Zacks Investment Data Breach Exposes 12 Million Emails and Phone Numbers
A cybersecurity incident at Zacks Investment Research has exposed sensitive data belonging to 12 million users, marking the second major breach for the financial services…
Category: GBHackers
LibreOffice Vulnerabilities Allow Attackers to Write to Files and Extract Data
Two critical vulnerabilities in LibreOffice (CVE-2024-12425 and CVE-2024-12426) expose millions of users to file system manipulation and sensitive data extraction attacks. These flaws affect both…
Fake Timesheet Report Emails Linked to Tycoon 2FA Phishing Kit
Cybersecurity researchers have uncovered a novel phishing campaign distributing the notorious Tycoon 2FA phishing kit through fraudulent timesheet notification emails, marking a concerning evolution in…
BitConnect Scam Exposed as Indian Authorities Seize Illicit Gains
The Directorate of Enforcement (ED) in Ahmedabad has dealt a significant blow to one of history’s largest cryptocurrency frauds, recovering Rs. 1,646 crore (approx. $219 million) in…
Black-Hat SEO Poisioning Attacks Exploit Indian Government and Financial Websites
A sophisticated black-hat SEO poisoning campaign has compromised over 150 Indian government websites and financial institutions, redirecting millions of users to fraudulent gambling platforms promoting…
WinRAR 7.10 Latest Version Released
The popular file compression and archiving tool, WinRAR 7.10, has released with new features, interface enhancements, and improved performance. WinRAR 7.10 represents a landmark update…
Juniper Issues Warning About Critical Authentication Bypass Vulnerability
Juniper Networks has issued an urgent security bulletin for its Session Smart Router, Session Smart Conductor, and WAN Assurance Router product lines, revealing a critical…
Microsoft Text Services Framework Exploited for Stealthy Persistence
A novel persistence mechanism exploiting Microsoft’s Text Services Framework (TSF) has been uncovered by researchers at Praetorian Labs, revealing a sophisticated method for maintaining long-term…
ChatGPT Operator Prompt Injection Exploit Leaks Private Data
According to recent findings by cybersecurity researcher Johann Rehberger, OpenAI’s ChatGPT Operator, an experimental agent designed to automate web-based tasks, faces critical security risks from…
IDOR Vulnerability in ExHub Allows Attackers to Alter Hosting Configurations
A security researcher recently uncovered a high-risk Insecure Direct Object Reference (IDOR) vulnerability in ExHub, a cloud hosting and collaboration platform used by over 2…
Beware! Fake Outlook Support Calls Leading to Ransomware Attacks
Telekom Security has recently uncovered a significant vishing (voice phishing) campaign targeting individuals and organizations across Germany. This operation appears to be linked to a…
New XCSSET Malware Targets macOS Users Through Infected Xcode Projects
Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking its first update since 2022. This sophisticated malware continues to target…