Let’s Encrypt Unveils Six-Day Certificate and IP Address Options for 2025
Let’s Encrypt has announced plans to introduce six-day certificate options and support for IP address certificates in 2025. This initiative is part of the organization’s…
Category: GBHackers
CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in Aviatrix Controllers, identified as CVE-2024-50603. This…
BitMEX Fined $100 Million for Violating Bank Secrecy Act
In a significant legal development, HDR Global Trading Ltd., operating under the name BitMEX, has been fined $100 million for violating the Bank Secrecy Act.…
Hackers Deploy Web Shell To Abuse IIS Worker And Exfiltrate Data
An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload a malicious web shell to…
CISA Releases Guidelines For Closing Software Understanding Gap
The Cybersecurity and Infrastructure Security Agency (CISA) has released a pivotal report calling for urgent action to address the “software understanding gap.” This comprehensive document…
Russian Threat Actor “Star Blizzard” Exploit WhatsApp Accounts Using QR Codes
Microsoft Threat Intelligence has identified a concerning strategic shift by the notorious Russian threat actor group “Star Blizzard.” Known for its spear-phishing campaigns targeting government,…
Thousands of PHP-based Web Applications Exploited to Deploy Malware
A significant cybersecurity threat has emerged, threatening the integrity of thousands of PHP-based web applications. A report from Imperva Threat Research has unveiled a sophisticated…
New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware
Botnets are the networks of compromised devices that have evolved significantly since the internet’s inception. Threat actors exploit vulnerabilities to control these devices remotely by…
AIRASHI Botnet Exploiting 0DAY Vulnerabilities In Large Scale DDoS Attacks
AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August 2024 that leveraged a 0DAY vulnerability on cnPilot routers and used…
Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks – GBHackers Security
As California grapples with devastating wildfires, communities are rallying to protect lives and property. Unfortunately, these disasters have also created an opportunity for cybercriminals to…
FTC Slams GoDaddy For Not Implement Standard Security Practices Following Major Breaches
The Federal Trade Commission (FTC) has announced that it will require GoDaddy Inc. to develop and implement a comprehensive information security program. This decision comes…
Veeam Azure Backup Vulnerability Allows Attackers to Utilize SSRF & Send Unauthorized Requests
A critical vulnerability has been identified in Veeam Backup for Microsoft Azure, specifically referenced as CVE-2025-23082. Discovered during internal testing, this security flaw could allow…