New Phishing Attack Facebook Business Account Users
An unreported phishing campaign that disseminated a Python version of the NodeStealer has been found. NodeStealer gave threat actors the ability to steal browser cookies and…
Category: GBHackers
Over 600+ Citrix Servers Hacked To Install Web Shells
A critical remote code execution (RCE) vulnerability identified as CVE-2023-3519 has been the subject of several attacks, which have already compromised and backdoored hundreds of Citrix Netscaler…
Hackers Abuse AWS SSM Agent to Perform Malicious Activities
Legitimate SSM agents can turn malicious when attackers with high-privilege access use it to carry out ongoing malicious activities on an endpoint. Once compromised, the…
Beware of Fake FlipperZero Sites That Promise Free Device Offer
A website pretending to be Flipper Devices offers a free FlipperZero in exchange for completing an offer, but it merely directs users to insecure browser…
HackerOne Lays off 12% of Its Employees as a One-Time Event
HackerOne is a renowned cybersecurity company that offers bounty and penetration testing platforms to ethical hackers for the following activities:- Asset discovery Continuous assessment Process…
CISA Guide to Harden Cisco Firewalls
The National Security Agency (NSA) has released best practices for configuring and hardening Cisco Firepower Threat Defense (FTD) which can help network and system administrators…
Researchers Uncovered a New Flaw in AI Chatbots to Evil
LLMs are commonly trained on vast internet text data, often containing offensive content. To mitigate this, developers use “alignment” methods via finetuning to prevent harmful…
Beware! Hacker-Sold macOS HVNC Tool Allows Complete Takeover
Threat actors targeting macOS have increased lately as there were several cases of macOS information stealer malware found in the past, and many are being…
New Collide+Power Exploit Let Attacker Steal Sensitive Data
The build and shared components on the CPUs are exploited by a method called Collide+Power. This attack vector does not target specific programs but the…
CISA Published a Warning about Ivanti Zero-day Vulnerabilities
The United States Director of the Cybersecurity and Infrastructure Security Agency (CISA) released a warning on Friday about the active exploitation of Ivanti EPMM (formerly…
New Android Malware Via WhatsApp Steal Call logs
According to reports, a new Android malware is circulating under the guise of a fake chat application that is being distributed through WhatsApp. This malware…
Organizations with 51-200 Employees Targeted by Ransomware
High-profile ransomware attacks on corporations like Kaseya, Colonial Pipeline, and MOVEit may lead to the misconception that only large organizations are targeted. However, the fact…