CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released ten industrial control systems (ICS) advisories on August 7, 2025, highlighting...
Read more →Category: GBHackers
Amazon ECS Internal Protocol Exploited to Steal AWS Credentials from Other Tasks
Security researchers have disclosed a critical vulnerability in Amazon Elastic Container Service (ECS) that allows malicious containers to steal AWS...
Read more →
US Confirms Takedown of BlackSuit Ransomware Behind 450+ Hacks
Federal law enforcement agencies have successfully dismantled the critical infrastructure of BlackSuit ransomware, a sophisticated cybercriminal operation that has compromised...
Read more →
Malicious Go Packages Used by Threat Actors to Deploy Obfuscated Remote Payloads
Socket’s Threat Research Team has identified eleven malicious Go packages distributed via GitHub, with ten remaining active on the Go...
Read more →
Over 60 Malicious RubyGems Packages Used to Steal Social Media and Marketing Credentials
Socket’s Threat Research Team has exposed a persistent campaign involving over 60 malicious RubyGems packages that masquerade as automation tools...
Read more →
CISA Issues Urgent Advisory to Address Microsoft Exchange Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-02 on August 7, 2025, requiring federal agencies to...
Read more →
Flipper Zero Dark Web Firmware Cracks Rolling Code Security in Modern Cars
Security researchers have discovered alarming new firmware for the popular Flipper Zero device that can completely bypass the rolling code...
Read more →
Retbleed Vulnerability Exploited to Access Any Process’s Memory on Newer CPUs
Security researchers have successfully demonstrated a sophisticated exploit of the Retbleed vulnerability, a critical CPU security flaw that allows attackers to...
Read more →
HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks
Researchers at Cyata have disclosed nine previously unknown zero-day vulnerabilities in HashiCorp Vault, a widely adopted open-source secrets management platform,...
Read more →
How Machine Learning Detects Living off the Land (LotL) Attacks
Elite cybercriminals prefer LotL attacks because they’re incredibly hard to spot. Instead of deploying obvious malware, attackers use the same...
Read more →
Splunk Unveils PLoB Tool to Detect Compromised Credential Usage
Splunk has introduced PLoB (Post-Logon Behaviour Fingerprinting and Detection) in a world where compromised credentials remain the primary vector for...
Read more →
Hackers Exploit SVG Files with Embedded JavaScript to Deploy Malware on Windows Systems
Threat actors are increasingly using Scalable Vector Graphics (SVG) files to get beyond traditional defenses in the quickly developing field...
Read more →