Smishing Triad Hackers Attacks Banking, E-Commerce Platform
Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes. Resecurity researchers have recently revealed that the Smishing Triad group has…
Category: GBHackers
SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files
SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a threat actor to read sensitive files on the host machine. This…
Sleepy Pickle Exploit Let Attackers Exploit ML Models & End-Users
Hackers are targeting, attacking, and exploiting ML models. They want to hack into these systems to steal sensitive data, interrupt services, or manipulate outcomes in…
Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database
A threat actor has claimed responsibility for leaking the personal data of 5 million Ecuadorian citizens. The announcement was made via a post on social…
Ascension Hack Caused By Employee Downloaded Malicious File
Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery efforts following a recent cybersecurity breach. With the assistance of third-party…
AWS Announced Malware Detection Tool For S3 Buckets
Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection for Amazon Simple Storage Service (Amazon S3). This new feature expands…
Beware WARMCOOKIE Backdoor Knocking Your Inbox
WARMCOOKIE is a new Windows backdoor that is deployed by a phishing effort with a recruiting theme dubbed REF6127. The WARMCOOKIE backdoor can be used…
0day Vulnerability In 10,000 Web Apps Exploited Using XSS Payloads
A significant vulnerability, tracked as CVE-2024-37629, has been discovered in SummerNote 0.8.18. It allows Cross-Site Scripting (XSS) via the Code View Function. Summernote is a…
Hackers Exploiting MS Office Editor Vulnerability Deploy Keylogger
Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group. The group has been exploiting a known vulnerability (CVE-2017-11882) in the Microsoft…
Ivanti EPM SQL Injection Flaw Let Attackers Execute Remote Code
In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote code execution vulnerability. This vulnerability…
CISA Warns of Scammers Impersonating as CISA Employees
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a surge in impersonation scams. These scams often involve fraudsters pretending to be…
Microsoft Window Ntqueryinformationtoken Flaw Escalate Privilege
Microsoft has disclosed a critical vulnerability identified as CVE-2024-30088. With a CVSS score of 8.8, this flaw affects Microsoft Windows and allows local attackers to escalate their privileges on affected installations. The vulnerability resides in…