W3 Total Cache Security Vulnerability Exposes One Million WordPress Sites to RCE
A critical security flaw has been discovered in the widely used W3 Total Cache WordPress plugin, putting over 1 million websites at serious risk. The…
Category: GBHackers
Microsoft Entra Invitations Hijacked in Surge of TOAD Phishing Attacks
A newly identified phishing campaign is exploiting Microsoft Entra tenant invitation functionality to orchestrate TOAD (Telephone-Oriented Attack Delivery) attacks against unsuspecting users. Security researchers have…
Pre-Installed Spyware Found on Samsung Galaxy Devices and Cannot Be Removed
Samsung users across West Asia and North Africa are raising serious privacy concerns over AppCloud. This pre-installed bloatware application collects sensitive personal data without consent.…
AI-Powered Expansion of Pig Butchering Scam Operations
Pig-butchering scams, the sophisticated long-con investment fraud schemes that have plagued millions globally, have reached unprecedented scale through the strategic deployment of artificial intelligence technologies.…
Google Launches Public Preview of Its Alert Triage and Investigation Agent for Security Operations
Google has taken a significant step toward its vision of an Agentic SOC by announcing the public preview of the Alert Triage and Investigation agent,…
New Tool Blocks Network Traffic to Bypass EDR and Antivirus
A newly released open-source tool called SilentButDeadly is raising security concerns by demonstrating how attackers can effectively turn off Endpoint Detection and Response systems and…
Encryption Mechanics, Operational Model, and Data Exfiltration Methods
A newly identified ransomware group, Yurei, has emerged as a significant threat to organizations worldwide, with confirmed attacks targeting entities in Sri Lanka and Nigeria…
CISA Alerts on Critical Lynx+ Gateway Flaw Leaks Data in Cleartext
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device. Released on…
Inside the Criminal Networks Hijacking Payroll Systems
Cyber threats don’t always come with warning signs. Sometimes, they arrive as sponsored ads. Since mid-2023, a financially motivated network has been quietly hijacking payroll…
70 Million Devices Vulnerable Due to Logic Flaw Exposing Internal Networks
A critical logic flaw discovered in the widely used mPDF PHP library could expose internal networks and sensitive services on approximately 70 million devices worldwide.…
FortiWeb WAF Flaw Actively Exploited to Establish Admin Access and Seize Total Control
Fortinet has released urgent security updates to address a critical vulnerability in its FortiWeb Web Application Firewall (WAF) that is being actively exploited in the…
Hackers Weaponize XWiki Flaw to Build and Rent Out Botnet Networks
Cybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency…