Supply Chain Attack Unleashed via Compromised VS Code Extension
A sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with...
Read more →Category: GBHackers
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with...
Read more →
TapTrap Android Exploit Allows Malicious Apps to Bypass Permissions
A new Android vulnerability called TapTrap that allows malicious apps to bypass the operating system’s permission system without requiring any...
Read more →
Hackers Exploit IIS Machine Keys to Breach Organizations
A sophisticated campaign by an initial access broker (IAB) group exploiting leaked Machine Keys from ASP.NET websites to gain unauthorized...
Read more →
Google Launches Advanced Protection for Vulnerable Users via Chrome on Android
Google has announced the expansion of its Advanced Protection Program to Chrome on Android, providing enhanced security features specifically designed...
Read more →
XwormRAT Hackers Leverage Code Injection for Sophisticated Malware Deployment
A sophisticated new distribution method for XwormRAT malware that leverages steganography techniques to hide malicious code within legitimate files. This...
Read more →
Anatsa Android Banking Malware Targets Users in the U.S. and Canada via Google Play
A sophisticated new campaign involving the Anatsa Android banking trojan, marking its third major offensive against mobile banking customers in...
Read more →
Windows BitLocker Vulnerability Lets Attackers Bypass Security Protections
Microsoft has disclosed a significant security vulnerability in Windows BitLocker that allows attackers to bypass critical security protections through a...
Read more →
Splunk SOAR Addresses Vulnerabilities in Third-Party Packages – Update Now
Splunk has published a critical security advisory revealing that its Security Orchestration, Automation and Response (SOAR) platform was shipping vulnerable...
Read more →
Splunk Enterprise Addresses Vulnerabilities in Bundled Third-Party Packages
Splunk has released critical security updates for its Enterprise platform, addressing multiple vulnerabilities in bundled third-party packages across several product...
Read more →
Citrix Windows Virtual Delivery Agent Vulnerability Lets Attackers Escalate to SYSTEM Privileges
A critical security vulnerability has been discovered in Citrix’s Windows Virtual Delivery Agent that could allow attackers with low-level system...
Read more →
FortiWeb SQL injection Vulnerability Allows Attackers to Execute Malicious SQL Commands
A critical security vulnerability has been discovered in Fortinet’s FortiWeb web application firewall that allows unauthenticated attackers to execute malicious...
Read more →