Google Launches Shielded Email to Keep Your Address Hidden from Apps
Google is rolling out a new privacy-focused feature called Shielded Email, designed to prevent apps and services from accessing users’ primary email addresses during sign-ups. The…
Category: GBHackers
Exploiting Amazon IAM Permissions for Phishing Attacks
Unit 42 researchers have observed a threat actor group known as JavaGhost exploiting misconfigurations in Amazon Web Services (AWS) environments to conduct sophisticated phishing campaigns.…
Hackers Using PowerShell and Microsoft Legitimate Apps to Deploy Malware
Cybersecurity experts are warning of an increasing trend in fileless attacks, where hackers leverage PowerShell and legitimate Microsoft applications to deploy malware without leaving significant…
Hackers can Crack Into Car Cameras Within Minutes Exploiting Vulnerabilities – GBHackers Security
At the upcoming Black Hat Asia 2025 conference, cybersecurity experts will unveil a groundbreaking vulnerability in modern dashcam technology, exposing how hackers can exploit these…
Hacktivist Groups Emerge With Powerful Tools for Large-Scale Cyber Operations
Hacktivism, once synonymous with symbolic website defacements and distributed denial-of-service (DDoS) attacks, has evolved into a sophisticated tool for cyber warfare and influence operations. Recent…
Chinese Hackers Breach Belgium State Security Service as Investigation Continues
Belgium’s State Security Service (VSSE) has suffered what is being described as its most severe security breach to date. For nearly two years, a group…
New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable new threat: “Pass-the-Cookie” attacks. Recent findings reveal from Long Wall shows that…
PingAM Java Agent Vulnerability Allows Attackers to Bypass Security
A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s PingAM Java Agent, potentially enabling attackers to bypass policy enforcement and…
Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to infiltrate organizations across Europe, Africa,…
New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data
A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software has been uncovered, exposing a dangerous convergence of social engineering tactics…
DeepSeek Data Leak Exposes 12,000 Hardcoded API Keys and Passwords
A sweeping analysis of the Common Crawl dataset—a cornerstone of training data for large language models (LLMs) like DeepSeek—has uncovered 11,908 live API keys, passwords,…
260 Domains Hosting 5,000 Malicious PDFs to Steal Credit Card Data
Netskope Threat Labs uncovered a sprawling phishing operation involving 260 domains hosting approximately 5,000 malicious PDF files. These documents, disguised as legitimate resources, employ fake…