Category: GBHackers

Salesforce CLI Installer Flaw Lets Attackers Run Code and Gain SYSTEM-Level Access
24
Sep
2025

Salesforce CLI Installer Flaw Lets Attackers Run Code and Gain SYSTEM-Level Access

A serious security flaw in the Salesforce CLI installer (sf-x64.exe) has been assigned CVE-2025-9844. This weakness allows attackers to execute…

Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts
24
Sep
2025

Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts

A severe Stored Cross-Site Scripting (XSS) vulnerability in the Prompt module of the DNN Platform enables low-privilege attackers to inject…

24
Sep
2025

Kali Linux 2025.3 Launches With Fresh Features and 10 New Pentesting Tools

Kali Linux 2025.3 has arrived, bringing a wave of improvements, updated firmware support, and a suite of ten new security…

RainyDay, Turian and Naikon Malwares Abuse DLL Search Order to Execute Malicious Loaders
24
Sep
2025

RainyDay, Turian and Naikon Malwares Abuse DLL Search Order to Execute Malicious Loaders

Cisco Talos has uncovered a sophisticated, long-running campaign active since 2022 that leverages DLL search order hijacking to deliver a…

North Korean IT Worker Gains Access to Organization’s Network Through Innocent Job Application
24
Sep
2025

North Korean IT Worker Gains Access to Organization’s Network Through Innocent Job Application

In today’s complex threat landscape, adversaries increasingly favor “malware-less” intrusion methods that slip past traditional defenses. One particularly insidious scheme…

Jaguar Land Rover Factory Reopening Delayed After Cyber Attack
24
Sep
2025

Jaguar Land Rover Factory Reopening Delayed After Cyber Attack

Jaguar Land Rover (JLR) has announced a further delay to the reopening of its production lines following a sophisticated cyber…

ShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS Campaign
24
Sep
2025

ShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS Campaign

Darktrace’s latest investigation uncovered a novel campaign that blends traditional malware with modern DevOps technology. At the center of this…

New “YiBackdoor” Malware Lets Hackers Run Commands and Steal Data
24
Sep
2025

New “YiBackdoor” Malware Lets Hackers Run Commands and Steal Data

Cybersecurity researchers at Zscaler ThreatLabz have identified a sophisticated new malware strain dubbed YiBackdoor, first detected in June 2025. This…

Defy Security Appoints Esteemed Cybersecurity Leader Gary Warzala to Its Board of Directors
23
Sep
2025

Defy Security Appoints Esteemed Cybersecurity Leader Gary Warzala to Its Board of Directors

Defy Security, a leading provider of cybersecurity solutions and services, today announced the appointment of Gary Warzala to its Board…

SolarWinds Web Help Desk Vulnerability Enables Privilege Escalation
23
Sep
2025

SolarWinds Web Help Desk Vulnerability Enables Privilege Escalation

A critical vulnerability in SolarWinds Web Help Desk (WHD) could allow attackers to escalate privileges and execute arbitrary code on…

New npm Malware Steals Browser Passwords via Steganographic QR Code
23
Sep
2025

New npm Malware Steals Browser Passwords via Steganographic QR Code

A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery…

Hackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious Content
23
Sep
2025

Hackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious Content

Leveraging a native IIS module named BadIIS, attackers manipulated search engine crawler traffic to poison search results and redirect legitimate…