Microsoft IIS Web Deploy Vulnerability Allows Remote Code Execution
Microsoft has disclosed a critical security vulnerability in its Internet Information Services (IIS) Web Deploy tool that could allow attackers...
Read more →Category: GBHackers
EncryptHub Turns Brave Support Into a Dropper; MMC Flaw Completes the Run
Trustwave SpiderLabs researchers have uncovered a sophisticated EncryptHub campaign that ingeniously abuses the Brave Support platform to deliver malicious payloads,...
Read more →
Splunk Publishes Defender’s Guide to Spot ESXi Ransomware Early
Splunk has released a comprehensive defender’s guide aimed at helping cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure...
Read more →
Attackers Need Just One Vulnerability to Own Your Rooted Android
Android privilege escalation has been transformed by rooting frameworks such as KernelSU, APatch, and SKRoot, which use advanced kernel patching...
Read more →
Proxyware Campaign Piggybacks on Popular YouTube Video Download Services
The AhnLab Security Intelligence Center (ASEC) has uncovered fresh instances of proxyware distribution by threat actors leveraging deceptive advertising on...
Read more →
Critical WordPress Plugin Vulnerability Puts 70,000+ Sites at Risk of Remote Code Execution
A severe security vulnerability has been discovered in a popular WordPress plugin used by over 70,000 websites worldwide, potentially exposing...
Read more →
Xerox FreeFlow Core Vulnerability Allows Remote Code Execution — PoC Now Public
Security researchers have disclosed critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code on...
Read more →
CISA Alerts on N-able N-Central Deserialization and Injection Flaw Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding two critical vulnerabilities in N-able N-Central that are...
Read more →
Infamous XZ Backdoor Found Hidden in Docker Images for Over a Year
Security researchers at Binarly have discovered that the sophisticated supply chain hack still exists in publicly accessible Docker images on...
Read more →
Emerging AI-Driven Phishing Trends Reshape Cybercrime Tactics
Artificial intelligence (AI) in advances and adaptive social engineering techniques have led to a significant revolution in phishing and scams...
Read more →
Google’s Android pKVM Framework Achieves SESIP Level 5 Certification
Google has revealed that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework (AVF), has achieved SESIP Level...
Read more →
Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products
Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array...
Read more →