Aggregator

China's Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones

The Hackers News
7 months ago
Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement authorities in China to gather information from seized mobile devices. The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd., which was formerly known as Meiya Pico. It specializes in the
The Hacker News

Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months ago

Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently […]

The post Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns

The Hackers News
7 months ago
Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber espionage campaign. "This threat entity demonstrates a strong preference for using shortcut files (LNK), VBScript, and post-exploitation tools such as Cobalt Strike and Metasploit, while consistently deploying CV-themed
The Hacker News

Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

The Hackers News
7 months ago
Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances. According to a report published by JPCERT/CC today, the threat actors behind the exploitation of CVE-2025-0282 and CVE-2025-22457 in intrusions observed between December 2024 and July
The Hacker News

Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months ago

Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish businesses, especially those in the defense and aerospace sectors. The campaign distributes malicious emails masquerading as contractual documents, such as the file “TEKLİF İSTEĞİ – TUSAŞ TÜRK HAVACILIK UZAY SANAYİİ_xlsx.exe” with SHA256 hash 0cb819d32cb3a2f218c5a17c02bb8c06935e926ebacf1e40a746b01e960c68e4. This […]

The post Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2025-7819 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /create-pass.php visname cross site scripting (EUVD-2025-21957)

VulDB Recent Entries
7 months ago
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /create-pass.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-7819. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-7818 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /category.php categoryname cross site scripting (EUVD-2025-21958)

VulDB Recent Entries
7 months ago
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /category.php of the component HTTP POST Request Handler. The manipulation of the argument categoryname leads to cross site scripting. This vulnerability is handled as CVE-2025-7818. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-7817 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /bwdates-reports.php visname cross site scripting (EUVD-2025-21960)

VulDB Recent Entries
7 months ago
A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /bwdates-reports.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. This vulnerability is known as CVE-2025-7817. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-7816 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /visitor-detail.php visname cross site scripting (EUVD-2025-21956)

VulDB Recent Entries
7 months ago
A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. This vulnerability is traded as CVE-2025-7816. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad