How CISOs Can Strengthen Supply Chain Security in 2025
The responsibilities of Chief Information Security Officers (CISOs) are rapidly evolving as digital transformation and global interconnectivity reshape the modern supply chain. In 2025, the…
Category: GBHackers
Cato Networks macOS Client Vulnerability Enables Low-Privilege Code Execution
A critical vulnerability in Cato Networks’ widely used macOS VPN client has been disclosed, enabling attackers with limited access to gain full control over affected…
Researchers Uncovered RansomHub operation and it’s Relation With Qilin ransomware
Security researchers have identified significant connections between two major ransomware-as-a-service (RaaS) operations, with evidence suggesting affiliates from the recently-disabled RansomHub group may have migrated to…
New WordPress Malware Disguised as Anti-Malware Plugin Takes Full Control of Websites
The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that masquerades as a legitimate plugin, often named ‘WP-antymalwary-bot.php.’ First detected on…
Firefox 138 Launches with Patches for Several High-Severity Flaws
Mozilla has officially released Firefox 138, marking a significant update focused on user security. The new version addresses multiple high-severity vulnerabilities, following the Mozilla Foundation…
Microsoft Telnet Server Flaw Lets Attackers Bypass Guest Login Restrictions
A newly disclosed vulnerability in Microsoft’s Telnet Server component is making headlines after researchers revealed that attackers could exploit the flaw to bypass established guest…
Link11 brings three brands together on one platform with new branding
Link11 has fully integrated DOSarrest and Reblaze to become one of Europe’s leading providers of network security, web application security, and application performance Link11, DOSarrest,…
Anthropic Report Reveals Growing Risks from Misuse of Generative AI Misuse
A recent threat report from Anthropic, titled “Detecting and Countering Malicious Uses of Claude: March 2025,” published on April 24, has shed light on the…
Researchers Exploit OAuth Misconfigurations to Gain Unrestricted Access to Sensitive Data
A security researcher has uncovered a serious vulnerability resulting from incorrectly configured OAuth2 credentials in a startling discovery from a recent YesWeHack bug reward engagement.…
Wormable AirPlay Zero-Click RCE Flaw Allows Remote Device Hijack via Wi-Fi
A major set of vulnerabilities-collectively named “AirBorne”-in Apple’s AirPlay protocol and SDK have been unveiled, enabling an array of severe attack vectors. Most critically, these…
Docker Registry Vulnerability Lets macOS Users Access Any Registry Without Authorization
A recently discovered vulnerability in Docker Desktop for macOS is raising concerns in the developer and security communities. The flaw, which stems from the improper application of…
PowerDNS DNSdist Vulnerability Let Attackers Trigger Denial-of-Service
PowerDNS has issued an urgent security advisory for its DNSdist software, warning users of a critical vulnerability that could let attackers trigger denial-of-service (DoS) conditions…