Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts
Cybersecurity researchers from The DFIR Report’s Threat Intel Group uncovered an open directory hosted at 194.48.154.79:80, believed to be operated by an affiliate of the…
Category: GBHackers
Advanced Multi-Stage Carding Attack Hits Magento Site Using Fake GIFs and Reverse Proxy Malware
A multi-stage carding attack has been uncovered targeting a Magento eCommerce website running an outdated version 1.9.2.4. This version, unsupported by Adobe since June 2020,…
Cracked Variant of Sharp and TX Malware Targets Browsers, Wallets, and FTP Clients
A new cyber threat, dubbed Hannibal Stealer, has surfaced as a rebranded and cracked variant of the Sharp and TX stealers, originally promoted by the…
SAP NetWeaver 0-Day Flaw Actively Exploited to Deploy Webshells
SAP disclosed a critical zero-day vulnerability, identified as CVE-2025-31324, in its NetWeaver Visual Composer component. This vulnerability, with a maximum CVSSv3 severity score of 10.0, stems…
Windows 11 25H2 Expected to Launch with Minor Changes
Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2, with new evidence pointing toward a September–October 2025 release. Unlike the…
China Claims U.S. Cyberattack Targeted Leading Encryption Company
China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one of its foremost commercial cryptography providers, resulting in the theft of…
New iOS Vulnerability Could Brick iPhones with Just One Line of Code
A security researcher has uncovered a critical vulnerability in iOS, Apple’s flagship mobile operating system. The flaw, CVE-2025-24091, which leverages the long-standing but little-known “Darwin…
CISA Alerts Users to Security Flaws in Planet Technology Network Products
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak…
Viasat Modems Zero-Day Vulnerabilities Let Attackers Execute Remote Code
A severe zero-day vulnerability has been uncovered in multiple Viasat satellite modem models, including the RM4100, RM4200, EM4100, RM5110, RM5111, RG1000, RG1100, EG1000, and EG1020.…
Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution
A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server communication been disclosed, threatening countless embedded and IoT devices with remote…
A Key Weapon in the Ongoing War Between Hackers and Defenders
Obfuscation stands as a powerful weapon for attackers seeking to shield their malicious code from defenders. This technique, which deliberately makes code hard to understand…
React Router Vulnerabilities Allow Attackers to Spoof Content and Alter Values
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak…