Google Cloud & Cloudflare Missed 3-Year Phishing Campaign
An industrial-scale phishing campaign exploiting Google Cloud and Cloudflare infrastructure operated in plain sight for more than three years, targeting...
Read more →Category: GBHackers
BruteForceAI Tool Automates Login Page Detection and Attacks
A cutting-edge penetration testing tool called BruteForceAI has arrived, bringing automation and artificial intelligence to the art of login page detection and...
Read more →
IIS WebDeploy RCE Vulnerability Gets Public PoC
A newly disclosed remote code execution (RCE) vulnerability in Microsoft’s IIS Web Deploy toolchain has captured industry attention after the...
Read more →
Hackers Use Hexstrike-AI to Exploit Zero-Day Flaws in Just 10 Minutes
Within hours of its release, the newly unveiled framework Hexstrike-AI has emerged as a game-changer for cybercriminals, enabling them to scan, exploit...
Read more →
Devices Exploited for Instant DDoS Attacks
A newly uncovered variant of the notorious RapperBot malware is covertly commandeering internet-connected devices—particularly outdated network video recorders (NVRs)—and transforming...
Read more →
Cloudflare Confirms Data Breach – Customer Data Exposed via Salesforce Attack
Cloudflare has disclosed a significant data breach affecting customer information following a sophisticated supply chain attack targeting its Salesforce integration...
Read more →
Top 10 Best API Penetration Testing Companies In 2025
Best API Penetration Testing Companies Securing APIs is a critical cybersecurity challenge in 2025 as they are the backbone of...
Read more →
Threat Hunting Guide Designed for SOC Analysts and MSSPs
Proactive threat hunting has become an essential discipline for Security Operations Center (SOC) analysts and Managed Security Service Providers (MSSPs)....
Read more →
Mapping the Web of Commercial Spyware: Targets and Attack Chains
A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs), exposing the methods...
Read more →
OneDrive Phishing Attack Targets Corporate Executives for Credential Theft
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document‐sharing notifications....
Read more →
Google Debunks Reports of Major Gmail Security Alert
Google has firmly rejected widespread reports suggesting it issued a global security alert to its 2.5 billion Gmail users, calling...
Read more →
ESPHome Vulnerability Allows Unauthorized Access to Smart Devices
A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to...
Read more →