Daikin Security Gateway Vulnerability Allows Unauthorized System Access
A critical security flaw in Daikin Security Gateway systems has been discovered that could enable attackers to bypass authentication and...
Read more →Category: GBHackers
Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed
Cornwell Quality Tools, a leading automotive and industrial tool supplier, has confirmed a significant data breach that compromised the personal...
Read more →
Palo Alto Networks User-ID Agent Flaw Leaks Passwords in Cleartext
A newly disclosed vulnerability in the Palo Alto Networks User-ID Credential Agent on Windows systems allows service account passwords to...
Read more →
Cyber Attack Exposes LNER Train Passengers’ Personal Data
London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details...
Read more →
Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD
A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This...
Read more →
CoreDNS Vulnerability Allows Attackers to Poison DNS Cache and Block Updates
A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches for years, effectively blocking legitimate...
Read more →
Massive L7 DDoS Botnet Exploits 5.76M Hijacked Devices for Record Attacks
In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed...
Read more →
Angular SSR Vulnerability Allows Attackers to Access Sensitive Data
A high vulnerability in Angular’s server-side rendering (SSR) feature can lead to sensitive data exposure when multiple requests are handled...
Read more →
Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks
In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many...
Read more →
Kenyan Filmmakers Targeted with FlexiSPY Spyware Tracking Messages and Social Media
The revelation that commercially available FlexiSPY spyware was clandestinely installed on devices belonging to Kenyan filmmakers while in police custody...
Read more →
EggStreme Malware Emerges With Fileless Techniques and DLL Sideloading Payloads
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset...
Read more →
kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data
The threat actor delivers three Remote Access Trojans (RATs)—ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT—via phishing sites hosted...
Read more →