New Malware Exploits TASPEN Legacy Systems to Target Indonesian Elderly
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero),...
Read more →Category: GBHackers
Spotify Launches Direct Messaging Feature Amid Security Concerns
Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the...
Read more →
CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine...
Read more →
Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims
A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign...
Read more →
IPFire Firewall Admin Panel Vulnerability Enables Persistent JavaScript Injection
A critical vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi) allows authenticated administrators to inject persistent JavaScript code, leading to...
Read more →
Hackers Abuse Compromised OAuth Tokens to Access and Steal Salesforce Corporate Data
Google Threat Intelligence Group (GTIG) has issued an advisory concerning a broad data theft operation targeting corporate Salesforce instances via...
Read more →
Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution
Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics...
Read more →
Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE
Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler...
Read more →
New ZipLine Campaign Targets Critical Manufacturing Firms with In-Memory MixShell Malware
Check Point Research has uncovered a highly persistent phishing operation dubbed ZipLine, which reverses traditional attack vectors by exploiting victims’...
Read more →
APT36 Targets Indian BOSS Linux Using Weaponized .desktop Shortcut Files
Researchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one...
Read more →
Threat Actors Leverage AI Agents to Conduct Social Engineering Attacks
Cybersecurity landscapes are undergoing a paradigm shift as threat actors increasingly deploy agentic AI systems to orchestrate sophisticated social engineering...
Read more →
China-Based Threat Actor Mustang Panda’s TTPs Leaked
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda,...
Read more →