Category: GBHackers

BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign
25
Sep
2025

BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign

Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked…

Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code
25
Sep
2025

Linux Kernel ksmbd Flaw Lets Remote Attackers Execute Arbitrary Code

A critical vulnerability in the Linux Kernel’s ksmbd file sharing component allows remote attackers to execute code with kernel privileges….

NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access
25
Sep
2025

NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access

A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by…

Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification
24
Sep
2025

Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification

In January 2025, Supermicro released patches addressing critical vulnerabilities in its Baseboard Management Controller (BMC) firmware validation logic. Despite these…

Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension Loads
24
Sep
2025

Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension Loads

A new study has uncovered a method for silently installing custom extensions on Chromium-based browsers running in Windows domain environments….

GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More
24
Sep
2025

GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More

A large-scale campaign targeting Mac users is leveraging fake GitHub pages to distribute information-stealing malware disguised as popular legitimate applications….

Multiple Apps on Google's Firebase Platform Exposing Sensitive Data
24
Sep
2025

Multiple Apps on Google’s Firebase Platform Exposing Sensitive Data

A comprehensive security analysis has revealed a widespread vulnerability affecting Firebase-powered mobile applications, with over 150 popular apps inadvertently exposing…

UK Police Arrest Suspect Tied to Ransomware Attack on European Airports
24
Sep
2025

UK Police Arrest Suspect Tied to Ransomware Attack on European Airports

A person in his forties has been arrested in connection with a cyber-attack that caused days of disruption at several…

Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads
24
Sep
2025

Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads

Security researchers have discovered a wave of attacks that use in-memory PE loaders to slip past endpoint detection and response (EDR) systems….

Attackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update Servers
24
Sep
2025

Attackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update Servers

Attackers have discovered a way to exploit Google’s core services, Google Meet, YouTube, Chrome update servers and more using a…

Russian Disinformation Campaign Targets Moldova's Upcoming Elections
24
Sep
2025

Russian Disinformation Campaign Targets Moldova’s Upcoming Elections

A sophisticated effort by Russian-linked actors is seeking to sway public opinion ahead of Moldova’s September 28, 2025, vote, raising…

OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission
24
Sep
2025

OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission

A newly disclosed flaw in OnePlus OxygenOS lets any app on a device read SMS and MMS messages without asking…