Malicious Go Packages Impersonate Google’s UUID Library to Steal Sensitive Data
A hidden danger has been lurking in the Go programming ecosystem for over four years. Security researchers from the Socket Threat Research Team have discovered…
Category: GBHackers
FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads
A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers from Intel 471 first identified…
2.15M Next.js Web Services Exposed Online, Active Attacks Reported
Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React…
Beyond CVEs – Turning Visibility into Action with ASM
Torrance, California, USA, December 5th, 2025, CyberNewsWire Criminal IP will host a live webinar on December 16 at 11:00 AM Pacific Time (PT), focusing on…
Sprocket Security Earns Repeat Recognition in G2’s Winter 2025 Penetration Testing Index
Madison, United States, December 5th, 2025, CyberNewsWire Sprocket Security is proud to announce that it has once again been recognized by G2 for “High Performer,”…
Cloudflare Outage Triggers Widespread 500 Internal Server Errors
Cloudflare has announced that it is currently experiencing a significant outage impacting its Dashboard and Cloudflare API services. Many users around the world are reporting…
NCSC Launches Proactive Notification Service to Alert System Owners of Vulnerabilities
The UK’s National Cyber Security Centre (NCSC) has introduced a new initiative designed to protect organisations from cyber threats. Working alongside Netcraft, the NCSC has…
Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads
A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file, according to a security advisory published by…
MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows
The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading…
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security…
Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation
SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from…
Hackers Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells
A critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August…