Hackers Launch Rust-Based Luca Stealer Targeting Linux and Windows
Cybercriminals are increasingly abandoning traditional programming languages like C and C++ in favor of modern alternatives such as Rust, Golang, and Nim. This strategic shift…
Category: GBHackers
Kali Linux 2025.4 Released Featuring 3 New Hacking Tools and Wifipumpkin3
The release of Kali Linux 2025.4 marks a significant milestone for the ethical hacking distribution, bringing major architectural changes and a suite of fresh tools. This update…
Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users
Apple has issued critical security patches addressing two actively exploited zero-day vulnerabilities affecting iPhone and iPad devices. The tech giant confirmed that both flaws were…
Empire 6.3.0 Released as Updated Post-Exploitation Framework for Red Teams
Researcher has officially released Empire 6.3.0, a significant update to the widely used post-exploitation and adversary emulation framework designed for Red Teams and Penetration Testers. This latest…
Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack
A sophisticated AI-generated supply chain attack is targeting researchers, developers, and security professionals through compromised GitHub repositories, according to findings from Morphisec Threat Labs. The…
Hackers Target Windows Systems Using Phantom Stealer Hidden in ISO Files
Seqrite Labs has uncovered an active Russian phishing campaign that delivers Phantom information-stealing malware through malicious ISO files embedded in fake payment confirmation emails. The…
ConsentFix Attack Lets Hackers Hijack Microsoft Accounts via Azure CLI Abuse
Security researchers at Push have identified a sophisticated new phishing attack termed “ConsentFix,” which combines OAuth consent manipulation with ClickFix-style social engineering to compromise Microsoft…
New AiTM Attack Campaign Bypasses MFA to Target Microsoft 365 and Okta Users
Cybersecurity researchers at Datadog have uncovered a sophisticated adversary-in-the-middle phishing campaign targeting organizations that use Microsoft 365 and Okta for single sign-on authentication. The campaign…
10,000+ Docker Hub Images Exposed with Live Production Credentials from 100+ Firms
A comprehensive security analysis has uncovered a critical vulnerability in container image distribution: more than 10,000 Docker Hub images containing leaked production credentials from over…
CISA Alerts on Active Exploitation of Windows Cloud Files Mini Filter 0-Day
A critical privilege escalation vulnerability in Microsoft Windows Cloud Files Mini Filter Driver is now under active exploitation, according to a new Cybersecurity and Infrastructure…
Researchers Revive 2000s ‘Blinkenlights’ to Extract Smartwatch Firmware via Screen Pixels
Security researchers have successfully extracted firmware from a cheap JieLi-based smartwatch by reviving an obscure 2000s attack technique that transmits sensitive data through display pixels.…
CISA Issues New Guidance for Securing UEFI Secure Boot on Enterprise Devices
The Cybersecurity and Infrastructure Security Agency has released critical guidance on managing UEFI Secure Boot configurations across enterprise systems. The comprehensive advisory addresses growing concerns…