Thursday, April 17, 2025
Follow us On Linkedin

Cyber Security News

2 Apple Zero-Day Vulnerabilities Actively Exploited in “Extremely” Sophisticated iOS Attacks

Balaji - 0
Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed...
CISA Extend Funding to MITRE

CISA Extend Funding to MITRE to Keep CVE Program Running

Balaji - 0
The Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring the continued operation of the Common Vulnerabilities and Exposures...

Windows Task Scheduler Vulnerabilities Allow Attackers Gain Admin Account Control

Balaji - 0
New vulnerabilities in Windows Task Scheduler's schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection.These actions map to MITRE...

Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems

Balaji - 0
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide.The flaw,...
Server-Side Phishing Attacks

Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials

Aman Mishra - 0
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises.This strategic shift to server-side operations is designed...
Online PDF Converters Tricking Users

Beware! Online PDF Converters Tricking Users into Installing Password-Stealing Malware

Aman Mishra - 0
CloudSEK's Security Research team, a sophisticated cyberattack leveraging malicious online PDF converters has been demonstrated to target individuals and organizations globally.This attack, previously hinted...
Interlock Ransomware

Interlock Ransomware Uses Multi-Stage Attack Through Legitimate Websites to Deliver Malicious Browser Updates

Aman Mishra - 0
The Interlock ransomware intrusion set has escalated its operations across North America and Europe with sophisticated techniques.Not falling under the typical Ransomware-as-a-Service (RaaS) category,...
Load more

Supply Chain Attack Prevention

SIEM as a Service

Recent News

APT32

APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks

Aman Mishra - 0
Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been identified as employing GitHub to conduct a sophisticated poison attack...

CISA Issues 10 ICS Advisories Addressing Critical Vulnerabilities and Exploits

Divya - 0
The Cybersecurity and Infrastructure Security Agency (CISA) has issued ten new Industrial Control Systems (ICS) advisories to address critical vulnerabilities and exploits that could...

Dell Alerts Users to Critical PowerScale OneFS Flaws Enabling Account Takeover

Divya - 0
Dell Technologies has issued an urgent security advisory to its users, warning of several critical vulnerabilities in its PowerScale OneFS operating system.These flaws, if...

CentreStack 0-Day Exploit Enables Remote Code Execution on Web Servers

Divya - 0
A critical 0-day vulnerability has been disclosed in CentreStack, a popular enterprise cloud storage and collaboration platform, which could allow attackers to execute arbitrary...

Jailbreaking Malicious JScript Loader Reveals Xworm Payload Execution Chain

Divya - 0
Cybersecurity researchers have uncovered a sophisticated JScript-to-PowerShell loader delivering XWorm RAT and Rhadamanthys Stealer through a geofenced, multi-stage execution chain.The attack leverages obfuscation, geolocation checks, and fileless techniques...
Chinese UNC5174 Group Expands Arsenal

Chinese UNC5174 Group Expands Arsenal with New Open Source Tool and C2 Infrastructure

Aman Mishra - 0
The Sysdig Threat Research Team (TRT) has revealed a significant evolution in the offensive capabilities of the Chinese state-sponsored threat actor, UNC5174.In late...

Linux Firewall IPFire 2.29 Launches with Post-Quantum Encryption and System Enhancements

Divya - 0
The open-source Linux firewall solution, IPFire, has officially released its latest version, IPFire 2.29 - Core Update 193.This landmark update introduces cutting-edge post-quantum encryption capabilities for...

BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks

Divya - 0
A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks.According to...
ChatGPT Image Generator Abused

ChatGPT Image Generator Abused for Fake Passport Production

Kaaviya - 0
OpenAI's ChatGPT image generator has been exploited to create convincing fake passports in mere minutes, highlighting a significant vulnerability in current identity verification systems....
Load more

Most Popular

2 Apple Zero-Day Vulnerabilities Actively Exploited in “Extremely” Sophisticated iOS Attacks

0
Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed...

Windows Task Scheduler Vulnerabilities Allow Attackers Gain Admin Account Control

0
New vulnerabilities in Windows Task Scheduler's schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection.These actions map to MITRE...

CISA Extend Funding to MITRE to Keep CVE Program Running

0
The Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring the continued operation of the Common Vulnerabilities and Exposures...

Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems

0
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide.The flaw,...

Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials

0
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises.This strategic shift to server-side operations is designed...

Beware! Online PDF Converters Tricking Users into Installing Password-Stealing Malware

0
CloudSEK's Security Research team, a sophisticated cyberattack leveraging malicious online PDF converters has been demonstrated to target individuals and organizations globally.This attack, previously hinted...

Interlock Ransomware Uses Multi-Stage Attack Through Legitimate Websites to Deliver Malicious Browser Updates

0
The Interlock ransomware intrusion set has escalated its operations across North America and Europe with sophisticated techniques.Not falling under the typical Ransomware-as-a-Service (RaaS) category,...

Researchers Expose Medusa Ransomware Group’s Onion Site

0
Researchers have successfully infiltrated the digital fortress of one of the most prolific ransomware groups, Medusa Locker.Known for targeting critical sectors like healthcare, education,...

CISA Extends Support a Last Minute to CVE Program, Averting Global Cybersecurity Crisis

0
CISA announced an eleventh-hour contract extension with MITRE Corporation to maintain the Common Vulnerabilities and Exposures (CVE) program, narrowly avoiding a lapse in federal...
Load more

Glossary

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved