Critical IBM API Connect Flaw Allows Attackers to Bypass Authentication
IBM has disclosed a critical authentication bypass vulnerability affecting its API Connect platform, assigning it a maximum CVSS severity score of 9.8. The flaw, tracked…
Category: GBHackers
ESET Flags Rising Threat of AI-Driven Malware and Ransomware
The cybersecurity landscape entered a critical new era in the second half of 2025 as AI-powered malware transitioned from theoretical threat to tangible reality, while…
Hackers Promote “VOID” AV Killer Claiming Kernel-Level Defense Evasion
A threat actor operating under the handle Crypt4You has begun advertising a sophisticated new offensive tool on underground cybercrime forums, marketed as a “kernel-level” security neutralization utility.…
Magecart Campaign Deploys 50+ Malicious Scripts to Hijack E-Commerce Transactions
A sophisticated and expansive Magecart campaign has been uncovered, marking a dangerous evolution in client-side attacks. Security researchers have identified a global operation utilizing over…
70,000+ MongoDB Servers Exposed After MongoBleed PoC Released
Over 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability became publicly available. The Shadowserver…
EmEditor Website Breach Used to Spread Infostealer Malware
The popular text editor EmEditor fell victim to a sophisticated supply chain attack between December 19-22, 2025, in which attackers compromised the official website to…
Operational Noise in Windows Event Logs During Advanced Cyberattacks
“Threat actors are becoming more advanced, sophisticated, and are constantly changing their tactics.” This mantra has dominated cybersecurity discourse as organizations grapple with escalating breach…
OpenAI Strengthens ChatGPT Atlas Security to Block Prompt Injection Attacks
OpenAI has deployed a significant security update to ChatGPT Atlas, its browser-based AI agent, implementing advanced defenses against prompt injection attacks. The update introduces an…
Hunting Windows LPE Flaws Through Kernel Drivers and Named Pipes
Security researchers from the Whitehat School recently completed an intensive bug-hunting project focused on identifying privilege escalation (LPE) flaws in Windows systems. The findings reveal…
AI-Powered Phishing Kit Targets Microsoft Users for Credential Theft
Security researchers have uncovered a sophisticated Spanish-language phishing kit targeting Microsoft Outlook users, revealing what appears to be a coordinated credential-theft operation with potential AI-assisted…
Ubisoft Confirms Rainbow Six Siege Server Intrusion Linked to MongoBleed
Ubisoft faced a coordinated security crisis today as hackers exploited the critical MongoBleed vulnerability (CVE-2025-14847) to infiltrate Rainbow Six Siege servers, causing widespread account tampering…
Silver Fox Hackers Target Indian Entities Using Income Tax Phishing Lures
Threat intelligence researchers at CloudSEK have uncovered a sophisticated phishing campaign targeting Indian entities using Income Tax-themed lures, attributed to the Chinese-aligned Silver Fox APT…