150K+ Networking Devices & Apps Exposed With Vulnerabilities
The “State of the UAE—Cybersecurity Report 2024,” a collaborative effort by the UAE Cyber Security Council and CPX Holding, has released the United Arab Emirates…
Category: GBHackers
Hackers Abuse Amazon & GitHub to Deploy Java-based Malware
Hackers target these platforms due to their hosting of valuable resources and data. For financial gain or some other bad motive, the hackers intrude on…
New Fortinet FortiOS Flaw Lets Attacker Execute Arbitrary Code
Fortinet has disclosed a critical vulnerability in its FortiOS and FortiProxy captive portal systems, potentially allowing attackers to execute arbitrary code through specially crafted HTTP…
Code Injection & Other Vulnerabilities Patched
Organizations using SAP products are urged to prioritize patching vulnerabilities outlined in the latest SAP Security Notes, which was released on 12th March 2024 on…
Beware Of New Malicious PyPI Packages Attack Crypto Wallets
Threat actors use malicious PyPI packages to infiltrate systems and execute various attacks like data exfiltration, ransomware deployment, or system compromise. By masquerading as legitimate…
Stanford University Hack Exposes Over 27K People’s Data
The Stanford University data breach involved a ransomware attack by the Akira ransomware gang. The breach occurred between May 12, 2023, and September 27, 2023,…
Sharp Increase in Akira Ransomware Attack Following LockBit
In the wake of the LockBit ransomware group’s takedown, a shift has occurred within the cybercriminal underworld, leading to a sharp rise in activities by…
Hackers Attacking Asset Management to Inject Malicious Code
The Andariel threat group was observed conducting persistent attacks against domestic businesses, specifically installing MeshAgent for remote screen control while conducting the attack. MeshAgent collects…
Google’s Gemini AI Vulnerability Lets Attackers Control Over Users
Researchers at HiddenLayer have unveiled a series of vulnerabilities within Google’s Gemini AI that could allow attackers to manipulate user queries and control the output…
Magnet-Goblin Hackers Attack Public Services Using 1-Day Exploits
A new threat actor, Magnet Goblin, emerged by rapidly exploiting recently disclosed vulnerabilities (CVE-2023-46805 & CVE-2023-21887) in Ivanti Connect Secure VPN, which allowed them to…
ChatGPT-Next-Web SSRF Vulnerability Let Hackers Gain Full Access to HTTP Endpoints
There are advantages to using standalone AI chatbots over cloud-based alternatives such as OpenAI; however, there are also some security risks. Research shows NextChat, a…
Disguised Adobe Reader Installer That Install Infostealer Malware
An infostealer disguised as the Adobe Reader installation has been observed. The file is disseminated in PDF format and prompts users to download and run it.…