Chinese National Sentenced to 46 Months for Laundering Millions Stolen from U.S. Investors
A Chinese national has been sentenced to nearly four years in U.S. federal prison for laundering tens of millions of dollars stolen from American investors…
Category: GBHackers
Cybercriminals Exploit Canadians’ Dependence on Digital Services in Widespread Attacks
Canadian citizens are facing a coordinated phishing campaign that leverages government impersonation and brand spoofing to harvest personal and financial data at scale. The campaign…
Microsoft Exchange Online to End Support for SMTP AUTH Basic Authentication
Microsoft has announced a revised deprecation timeline for SMTP AUTH Basic Authentication in Exchange Online, giving organizations an extended runway to modernize legacy email workflows.…
TP-Link Archer Router Flaw Exposes Users to Remote Attacks and Full Device Control
A high command injection vulnerability has been discovered in TP-Link’s Archer MR600 v5 router, enabling authenticated attackers to execute arbitrary system commands through the device’s…
Critical IDIS IP Camera Vulnerability Allows Full Computer Compromise with One-Click Exploit
A critical vulnerability in IDIS Cloud Manager (ICM) Viewer exposes organizations using IDIS IP cameras to one-click remote code execution (RCE), potentially allowing attackers to…
Cybercriminals Leverage AI-Generated Malicious Job Offers to Spread PureRAT Malware
A Vietnamese threat actor is using AI-authored code to power a phishing campaign that delivers the PureRAT malware and related payloads, leveraging realistic job-themed lures…
Gemini MCP Tool 0-Day Vulnerability Exposes Systems to Remote Code Execution
A critical zero-day vulnerability has been disclosed in the Gemini MCP Tool, enabling unauthenticated remote attackers to execute arbitrary code on vulnerable installations without requiring…
eSkimming Attacks Surge with Evolving Tactics and Ongoing Recovery Challenges
A new longitudinal study of Magecart-style eSkimming attacks overturns the assumption that discovery equals recovery. Instead of being a one-time incident that ends with script…
Cal.com Broken Access Controls Lead to Account Takeover and Data Exposure
Cal.com, an open-source scheduling platform and developer-friendly alternative to Calendly, recently patched a set of critical vulnerabilities that exposed user accounts and sensitive booking data…
Meta Faces Legal Action Over Claims of Accessing All WhatsApp User Messages
A class-action lawsuit filed in San Francisco federal court accuses Meta Platforms of systematically misleading billions of WhatsApp users about the protection of their messages.…
New Deepfake Phishing Attack Targets Bitcoin Users via Zoom and Teams
A sophisticated deepfake-enabled phishing campaign is actively targeting Bitcoin users through fake Zoom and Microsoft Teams calls. The attackers are exploiting video conferencing, Telegram, and…
Hackers Exploit SEO Poisoning to Target Users Seeking Legitimate Tools
Search engine optimization (SEO) poisoning techniques to trick users into downloading malicious software disguised as legitimate tools. This attack campaign involves manipulating search results to…