New Exploit Method Extracts Microsoft Entra Tokens Through Beacon
A novel exploit method leveraging Beacon Object Files (BOFs) has emerged, enabling attackers to extract Microsoft Entra (formerly Azure AD) tokens from compromised endpoints, even…
Category: GBHackers
Google Chrome Uses Advanced AI to Combat Sophisticated Online Scams
Google has integrated artificial intelligence into its cybersecurity toolkit to shield users from financial and data theft scams. On Friday, May 09, 2025, the company…
DOGE Employee Computer Infected with Malware and Leaked Data Found Info-Stealer Logs
Kyle Schutt, a 37-year-old DOGE employee identified in federal payroll records, has had his personal email address and associated passwords exposed in at least four…
Bluetooth Core 6.1 Released – What’s New!
Bluetooth SIG’s decision to transition to a bi-annual release cadence marks a strategic pivot toward fostering rapid iteration and market responsiveness. The organization seeks to…
Securing Windows Endpoints Using Group Policy Objects (GPOs): A Configuration Guide
Securing Windows endpoints is a top priority for organizations seeking to protect sensitive data and maintain operational integrity. Group Policy Objects (GPOs) are among the…
Detecting Backdoors in Enterprise Networks
In today’s rapidly evolving cybersecurity landscape, enterprise networks face a particularly insidious threat: backdoors, making detecting backdoors crucial. These clandestine entry points allow attackers to…
Phishing Scams on the Rise with Sophisticated PhaaS Toolkits and Realistic Fake Pages
Cybersecurity experts are raising alarms over the proliferation of increasingly sophisticated phishing techniques that leverage dedicated Phishing-as-a-Service (PhaaS) toolkits to create authentic-looking pages. These advanced…
Critical Azure and Power Apps Vulnerabilities Allow Privilege Escalation for Attackers
Microsoft has patched four critical security vulnerabilities affecting its Azure cloud services and Power Apps platform that could allow attackers to escalate privileges, perform spoofing…
Chrome 137 Integrates Gemini Nano AI to Combat Tech Support Scams
Google has unveiled a groundbreaking defense mechanism in Chrome 137, integrating its on-device Gemini Nano large language model (LLM) to detect and block these malicious…
Why CISOs Must Prioritize Cybersecurity Culture in Remote Work
In the era of remote and hybrid work, Chief Information Security Officers (CISOs) are now tasked with cultivating a strong cybersecurity culture in remote work,…
North Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOS
A North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and…
New Supply Chain Attack Compromises Popular npm Package with 45,000 Weekly Downloads
An advanced supply chain attack has targeted the well-known npm package rand-user-agent, which receives about 45,000 downloads every week, in a worrying development for the…