Category: GBHackers

Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection
21
Oct
2025

Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection

 A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data…

PassiveNeuron Targets High-Profile Servers to Deploy Malware
21
Oct
2025

PassiveNeuron Targets High-Profile Servers to Deploy Malware

A sophisticated cyberespionage campaign dubbed PassiveNeuron has emerged from the shadows after months of dormancy, with security researchers uncovering fresh…

Decoding Microsoft 365 Audit Logs Using Bitfield Mapping: An Investigation Report
21
Oct
2025

Decoding Microsoft 365 Audit Logs Using Bitfield Mapping: An Investigation Report

Understanding exactly how users authenticate to cloud services is crucial for effective security monitoring. A recently refined bitfield mapping technique…

New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions
21
Oct
2025

New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions

GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and…

Threat Actors Reportedly Marketing Monolock Ransomware on Dark Web Forums
21
Oct
2025

Threat Actors Reportedly Marketing Monolock Ransomware on Dark Web Forums

A recent surge in underground cybercrime chatter has shone a spotlight on Monolock Ransomware V1.0, as multiple posts on dark…

AWS Resolves Major Outage After Nearly 24 Hours of Service Disruption
21
Oct
2025

AWS Resolves Major Outage After Nearly 24 Hours of Service Disruption

Amazon Web Services experienced a significant service disruption in its US-EAST-1 region that lasted nearly 24 hours, affecting over 140…

LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution
21
Oct
2025

LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution

A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run…

New LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVER
21
Oct
2025

New LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVER

Russian state-sponsored threat actor COLDRIVER, long known for targeting high-profile NGOs, policy advisors, and dissidents, has been linked to a…

CISA Warns of Actively Exploited Windows SMB Vulnerability
21
Oct
2025

CISA Warns of Actively Exploited Windows SMB Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its…

Cavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRAT
21
Oct
2025

Cavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRAT

From May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed…

AdaptixC2 Emerges in npm Supply-Chain Exploit Against Developers
21
Oct
2025

AdaptixC2 Emerges in npm Supply-Chain Exploit Against Developers

Cybersecurity researchers at Kaspersky have uncovered a sophisticated supply chain attack targeting the npm ecosystem, where threat actors distributed the…

CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks
21
Oct
2025

CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities…