Hacker Dumped MacBook in River in Attempt to Destroy Digital Evidence
A former employee of South Korean e-commerce giant Coupang attempted to destroy evidence of a massive data theft by throwing his MacBook Air into a…
Category: GBHackers
MongoBleed Detector Launched to Identify Critical MongoDB Flaw (CVE-2025-14847)
Security researchers have released an open-source detection tool to help organizations identify potential exploitation of MongoBleed (CVE-2025-14847), a critical memory disclosure vulnerability affecting multiple MongoDB…
Hacktivist Proxies and the Normalization of Cyber Pressure Campaigns
A significant shift in the cyber threat landscape has been identified in a new research report, distinguishing modern “Hacktivist Proxy Operations” from traditional digital protests…
Hackers Compromise Trust Wallet Chrome Extension, Users Claim Millions Stolen
Trust Wallet users suffered devastating losses exceeding $7 million after cybercriminals compromised the Chrome browser extension version 2.68.0, released on December 24, 2025. The breach,…
Google Introduces Option to Change @gmail.com Email Addresses
For years, Google users have been stuck with the email addresses they created when they first signed up. If you picked an embarrassing username years…
Critical LangChain Vulnerability Allows Attackers to Steal Sensitive Secrets
A critical security vulnerability in LangChain, one of the world’s most widely deployed AI frameworks, enables attackers to extract environment variable secrets and, through a…
Unpatched FortiGate Security Flaw Allows Attackers to Bypass 2FA Controls
A critical authentication bypass vulnerability in FortiGate devices enables threat actors to circumvent two-factor authentication (2FA) protections through case-sensitive username manipulation. The flaw, tracked as…
NtKiller Malware Advertised on Dark Web With Claims of Antivirus and EDR Bypass
A new and sophisticated defensive evasion tool dubbed “NtKiller” has surfaced on underground cybercrime forums, marketed by a threat actor known as “AlphaGhoul.” The utility is being aggressively…
Net-SNMP Vulnerability Triggers Buffer Overflow, Crashing the Daemon
A critical buffer overflow vulnerability in Net-SNMP’s snmptrapd daemon allows remote attackers to crash the service by sending specially crafted packets, potentially disrupting network monitoring…
M-Files Vulnerability Allows Attackers to Steal Active User Session Tokens
A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation…
Israeli Organizations Targeted by AV-Themed Malicious Word and PDF Files
SEQRITE Labs’ Advanced Persistent Threat (APT) Team has uncovered a sophisticated campaign targeting Israeli organizations through weaponized Microsoft Word and PDF documents disguised as legitimate…
NVIDIA Isaac Vulnerabilities Enable Remote Code Execution Attacks
NVIDIA released critical security updates for its Isaac Launchable platform on December 23, 2025, addressing three severe vulnerabilities that could allow unauthenticated attackers to execute…