North Korean IT Workers Linked to 2,400 Astrill VPN IP Addresses
new data has emerged linking over 2,400 IP addresses associated with Astrill VPN to individuals believed to be North Korean IT workers. These findings were…
Category: GBHackers
Laravel Framework Flaw Allows Attackers to Execute Malicious JavaScript
A significant vulnerability has been identified in the Laravel framework, specifically affecting versions between 11.9.0 and 11.35.1. The issue revolves around improper encoding of request…
Critical Vulnerabilities in Moxa Switches Enable Unauthorized Access
A critical vulnerability identified as CVE-2024-12297 has been discovered in Moxa’s PT series of network switches, affecting multiple models across different product lines. This security…
WinDbg Vulnerability Allows Attackers to Execute Remote Code
Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows remote code execution (RCE) due…
Thinkware Dashcam Vulnerability Leaks Credentials to Attackers
A series of significant security vulnerabilities have been discovered in the Thinkware Dashcam, specifically the F800 Pro model, which could pose serious risks to users’…
Commvault Webserver Flaw Allows Attackers to Gain Full Control
Commvault has revealed a major vulnerability in its software that could allow malicious actors to gain full control of its webservers. The issue, identified as CV_2025_03_1,…
New Apache Traffic Server Flaws Allow Malformed Request Exploits
The Apache Software Foundation has disclosed several vulnerabilities affecting its Traffic Server software. These vulnerabilities allow malicious actors to exploit malformed requests and access control…
Over 43 Million Python Installations Vulnerable to Dangerous Code Execution Flaw
A significant vulnerability has been uncovered in the Python JSON Logger package (python-json-logger), affecting versions 3.2.0 and 3.2.1. This flaw, CVE-2025-27607 allows for remote code…
Lumma Stealer Using Fake Google Meet & Windows Update Sites to Launch “Click Fix” Style Attack
Cybersecurity researchers continue to track sophisticated “Click Fix” style distribution campaigns that deliver the notorious Lumma Stealer malware to unsuspecting victims. These increasingly sophisticated tactics,…
1 Million Devices Infected by Malware from GitHub
In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide. This campaign, which began in early December…
North Korean Uses Moonstone Sleet Creative Tactics to Deploy Custom Ransomware
In a recent development, Microsoft has identified a new North Korean threat actor known as Moonstone Sleet, which has been employing a combination of traditional…
Threat Actors Exploit PHP-CGI RCE Vulnerability to Attack Windows Machines
A recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code execution (RCE) vulnerability in PHP-CGI on Windows systems. This vulnerability,…