Critical WordPress Plugin Vulnerability Puts 70,000+ Sites at Risk of Remote Code Execution
A severe security vulnerability has been discovered in a popular WordPress plugin used by over 70,000 websites worldwide, potentially exposing...
Read more →Category: GBHackers
Xerox FreeFlow Core Vulnerability Allows Remote Code Execution — PoC Now Public
Security researchers have disclosed critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code on...
Read more →
CISA Alerts on N-able N-Central Deserialization and Injection Flaw Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding two critical vulnerabilities in N-able N-Central that are...
Read more →
Infamous XZ Backdoor Found Hidden in Docker Images for Over a Year
Security researchers at Binarly have discovered that the sophisticated supply chain hack still exists in publicly accessible Docker images on...
Read more →
Emerging AI-Driven Phishing Trends Reshape Cybercrime Tactics
Artificial intelligence (AI) in advances and adaptive social engineering techniques have led to a significant revolution in phishing and scams...
Read more →
Google’s Android pKVM Framework Achieves SESIP Level 5 Certification
Google has revealed that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework (AVF), has achieved SESIP Level...
Read more →
Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products
Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array...
Read more →
SmartLoader Malware Masquerades as Legitimate GitHub Repository to Infect Users
AhnLab Security Intelligence Center (ASEC) has uncovered a sophisticated campaign involving the massive dissemination of SmartLoader malware through GitHub repositories...
Read more →
Windows Remote Desktop Services Flaw Allows Network-Based Denial-of-Service Attacks
Microsoft disclosed a critical vulnerability in Windows Remote Desktop Services on August 12, 2025, that enables attackers to launch denial-of-service...
Read more →
Hackers Deploy Dedicated Phishlet for FIDO Authentication Downgrade Attacks
Proofpoint researchers have uncovered a novel technique allowing threat actors to bypass FIDO-based authentication through downgrade attacks, leveraging a custom...
Read more →
ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns
The financially motivated threat group ShinyHunters has returned with a sophisticated series of attacks targeting Salesforce instances across high-profile enterprises...
Read more →
Multiple GitLab Vulnerabilities Allow Account Takeover and Stored XSS Attacks
GitLab has released critical security patches addressing multiple high-severity vulnerabilities that could enable attackers to execute account takeovers and stored...
Read more →