Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies…
Category: GBHackers
SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL
In a recent discovery, a security researcher uncovered a critical SQL injection vulnerability on Microsoft’s DevBlogs website (accessible at https://devblogs.microsoft.com). This vulnerability could allow attackers to…
Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet
The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October 29, 2024, peaking at an astonishing 5.6 terabits per second (Tbps).…
Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations
The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights into vulnerabilities impacting Traffic Alert…
Security Researchers Discover Critical RCE Vulnerability, Earn $40,000 Bounty
Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution (RCE). Their discovery earned a…
IBM i Access Client Solutions Might Be Leaking Your Passwords
A potential security flaw in IBM i Access Client Solutions (ACS) has raised serious concerns about password leakage, leaving users vulnerable to exploitation. Research published…
Ransomware Attack Forces UK Brit High School to Close Doors For Students
A ransomware attack has compelled UK Brit, a prominent British high school, to close its doors to students for two days, specifically Monday, January 20,…
PoC Exploit released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router, specifically affecting hardware versions 3…
OWASP Smart Contract Top 10 2025 Released – What’s new!
The Open Web Application Security Project (OWASP) has released its updated Smart Contract Top 10 for 2025, providing essential insights for developers and security teams in the…
New Contacto Ransomware Evades AV Detection & Uses Windows Consolw for Execution
In early January 2025, a new ransomware strain identified as Contacto surfaced, showcasing advanced techniques designed to bypass conventional security measures. This analysis provides insights…
Microsoft Rolls Out New Administrator protection feature Under Windows Security
Microsoft has announced the release of Windows 11 Insider Preview Build 27774 to the Canary Channel. This build comes packed with enhancements, including a significant…
Apache CXF Vulnerability Triggers DoS Attack
Colm O hEigeartaigh announced a critical vulnerability affecting various versions of Apache CXF, a widely-used framework for building web services. This issue, documented as CVE-2025-23184,…