Google Introduces OSS Rebuild to Boost Security in Open-Source Package Ecosystems
Google has unveiled OSS Rebuild, a pioneering project designed to enhance trust in package registries by independently reproducing upstream artifacts....
Read more →Category: GBHackers
Metasploit Module Released to Exploit SharePoint 0-Day Vulnerabilities
Security researchers have released a Metasploit exploitation module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server, marking a significant escalation...
Read more →
TP-Link Network Video Recorder Vulnerability Enables Arbitrary Command Execution
TP-Link has disclosed critical security vulnerabilities affecting two of its VIGI Network Video Recorder models, potentially allowing attackers to execute...
Read more →
AWS Client VPN for Windows Vulnerability Could Allow Privilege Escalation
Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow non-administrative...
Read more →
Weidmueller Industrial Routers Exposed to Remote Code Execution Flaws
Multiple high-severity security vulnerabilities have been discovered in Weidmueller Industrial Routers, potentially allowing attackers to execute arbitrary code with root...
Read more →
CISA Alerts on Google Chromium Input Validation Flaw Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe input validation vulnerability in Google...
Read more →
Lumma Stealer Masquerades as Pirated Apps to Steal Logins and Data
Lumma Stealer, a notorious information-stealing malware-as-a-service (MaaS) platform, has swiftly reemerged after a coordinated global law enforcement operation in May...
Read more →
Malicious LNK File Posing as Credit Card Security Email Steals User Data
Threat actors have deployed a malicious LNK file masquerading as a credit card company’s security email authentication pop-up to pilfer...
Read more →
Cyberattack on Germany’s AMEOS Hospital Network Exposes Patient Data
Germany’s AMEOS Hospital Network has confirmed a sophisticated cyberattack that compromised its IT infrastructure, leading to unauthorized access and potential...
Read more →
Operation CargoTalon Targets Russian Aerospace & Defense to Deploy EAGLET Implant
SEQRITE Labs’ APT-Team has uncovered a sophisticated spear-phishing campaign dubbed Operation CargoTalon, targeting employees at Russia’s Voronezh Aircraft Production Association...
Read more →
Hidden Backdoor in WordPress Plugins Grants Attackers Ongoing Access to Websites
Security researchers have discovered a concerning trend in which a highly skilled malware campaign has been targeting WordPress websites by...
Read more →
Mimo Targets Magento CMS to Steal Card Details and Monetize Bandwidth
The Datadog Security Research team has uncovered the Mimo threat actor also known as Mimo’lette or Hezb expanding its operations...
Read more →