Category: GBHackers

New WordPress Plugin That Weaponizes Legit Sites To Steal Customer Payment Data
07
Jan
2025

New WordPress Plugin That Weaponizes Legit Sites To Steal Customer Payment Data

Cybercriminals have developed PhishWP, a malicious WordPress plugin, to facilitate sophisticated phishing attacks, which enable attackers to create convincing replicas…

EAGERBEE Malware Updated It’s Arsenal to Attack ISPs & Government Entities
07
Jan
2025

EAGERBEE Malware Updated It’s Arsenal to Attack ISPs & Government Entities

The Kaspersky researchers investigation into the EAGERBEE backdoor revealed its deployment within Middle Eastern ISPs and government entities of novel…

Hackers Weaponize Security Testing By Weaponizing npm, PyPI, & Ruby Exploit Packages
07
Jan
2025

Hackers Weaponize Security Testing By Weaponizing npm, PyPI, & Ruby Exploit Packages

Over the past year, malicious actors have been abusing OAST services for data exfiltration, C2 channel establishment, and multi-stage attacks…

New FireScam Android Malware Abusing Firebase Services To Evade Detection
07
Jan
2025

New FireScam Android Malware Abusing Firebase Services To Evade Detection

FireScam is multi-stage malware disguised as a fake “Telegram Premium” app that steals data and maintains persistence on compromised devices…

Hackers mimic Social Security Administration To Deliver ConnectWise RAT
07
Jan
2025

Hackers mimic Social Security Administration To Deliver ConnectWise RAT

A phishing campaign spoofing the United States Social Security Administration emerged in September 2024, delivering emails with embedded links to…

Patch for Critical RCE Vulnerabilities
07
Jan
2025

Patch for Critical RCE Vulnerabilities

The January 2025 Android Security Bulletin has issued important updates regarding critical vulnerabilities that affect Android devices. Users are urged…

India’s Draft Digital Personal Data Protection Rules
07
Jan
2025

India’s Draft Digital Personal Data Protection Rules

India has unveiled its draft Digital Personal Data Protection Rules, designed to operationalize the Digital Personal Data Protection Act, 2023…

Hackers Compromised Argentina’s Airport Security Payroll System
07
Jan
2025

Hackers Compromised Argentina’s Airport Security Payroll System

Hackers have successfully infiltrated Argentina’s Airport Security Police (PSA) payroll system, raising alarms about the safety of sensitive personnel information….

Open Source LLM Vulnerability Scanner for AI Red-Teaming
06
Jan
2025

Open Source LLM Vulnerability Scanner for AI Red-Teaming

Garak is a free, open-source tool specifically designed to test the robustness and reliability of Large Language Models (LLMs). Inspired…

PoC Exploit Released for Critical OpenSSH Vulnerability (CVE-2024-6387)
06
Jan
2025

PoC Exploit Released for Critical OpenSSH Vulnerability (CVE-2024-6387)

An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept (PoC) exploit targeting the critical…

Malicious npm Packages Stealing Developers' Sensitive Data
06
Jan
2025

Malicious npm Packages Stealing Developers’ Sensitive Data

Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times,…

Wordpress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks
06
Jan
2025

WordPress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks

A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million…