WordPress Plugin Flaw Exposes 2L+ Websites to XSS Attacks
Over 200,000 websites have been left vulnerable to Cross-Site Scripting (XSS) attacks due to a flaw in the Ultimate Member...
Read more →Category: GBHackers
KrustyLoader Backdoor Attack Both Windows & Linux Systems
Recent developments within the cybersecurity landscape have included the emergence of KrustyLoader, a sophisticated Rust-based backdoor that has caught the...
Read more →
Hackers Compromised TeamCity Server To Install BianLian’s GO Backdoor
BianLian attackers exploited a TeamCity vulnerability (CVE-2024-27198 or CVE-2023-42793) to gain initial access and move laterally within the network. They...
Read more →
WordPress Builder Plugin Flaw Exposes 3,300+ Websites To XSS Attack
A recent surge in attacks from a new malware campaign exploits a known vulnerability in the WordPress plugin Popup Builder, infecting over...
Read more →
CyberGate RAT Mimic as Dorks to Attack Cybersecurity
Threat actors target a niche group of internet users, security researchers, penetration testers, and even cybercriminals. The weapon of choice...
Read more →
PoC Exploit Released for OpenEdge and AdminServer.
A Proof of Concept (PoC) exploit has been released for a vulnerability in the OpenEdge Authentication Gateway and AdminServer. This...
Read more →
Matanbuchus Malware Weaponizing XLS files to Hijack Windows
The Matanbuchus malware has been reported to initiate a new campaign, exploiting XLS files to compromise Windows machines. This sophisticated...
Read more →
Vulnerability in 16.5K+ VMware ESXi Let Attackers Execute Code
VMware’s ESXi, Workstation, and Fusion products could allow attackers to execute malicious code on affected systems. Impacted VMware Products These...
Read more →
NSA Releases Top Ten Best Practices For Cloud Environments
Threat actors aim at Cloud environments because of their wide acceptance and one-stop storage of important information. Exploiting shortcomings in...
Read more →
MITRE Releases Aviation Risk Identification Software Program
The Massachusetts Institute of Technology’s (MITRE) Aviation Risk Identification and Assessment (ARIA) software program is a powerful tool to enhance...
Read more →
Nigerian National Pleads Guilty for Hacking Business & Email
Henry Onyedikachi Echefu, a 32-year-old Nigerian national, has admitted to his role in a sophisticated business email compromise (BEC) scheme...
Read more →
China Panda APT Hacking Websites To Infect Windows And MacOS Visitors With Malware
Evasive Panda dubbed BRONZE HIGHLAND and Daggerfly, a Chinese-speaking APT group operating since at least 2012, has been spotted conducting cyberespionage...
Read more →