Streamlit Vulnerability Exposes Users to Cloud Account Takeover Attacks
A critical security flaw in Streamlit, the popular open-source framework for building data applications, has been discovered that could allow...
Read more →Category: GBHackers
WAF Protections Bypassed via JS Injection and Parameter Pollution for XSS Attacks
A groundbreaking security research has revealed that parameter pollution techniques combined with JavaScript injection can bypass 70% of modern Web Application...
Read more →
LegalPwn Attack Tricks AI Tools Like ChatGPT and Gemini into Running Malicious Code
Security researchers have discovered a new type of cyberattack that exploits how AI tools process legal text, successfully tricking popular...
Read more →
Claude AI Flaws Let Attackers Execute Unauthorized Commands Using the Model Itself
Security researchers have discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to bypass security restrictions and execute unauthorized...
Read more →
New Malware Attack Uses LNK Files to Deploy REMCOS Backdoor on Windows Systems
The investigation began with the detection of two scanning IP addresses, 91.238.181[.]225 and 5.188.86[.]169 sharing a common Secure Shell (SSH)...
Read more →
PXA Stealer Distributed via Telegram Harvests 200K Passwords and Credit Card Data
SentinelLABS and Beazley Security have uncovered a sophisticated infostealer campaign deploying the Python-based PXA Stealer, which has rapidly evolved since...
Read more →
Ransomware Hits Phone Repair & Insurance Firm, Causing Millions in Damage
Wilhelm Einhaus, a businessman from Bockum-Hövel, Germany, pioneered cell phone insurance services, establishing a robust network that integrated innovative offerings...
Read more →
Threat Actors Exploit AI to Scale Attacks and Target Autonomous Agents
Adversaries are using artificial intelligence (AI) to increase their operational efficiency in a fast-changing threat landscape. They are scaling attacks...
Read more →
CNCERT Accuses U.S. Intelligence of Cyberattacks on Chinese Military-Industrial Targets
China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) has publicly accused U.S. intelligence agencies of orchestrating sophisticated cyberattacks...
Read more →
Modular Malware Suite Sold by Threat Actors Through Public Storefront Domains
A threat actor operating under the moniker Cyber Products has established a public-facing storefront at cyberproducts[.]io to distribute their modular...
Read more →
Surge in Threat Actor Exploitation Attempts Serves as Early Warning of Emerging Cyber Vulnerabilities
Researchers have discovered a continuous relationship between increases in threat actor activity and the eventual disclosure of new Common Vulnerabilities...
Read more →
Interlock Ransomware Uses ClickFix Exploit to Execute Malicious Commands on Windows
The Interlock ransomware group was connected to several sophisticated cyber incidents that targeted firms in North America and Europe, according...
Read more →