TgRAT Malware Attacking Linux Servers with New Variant
A new variant of the TgRAT malware, initially discovered in 2022 targeting Windows systems, has been observed attacking Linux servers. This evolution marks a significant…
Category: GBHackers
Bitdefender Flaw Let Attackers Trigger Server-Side Request Forgery Attacks
A recently discovered vulnerability in Bitdefender’s GravityZone Update Server has raised significant security concerns. Identified as CVE-2024-6980, this flaw allows attackers to execute server-side request…
OAuth Vulnerability Exposes 1 Million Websites To XSS Attacks
Despite robust defenses, Cross-Site Scripting (XSS) remains a persistent web vulnerability, as its exploitation has become increasingly challenging. A recent discovery highlights how integrating OAuth,…
World Wide Web Consortium Opposed Google’s Decision on Third-party cookies
The World Wide Web Consortium (W3C) has strongly opposed Google’s decision to halt the deprecation of third-party cookies. The W3C has updated its Technical Architecture…
New Specula Tool Turning Outlook as a C2 Server by Leveraging Registry
Cybersecurity firm TrustedSec has unveiled a powerful new tool called Specula. It exploits a longstanding vulnerability in Microsoft Outlook to transform it into a Command…
Meta paid a $1.4 Billion Settlement for the Unauthorized Capture
Texas Attorney General Ken Paxton has secured a $1.4 billion settlement with Meta Platforms Inc. (formerly known as Facebook) over the unauthorized capture and use…
Patch for Critical Flaw that Leads to Exploitation
Google has rolled out a new security update for its Chrome browser, addressing several critical vulnerabilities. The update on the Stable channel brings Chrome to…
Progress Patched New MOVEit File Transfer Flaw that Allows Privilege Escalation
Progress, the company behind MOVEit Transfer, has issued a critical security alert addressing a newly discovered vulnerability in its MOVEit Transfer product. The flaw, CVE-2024-6576,…
Proofpoint’s Email Protection Let Attackers Send Millions Of Phishing Emails
Hackers use phishing emails to mislead recipients into providing personal data like usernames, passwords, credit card numbers, or social security numbers. This method exploits human…
AcidPour Malware Attacking Linux Data Storage Devices To Wipe Out Data
In March 2024, a new variant of the AcidRain wiper malware dubbed “AcidPour” was noticed. It targets Linux data storage devices and permanently erases data…
DigiCert to Revoke Thousands of Certificates Following Domain Validation Error
DigiCert, a leading digital certificate provider, has announced the revocation of thousands of certificates due to a domain validation error. This decision follows the discovery…
Threat Actots Leveraging ChatGPT To Craft Sophisticated Attacks
Adversaries are employing Large Language Models to generate malicious code, delivered via phishing emails, for downloading diverse payloads, including Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and…