricate balance of strengths and vulnerabilities inherent in cloud-based Large Language Model (LLM) guardrails. These safety mechanisms, designed…
Splunk Enterprise XSS Flaw Enables Attackers to Execute Unauthorized JavaScript
Splunk has disclosed a reflected Cross-Site Scripting (XSS) vulnerability in its Enterprise and Cloud Platform products, tracked as CVE-2025-20297 and detailed in advisory SVD-2025-0601. The…
Malicious NPM Packages Exploit Ethereum Wallets with Obfuscated JavaScript
A recent wave of malicious NPM packages has emerged as a significant threat to cryptocurrency users, specifically targeting Ethereum wallet holders. Cybersecurity researchers have uncovered…
Threat Actors Target PerimeterX CAPTCHA to Automate Microsoft Account Creation
A recent post on an underground forum has brought renewed attention to the escalating arms race between cybercriminals and anti-bot security vendors. The solicitation, offering…