Category: GBHackers

WPForms Vulnerability Let Users Issues Subscription Payments
11
Dec
2024

WPForms Vulnerability Let Users Issues Subscription Payments

A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million…

Microsoft Patch Tuesday, December 2024, Patch for 16 Critical Security Flaws
10
Dec
2024

Microsoft Patch Tuesday, December 2024, Patch for 16 Critical Security Flaws

In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities,…

Visual Studio Tunnels Abused For Stealthy Remote Access
10
Dec
2024

Visual Studio Tunnels Abused For Stealthy Remote Access

In an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service…

RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins
10
Dec
2024

RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins

Attackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate,…

Black Basta Ransomware Leverages Microsoft Teams To Deliver Malicious Payloads
10
Dec
2024

Black Basta Ransomware Leverages Microsoft Teams To Deliver Malicious Payloads

In a resurgence since May 2024, the Black Basta ransomware campaign has exhibited a troubling escalation in its attack methods,…

Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files
10
Dec
2024

Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files

SAP has issued Security Note 3536965 to address multiple high-severity vulnerabilities in the Adobe Document Services of SAP NetWeaver AS for JAVA. These vulnerabilities, identified…

Hackers Target Android Users via WhatsApp to Steal Sensitive Data
10
Dec
2024

Hackers Target Android Users via WhatsApp to Steal Sensitive Data

Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by…

Dell Warns of Critical Code Execution Vulnerability in Power Manager
10
Dec
2024

Dell Warns of Critical Code Execution Vulnerability in Power Manager

Dell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager…

Mauri Ransomware Exploiting Apache ActiveMQ Vulnerability To Deploy CoinMiners
10
Dec
2024

Mauri Ransomware Exploiting Apache ActiveMQ Vulnerability To Deploy CoinMiners

The Apache ActiveMQ server is vulnerable to remote code execution (CVE-2023-46604), where attackers can exploit this vulnerability by manipulating serialized…

Researchers Uncovered Hackers Infrastructre Using Passive DNS Technique
10
Dec
2024

Researchers Uncovered Hackers Infrastructre Using Passive DNS Technique

Cybersecurity researchers have unveiled an advanced technique to uncover hackers’ operational infrastructure using passive DNS data. This groundbreaking method sheds…

New Meeten Malware Attacking macOS And Windows Users To Steal Logins
10
Dec
2024

New Meeten Malware Attacking macOS And Windows Users To Steal Logins

A sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated…

Let’s Encrypt OCSP End Support
10
Dec
2024

Let’s Encrypt to End Support for Online Certificate Status Protocol (OCSP)

Let’s Encrypt has officially announced its timeline to phase out support for the Online Certificate Status Protocol (OCSP). The nonprofit…