Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPs
The cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM and activity from the attack provide valuable insight into the…
Category: GBHackers
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to cryptocurrency‑focused developers quietly. The campaign,…
WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution Attacks
A critical vulnerability in the popular WPvivid Backup & Migration plugin is putting more than 800,000 WordPress websites at risk of complete takeover through remote…
Chrome Security Update Released to Address Code Execution Vulnerabilities
Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux systems, addressing 11 security vulnerabilities that could allow attackers to execute…
Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot Loops
Palo Alto Networks has disclosed a PAN-OS firewall vulnerability that can let remote attackers force repeated reboots, potentially pushing a device into a “reboot loop”…
Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
A newly discovered malicious NPM package, dubbed duer-js , is being used to distribute an advanced information‑stealing malware that primarily targets Windows systems and Discord users. Published…
Adblock Filters Expose User Location Even With VPN Protection
A new fingerprinting technique called “Adbleed” reveals that VPN users aren’t as anonymous as they think. While VPNs hide your IP address and encrypt traffic,…
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
A dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security…
Hackers Exploit Google Calendar Invites to Stealthily Stream Victim’s Camera via Zoom
A new era of AI vulnerability has arrived, and it is far more dangerous than simply tricking a chatbot into saying something rude. New research…
Cybercriminals Exploit Employee Monitoring and SimpleHelp Tools in Ransomware Attacks
Threat actors are abusing legitimate remote monitoring tools to hide inside corporate networks and launch ransomware attacks. Net Monitor for Employees Professional is a commercial…
GTIG Warns of Rising Espionage and Supply Chain Cyber Threats Targeting Defense Sector
The defense industry is facing an intense, multi-front cyber onslaught as espionage, personnel targeting, and supply chain attacks converge into a persistent, strategic risk to…
VoidLink Framework Introduces On-Demand Tool Generation with Native Windows Plugin Support
A newly exposed malware framework, VoidLink, is reshaping how attackers manage implants across modern cloud and enterprise environments. Cisco Talos has now linked this framework…