PoisonSeed Attack Tricks Users into Scanning Malicious MFA QR Codes
A sophisticated new cyber attack technique has emerged that exploits the cross-device sign-in features of FIDO keys, effectively bypassing one...
Read more →Category: GBHackers
SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of...
Read more →
New Surge of Crypto-Jacking Hits Over 3,500 Websites
Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a...
Read more →
Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware
A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily...
Read more →
New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit...
Read more →
Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens,...
Read more →
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating...
Read more →
Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish...
Read more →
Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer
Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma...
Read more →
Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon
Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware, including...
Read more →
Microsoft Defender for Office 365 Gets Enhanced Threat Dashboard
Microsoft has announced significant transparency improvements for its email security platform, introducing a new customer-facing dashboard that provides detailed visibility...
Read more →
Grafana Flaws Allow User Redirection and Code Execution in Dashboards
Grafana Labs has released critical security patches addressing two significant vulnerabilities that could enable attackers to redirect users to malicious...
Read more →