Researchers Catch Lazarus Group’s Recruitment Workflow on Camera via Honeypot
A groundbreaking collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has lifted the curtain on North Korean threat actors from the Lazarus…
Category: GBHackers
Multiple Django Vulnerability Expose Applications to SQL Injection and DoS Attacks
The Django development team has released critical security patches for three major versions of the popular Python web framework, addressing two significant vulnerabilities that could…
CISA Alerts on Iskra iHUB Authentication Flaw Allowing Remote Device Reconfiguration
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe authentication vulnerability affecting Iskra iHUB and iHUB Lite intelligent metering…
Water Saci Hackers Exploit AI Tools to Target WhatsApp Web Users
The Water Saci campaign targeting Brazilian users has escalated significantly, with threat actors demonstrating remarkable technical sophistication by employing artificial intelligence to enhance their malware…
Chrome 143 Update Patches 13 Security Vulnerabilities Allowing Arbitrary Code Execution
Google has released Chrome 143 to the stable channel, addressing 13 security vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The…
Advanced eBPF-Based Rootkits Target Linux Systems
Extended Berkeley Packet Filter (eBPF) represents one of Linux’s most powerful kernel technologies, enabling users to load sandboxed programs directly into the kernel for network…
SmartTube Android TV App Compromised After Signing Keys Leak
SmartTube, a popular open-source YouTube client for Android TV devices with over 25,900 GitHub stars, has been compromised after its digital signing keys were exposed,…
Evilginx Attack Techniques Allow Hackers to Defeat MFA Through SSO Phishing
A sophisticated threat actor has been conducting a persistent phishing campaign against United States educational institutions since April 2025, leveraging the open-source Evilginx framework to…
Ukrainian Hackers Target Russian Aerospace and Defense Sectors
Multiple Ukrainian hacktivist groups have launched an extensive spearphishing campaign targeting Russia’s critical aerospace and defence industries, according to a new threat intelligence report by…
nopCommerce Flaw Lets Attackers Access Accounts Using Captured Cookies
Security researchers have uncovered a serious vulnerability in nopCommerce, a popular open-source ecommerce platform used by major companies, including Microsoft, Volvo, and BMW. The flaw…
Early Indicators of Insider Threats Through Authentication and Access Controls
Security researchers at Nisos have identified a critical gap in insider threat detection: organizations often fail to correlate early behavioral anomalies with external intelligence sources,…
Dash Cam Hack: How Criminals Can Seize Control in Seconds
Dashcams have become an essential accessory in vehicles across many countries, serving as impartial witnesses in the event of accidents and roadside disputes. Yet, new…