Category: GBHackers

Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
14
Mar
2025

Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication

A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via…

Share: X : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass AuthenticationFacebook : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass AuthenticationLinkedin : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass AuthenticationReddit : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass AuthenticationTelegram : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass AuthenticationWhatsApp : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass AuthenticationEmail : Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
14
Mar
2025

Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells

The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…

Share: X : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web ShellsFacebook : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web ShellsLinkedin : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web ShellsReddit : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web ShellsTelegram : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web ShellsWhatsApp : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web ShellsEmail : Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware
14
Mar
2025

Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware

Microsoft Threat Intelligence has identified an ongoing phishing campaign that began in December 2024, targeting organizations in the hospitality industry…

Share: X : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing MalwareFacebook : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing MalwareLinkedin : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing MalwareReddit : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing MalwareTelegram : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing MalwareWhatsApp : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing MalwareEmail : Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware
Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers
14
Mar
2025

Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers

A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This…

Share: X : Decrypting Akira Ransomware on Linux/ESXi Without Paying HackersFacebook : Decrypting Akira Ransomware on Linux/ESXi Without Paying HackersLinkedin : Decrypting Akira Ransomware on Linux/ESXi Without Paying HackersReddit : Decrypting Akira Ransomware on Linux/ESXi Without Paying HackersTelegram : Decrypting Akira Ransomware on Linux/ESXi Without Paying HackersWhatsApp : Decrypting Akira Ransomware on Linux/ESXi Without Paying HackersEmail : Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers
U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
14
Mar
2025

U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown

The U.S. Department of Justice has charged Rostislav Panev, a dual Russian and Israeli national, for his role as a…

Share: X : U.S. Charges LockBit Ransomware Developer in Cybercrime CrackdownFacebook : U.S. Charges LockBit Ransomware Developer in Cybercrime CrackdownLinkedin : U.S. Charges LockBit Ransomware Developer in Cybercrime CrackdownReddit : U.S. Charges LockBit Ransomware Developer in Cybercrime CrackdownTelegram : U.S. Charges LockBit Ransomware Developer in Cybercrime CrackdownWhatsApp : U.S. Charges LockBit Ransomware Developer in Cybercrime CrackdownEmail : U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
CISA Releases Security Advisory on 13 Industrial Control System Threats
14
Mar
2025

CISA Releases Security Advisory on 13 Industrial Control System Threats

CISA issued thirteen Industrial Control Systems (ICS) advisories, highlighting current security issues and vulnerabilities in various systems. These advisories are…

Share: X : CISA Releases Security Advisory on 13 Industrial Control System ThreatsFacebook : CISA Releases Security Advisory on 13 Industrial Control System ThreatsLinkedin : CISA Releases Security Advisory on 13 Industrial Control System ThreatsReddit : CISA Releases Security Advisory on 13 Industrial Control System ThreatsTelegram : CISA Releases Security Advisory on 13 Industrial Control System ThreatsWhatsApp : CISA Releases Security Advisory on 13 Industrial Control System ThreatsEmail : CISA Releases Security Advisory on 13 Industrial Control System Threats
New Microsoft 365 Attack Leverages OAuth Redirection for Credential Theft
14
Mar
2025

New Microsoft 365 Attack Leverages OAuth Redirection for Credential Theft

Threat researchers at Proofpoint are currently tracking two sophisticated and highly targeted cyber-attack campaigns that are utilizing OAuth redirection mechanisms…

Share: X : New Microsoft 365 Attack Leverages OAuth Redirection for Credential TheftFacebook : New Microsoft 365 Attack Leverages OAuth Redirection for Credential TheftLinkedin : New Microsoft 365 Attack Leverages OAuth Redirection for Credential TheftReddit : New Microsoft 365 Attack Leverages OAuth Redirection for Credential TheftTelegram : New Microsoft 365 Attack Leverages OAuth Redirection for Credential TheftWhatsApp : New Microsoft 365 Attack Leverages OAuth Redirection for Credential TheftEmail : New Microsoft 365 Attack Leverages OAuth Redirection for Credential Theft
New DCRat Campaign Uses YouTube Videos to Target Users
14
Mar
2025

New DCRat Campaign Uses YouTube Videos to Target Users

A new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the…

Share: X : New DCRat Campaign Uses YouTube Videos to Target UsersFacebook : New DCRat Campaign Uses YouTube Videos to Target UsersLinkedin : New DCRat Campaign Uses YouTube Videos to Target UsersReddit : New DCRat Campaign Uses YouTube Videos to Target UsersTelegram : New DCRat Campaign Uses YouTube Videos to Target UsersWhatsApp : New DCRat Campaign Uses YouTube Videos to Target UsersEmail : New DCRat Campaign Uses YouTube Videos to Target Users
Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits
14
Mar
2025

Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits

Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote…

Share: X : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle ExploitsFacebook : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle ExploitsLinkedin : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle ExploitsReddit : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle ExploitsTelegram : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle ExploitsWhatsApp : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle ExploitsEmail : Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits
Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures
13
Mar
2025

Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures

Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical…

Share: X : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on FailuresFacebook : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on FailuresLinkedin : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on FailuresReddit : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on FailuresTelegram : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on FailuresWhatsApp : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on FailuresEmail : Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures
North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots
13
Mar
2025

North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots

Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed “KoSpy,” which appears to be the…

Share: X : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & ScreenshotsFacebook : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & ScreenshotsLinkedin : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & ScreenshotsReddit : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & ScreenshotsTelegram : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & ScreenshotsWhatsApp : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & ScreenshotsEmail : North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots
86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration
13
Mar
2025

86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration

A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered by cybersecurity researcher Jeremiah Fowler. The…

Share: X : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 MisconfigurationFacebook : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 MisconfigurationLinkedin : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 MisconfigurationReddit : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 MisconfigurationTelegram : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 MisconfigurationWhatsApp : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 MisconfigurationEmail : 86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration