8 XSS Vulnerabilities Allow Attackers to Deliver Malicious Payloads
Azure HDInsight has been identified with multiple Cross-Site Scripting – XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities ranges…
Category: GBHackers
Windows11 Themes vulnerability-Attackers Execute Arbitrary Code
An Arbitrary code execution vulnerability has been found in Windows 11. This vulnerability is a result of several factors, such as a Time-of-Check Time-of-Use (TOCTOU)…
Memory Corruption Flaw in ncurses API Library
Multiple memory corruption vulnerabilities have been discovered in the ncurses library, which various programs use on multiple operating systems like Portable Operating System Interface (POSIX)…
3AM Ransomware Attack – Stop Services, Delete Shadow Copies
Ransomware is a universal threat to enterprises, targeting anyone handling sensitive data when profit potential is high. A new ransomware named 3AM has surfaced and…
Trellix DLP Vulnerability Allows Attackers To Delete Files
A privilege escalation vulnerability has been identified in the Trellix Windows DLP endpoint for Windows, which may be exploited to delete any file/folder for which…
Storm-0324 Using Microsoft Teams to Hack Corporate Networks
According to recent reports, a threat actor known as Storm-0324 has been using email-based initial infection vectors to attack organizations. However, as of July 2023,…
How to to Secure Your Inboxes 2023
Email communication is still widely used as an attack vector despite the ever-changing nature of cyber threats. The vast number of people who use it…
Cisco IOS Verification Flaw Let Attackers Execute Arbitrary Code
Cisco has been discovered with an arbitrary code execution flaw on their Cisco IOS XR Software image verification checks, which allows an authenticated, local attacker…
SolarWinds Platform Vulnerability Let Attackers Execute Arbitrary Commands
SolarWinds Platform has published its release notes 2023.3.1, which provides multiple bug fixes and security updates. With this release, the platform has fixed two vulnerabilities,…
Hackers Attack Facebook Business Users Aggressively to Steal Login Credentials
A new and highly concerning cyber threat has emerged, as a botnet known as “MrTonyScam” has been orchestrating an extensive Messenger phishing campaign on Facebook. …
OpenAI-based Extension for Burp Suite
Burp Suite, the renowned Bug Bounty Hunting and Web Application Penetration Testing tool, has been improvised with many extensions over the years. Many of Burp’s…
Weaponized Free Download Manager for Linux Steals System Data
In recent years, Linux systems gained prominence among diverse threat actors, with more than 260,000 unique samples emerging in H1 2023. In the case of…