Hackers Exploit SVG Files with Embedded JavaScript to Deploy Malware on Windows Systems
Threat actors are increasingly using Scalable Vector Graphics (SVG) files to get beyond traditional defenses in the quickly developing field...
Read more →Category: GBHackers
Gemini AI Exploited via Google Invite Prompt Injection to Steal Sensitive User Data
Security researchers have discovered a series of critical vulnerabilities in Google’s Gemini AI assistant that allow attackers to exploit the...
Read more →
Weaponizing Microsoft 365 Direct Send to Bypass Email Security Defenses
Security researchers at StrongestLayer, in collaboration with Jeremy, a seasoned Security Architect at a major manufacturing firm, have exposed a...
Read more →
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United...
Read more →
ScarCruft Hacker Group Launches New Rust-Based Malware Attack Leveraging PubNub
The North Korean state-sponsored advanced persistent threat (APT) group known as ScarCruft has been linked to a sophisticated malware campaign...
Read more →
Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two...
Read more →
CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an exploitation chain dubbed “ToolShell” targeting on-premises...
Read more →
IRGC-Linked Hackers Target Financial, Government, and Media Organizations
A sophisticated network of hackers with ties to Iran’s Islamic Revolutionary Guard Corps (IRGC) unleashed a barrage of cyber-operations designed...
Read more →
Hackers Exploit Legitimate Drivers to Disable Antivirus and Weaken System Defenses
Threat actors have been deploying a novel antivirus (AV) killer since at least October 2024, leveraging the legitimate ThrottleStop.sys driver...
Read more →
SocGholish Uses Parrot and Keitaro TDS to Spread Malware via Fake Updates
SocGholish, operated by the threat actor group TA569, has solidified its role as a prominent Malware-as-a-Service (MaaS) provider, functioning as...
Read more →
Akamai Ghost Platform Flaw Allows Hidden Second Request Injection
Akamai Technologies disclosed a critical HTTP request smuggling vulnerability affecting its content delivery network platform that could allow attackers to...
Read more →
New Active Directory Attack Method Bypasses Authentication to Steal Data
Security researchers have uncovered a novel attack technique that exploits weaknesses in hybrid Active Directory (AD) and Entra ID environments...
Read more →