Category: GBHackers

Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks
14
Nov
2025

Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks

A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites…

Share: X : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksFacebook : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksLinkedin : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksReddit : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksTelegram : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksWhatsApp : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksEmail : Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks
Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications
14
Nov
2025

Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications

Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in…

Share: X : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsFacebook : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsLinkedin : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsReddit : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsTelegram : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsWhatsApp : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsEmail : Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications
Akira Ransomware Has Extracted $42M After Targeting Hundreds
14
Nov
2025

Akira Ransomware Has Extracted $42M After Targeting Hundreds

A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising…

Share: X : Akira Ransomware Has Extracted $42M After Targeting HundredsFacebook : Akira Ransomware Has Extracted $42M After Targeting HundredsLinkedin : Akira Ransomware Has Extracted $42M After Targeting HundredsReddit : Akira Ransomware Has Extracted $42M After Targeting HundredsTelegram : Akira Ransomware Has Extracted $42M After Targeting HundredsWhatsApp : Akira Ransomware Has Extracted $42M After Targeting HundredsEmail : Akira Ransomware Has Extracted $42M After Targeting Hundreds
Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
14
Nov
2025

Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage

Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old…

Share: X : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud StorageFacebook : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud StorageLinkedin : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud StorageReddit : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud StorageTelegram : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud StorageWhatsApp : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud StorageEmail : Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets
14
Nov
2025

Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets

Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected…

Share: X : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsFacebook : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsLinkedin : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsReddit : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsTelegram : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsWhatsApp : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsEmail : Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets
BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New Integration
13
Nov
2025

BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New Integration

New York, New York, November 13th, 2025, CyberNewsWire BreachLock, a global leader in offensive security, just announced a powerful new…

Share: X : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New IntegrationFacebook : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New IntegrationLinkedin : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New IntegrationReddit : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New IntegrationTelegram : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New IntegrationWhatsApp : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New IntegrationEmail : BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New Integration
OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data
13
Nov
2025

OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data

Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with…

Share: X : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio DataFacebook : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio DataLinkedin : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio DataReddit : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio DataTelegram : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio DataWhatsApp : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio DataEmail : OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data
Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years
13
Nov
2025

Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years

Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over…

Share: X : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two YearsFacebook : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two YearsLinkedin : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two YearsReddit : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two YearsTelegram : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two YearsWhatsApp : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two YearsEmail : Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years
Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens
13
Nov
2025

Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens

On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm…

Share: X : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal TokensFacebook : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal TokensLinkedin : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal TokensReddit : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal TokensTelegram : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal TokensWhatsApp : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal TokensEmail : Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens
Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code
13
Nov
2025

Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code

A sophisticated campaign attributed to North Korean-aligned threat actors is weaponizing legitimate JSON storage services as an effective vector for…

Share: X : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized CodeFacebook : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized CodeLinkedin : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized CodeReddit : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized CodeTelegram : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized CodeWhatsApp : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized CodeEmail : Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code
CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation
13
Nov
2025

CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day…

Share: X : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege EscalationFacebook : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege EscalationLinkedin : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege EscalationReddit : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege EscalationTelegram : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege EscalationWhatsApp : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege EscalationEmail : CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
13
Nov
2025

Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management…

Share: X : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate SoftwareFacebook : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate SoftwareLinkedin : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate SoftwareReddit : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate SoftwareTelegram : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate SoftwareWhatsApp : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate SoftwareEmail : Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software