Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details
A critical flaw in Google’s “Sign in with Google” authentication system has left millions of Americans vulnerable to potential data theft. This vulnerability mainly affects…
Category: GBHackers
Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could…
CISA Launched A Free Guide to Enhance OT Products Security
To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new step-by-step guide designed to help…
Microsoft Warns of MFA Issue Affecting Microsoft 365 users
Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365) users. The problem, which surfaced…
RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation
Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe to run malicious binaries and…
Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins
Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree of…
Furry Hacker Breaches Scholastic Exposes Data of 8 Million People
The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people. The breach, which has been attributed…
PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)
A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498. This vulnerability poses a significant security risk by…
IBM Robotic Process Autmation Vulnerability Let Attackers Obtain Sensitive Data
A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches. The vulnerability, tracked as CVE-2024-51456, could allow remote attackers to…
Hackers Abusing Youtube To Deliver Malware That Steals Browser Data
Malware actors leverage popular platforms like YouTube and social media to distribute fake installers. Reputable file hosting services are abused to host malware and make…
New Credit Card Skimmer Attacking WordPress Checkout Pages To Steal Payment Card Sata
Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress database. On checkout pages, the…
IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks
A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its integration with IBM Cloud Pak for Data. This vulnerability exposes users…