GBHackers - Cybernoz - Cybersecurity News

13

Nov

2025

Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens

On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm…

13

Nov

2025

Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code

A sophisticated campaign attributed to North Korean-aligned threat actors is weaponizing legitimate JSON storage services as an effective vector for…

13

Nov

2025

CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day…

13

Nov

2025

Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management…

13

Nov

2025

GitLab Vulnerabilities Expose Users to Prompt Injection Attacks and Data Theft

GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt…

13

Nov

2025

Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium

Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in…

13

Nov

2025

Kibana Vulnerabilities Expose Systems to SSRF and XSS Attacks

Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF)…

13

Nov

2025

Malicious Chrome Extension Grants Full Control Over Ethereum Wallet

Security researchers have uncovered a sophisticated supply chain attack disguised as a legitimate cryptocurrency wallet. Socket’s Threat Research Team discovered…

13

Nov

2025

New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware

Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across…

13

Nov

2025

Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks

Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked…

13

Nov

2025

Critical Dell Data Lakehouse Flaw Allows Remote Attackers to Escalate Privileges

Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges…

13

Nov

2025

Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware

A newly discovered malware campaign is leveraging one of cybercriminals’ most effective lures cryptocurrency to distribute DarkComet RAT. This notorious…

Search

Category: GBHackers

Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens

Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code

CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation

Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software

GitLab Vulnerabilities Expose Users to Prompt Injection Attacks and Data Theft

Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium

Kibana Vulnerabilities Expose Systems to SSRF and XSS Attacks

Malicious Chrome Extension Grants Full Control Over Ethereum Wallet

New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware

Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks

Critical Dell Data Lakehouse Flaw Allows Remote Attackers to Escalate Privileges

Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware