New Research and PoC Reveal Security Risks in LLM-Based Coding
A recent investigation has uncovered that relying solely on large language models (LLMs) to generate application code can introduce critical...
Read more →Category: GBHackers
CISA Releases Guide to Hunt and Mitigate Chinese State-Sponsored Threats
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled a comprehensive Cybersecurity Advisory (CSA) designed to empower network defenders to detect,...
Read more →
Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit
A critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated...
Read more →
Microsoft Teams Flaw Prevents Users From Accessing Embedded Office Files
A widespread service disruption is currently affecting Microsoft Teams users across the globe, preventing access to embedded Office documents within the collaboration...
Read more →
Chinese Hacker Suspect Arrested in South Korea Over Major Financial Cyberattack
South Korean authorities have successfully extradited a key suspect in a large-scale hacking operation that resulted in the embezzlement of...
Read more →
Critical Zip Slip Bug Enables Malicious File Manipulation on Unzip
Path traversal flaws like Zip Slip, which give hackers the ability to alter file systems while decompressing, remain a serious...
Read more →
Cephalus Ransomware Exploits RDP for Initial Access in Latest Attack Campaign
Cybersecurity researchers at Huntress identified a novel ransomware variant dubbed Cephalus, deployed in two separate incidents targeting organizations lacking robust...
Read more →
New Cache Deception Attack Exploits Miscommunication Between Cache and Web Server
A newly documented cache deception attack leverages mismatches in path normalization and delimiter handling between caching layers and origin servers...
Read more →
Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations
The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber...
Read more →
Nagios Flaw Enables Remote Attackers to Run Arbitrary JavaScript via XSS
Nagios has addressed a significant cross-site scripting (XSS) vulnerability in its enterprise monitoring platform Nagios XI that could allow remote...
Read more →
NVIDIA NeMo AI Curator Vulnerability Allows Code Execution and Privilege Escalation
NVIDIA released a security bulletin for NVIDIA® NeMo Curator addressing a high-severity vulnerability (CVE-2025-23307) that affects all prior versions of...
Read more →
Actors Attacking Government Entities With New Tactics, Techniques, and Procedures
The threat actor known as TAG-144, also referred to as Blind Eagle or APT-C-36, has been linked to five distinct...
Read more →