Category: GBHackers

Vim for Windows Flaw Lets Attackers Execute Arbitrary Code
04
Dec
2025

Vim for Windows Flaw Lets Attackers Execute Arbitrary Code

A high security vulnerability has been discovered in Vim for Windows that could allow attackers to run malicious code on…

New Scanner Released to Detect Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182)
04
Dec
2025

New Scanner Released to Detect Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182)

Security researchers have released a specialized scanning tool to identify vulnerable React Server Component (RSC) endpoints in modern web applications,…

PickleScan Uncovers 0-Day Vulnerabilities Allowing Arbitrary Code Execution via Malicious PyTorch Models
04
Dec
2025

PickleScan Uncovers 0-Day Vulnerabilities Allowing Arbitrary Code Execution via Malicious PyTorch Models

JFrog Security Research has uncovered three critical zero-day vulnerabilities in PickleScan, a widely-adopted industry-standard tool for scanning machine learning models…

Hackers Actively Exploit New Windows LNK 0-Day Vulnerability
04
Dec
2025

Hackers Actively Exploit New Windows LNK 0-Day Vulnerability

A newly discovered security flaw in Windows shortcut files is being actively used by hackers to target diplomatic organisations. The…

Malicious VSCode Extension Deploys Anivia Loader and OctoRAT
04
Dec
2025

Malicious VSCode Extension Deploys Anivia Loader and OctoRAT

In late November 2025, a sophisticated supply-chain attack leveraging the Visual Studio Code extension ecosystem came to light, demonstrating how…

Microsoft Confirms Windows 11 25H2 UI Features Broken also Along With 24H2 Following Update
03
Dec
2025

Microsoft Confirms Windows 11 25H2 UI Features Broken also Along With 24H2 Following Update

Microsoft has acknowledged a significant issue affecting Windows 11 versions 24H2 and 25H2. Where critical user interface components break following…

Examining the Risk of AI-Assisted MedusaLocker Ransomware Attacks
03
Dec
2025

Examining the Risk of AI-Assisted MedusaLocker Ransomware Attacks

Researchers at Cato CTRL have demonstrated that the feature, designed to streamline AI workflows, can be easily weaponized to deploy…

CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
03
Dec
2025

CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV)…

Massive Phishing Attack Uses Parking Ticket and Medical Test Themes, Attributed to Storm-0900
03
Dec
2025

Massive Phishing Attack Uses Parking Ticket and Medical Test Themes, Attributed to Storm-0900

In a brazen attempt to exploit the chaotic pre-holiday rush, Microsoft Security has detected and dismantled a large-scale phishing campaign…

Longwatch RCE Flaw Allows Attackers to Run Remote Code with Elevated Privileges
03
Dec
2025

Longwatch RCE Flaw Allows Attackers to Run Remote Code with Elevated Privileges

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical remote code execution vulnerability affecting…

Malicious Rust “evm-units” Impersonator Deploys OS-Specific Payloads
03
Dec
2025

Malicious Rust “evm-units” Impersonator Deploys OS-Specific Payloads

A malicious Rust crate masquerading as an Ethereum Virtual Machine (EVM) utility has been caught delivering silent, OS-specific payloads to…

Shai-Hulud 2.0 Cyberattack Compromises 30,000 Repos and Exposes 500 GitHub Accounts
03
Dec
2025

Shai-Hulud 2.0 Cyberattack Compromises 30,000 Repos and Exposes 500 GitHub Accounts

The Shai-Hulud 2.0 supply chain attack has proven to be one of the most persistent and destructive malware campaigns targeting…