GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Russian state-backed advanced persistent threat (APT) group Storm-2372 has exploited device code phishing to bypass multi-factor authentication (MFA) and infiltrate high-value targets across governments, NGOs, and critical industries. Since August 2024, this group has weaponized the OAuth device authorization flow—a legitimate authentication mechanism—to hijack user sessions and exfiltrate sensitive data. Microsoft Threat Intelligence researchers, alongside […]

The post Russian APT Hackers Use Device Code Phishing Technique to Bypass MFA appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors are exploiting weaknesses in SMS verification systems to generate massive, fraudulent message traffic, costing businesses millions. This type of fraud involves artificially triggering SMS verification requests by creating numerous synthetic identities or using automated bots, thereby inflating the SMS traffic to exploit billing systems. Mechanics of SMS Pumping Fraudsters initiate this scam by […]

The post Threat Actors Exploit Messaging Services as Lucrative Cybercrime Platforms appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cyber threat landscape has witnessed remarkable adaptation from the notorious hacker collective known as Scattered Spider. Active since at least 2022, this group has been consistently refining its strategies for system compromise, data exfiltration, and identity theft. Silent Push analysts have tracked the evolution of Scattered Spider’s tactics, techniques, and procedures (TTPs) through early […]

The post Scattered Spider Launches Sophisticated Attacks to Steal Login Credentials and MFA Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean threat actors have demonstrated their adept use of social engineering techniques combined with Python scripting to infiltrate secure networks. The Democratic People’s Republic of Korea (DPRK) operatives are leveraging the accessibility and power of Python to craft initial access vectors that are proving alarmingly effective. The Ingenious Use of Python The DPRK’s use […]

The post North Korean Hackers Use Social Engineering and Python Scripts to Execute Stealthy Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Gcore, the global edge AI, cloud, network, and security solutions provider, has launched Super Transit, a cutting-edge DDoS protection and acceleration feature, designed to safeguard enterprise infrastructure while delivering lightning-fast connectivity.  This comes as organizations face a 56% year-on-year increase in high-volume, complex DDoS attacks that disrupt operations, increase latency, and compromise network security. Traditional solutions often […]

The post Gcore Super Transit Brings Advanced DDoS Protection and Acceleration for Superior Enterprise Security and Speed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has urgently patched a high-risk security vulnerability (CVE-2025-29810) in Windows Active Directory Domain Services (AD DS), which could allow attackers to escalate privileges and compromise entire network domains. Rated 7.5 (Important) on the CVSS v3.1 scale, this flaw impacts organizations using Windows Server 2016 through 2025 editions. CVE-2025-29810 Overview Key Detail Description CVE ID CVE-2025-29810 Published […]

The post Windows Active Directory Vulnerability Enables Unauthorized Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adobe has announced critical security updates for several of its popular software products, addressing vulnerabilities that could potentially be exploited by attackers. The Product Security Incident Response Team (PSIRT) has urged all users to apply these updates immediately to protect their systems and data. These updates are part of Adobe’s ongoing commitment to ensuring the […]

The post Adobe Security Update: Patches Released for Multiple Product Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a disturbing escalation of cyber threats, a new malware campaign dubbed ‘HollowQuill’ has been identified targeting academic institutions and government agencies worldwide. This sophisticated attack leverages weaponized PDF documents to infiltrate systems, using a combination of social engineering and advanced malware deployment techniques to bypass traditional security measures. The Anatomy of Attack: Social Engineering […]

The post HollowQuill Malware Targets Government Agencies Globally Through Weaponized PDF Documents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GreyNoise has noted a sharp escalation in hacking attempts targeting TVT NVMS9000 Digital Video Recorders (DVRs). The surge in malicious activity, peaking on April 3, 2025, with over 2,500 unique IP addresses, suggests a new variant of the notorious Mirai botnet is at play, exploiting an information disclosure vulnerability to seize administrative control over these […]

The post New Mirai Botnet Variant Exploits TVT DVRs to Gain Admin Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert highlighting a critical vulnerability in Gladinet CentreStack, a cloud-based enterprise file-sharing platform. The issue, tracked as CVE-2025-30406, involves the use of a hard-coded cryptographic key that could enable attackers to execute remote code on compromised systems, posing a major security risk to organizations relying on […]

The post CISA Alerts on Active Exploitation of CentreStack Hard-Coded Key Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has disclosed a new security vulnerability in Windows operating systems, tracked as CVE-2025-29809. This flaw, classified with Important severity, impacts the Kerberos authentication protocol, potentially enabling attackers to bypass critical security features. The vulnerability stems from weaknesses described under CWE-922: Insecure Storage of Sensitive Information, making it a pressing concern for organizations relying on Kerberos for secure authentication. […]

The post Windows Kerberos Vulnerability Enables Security Feature Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts have uncovered a sophisticated phishing campaign that employs a double-edged tactic to compromise Office 365 credentials and deliver malware, posing significant risks to organizations worldwide. The campaign, identified by the Cofense Phishing Defense Center (PDC), uses a file deletion reminder as a pretext to trick victims into engaging with what appears to be […]

The post New Double-Edged Email Attack Steals Office 365 Credentials and Delivers Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ransomware attacks have continued their relentless assault on organizations worldwide, with a focus on data exfiltration and subsequent blackmail through leak site posts. Rapid7 Labs’ analysis of internal and public data provides insights into the evolving landscape of ransomware threats. Evolving Tactics in Ransomware Operations The ransomware ecosystem has seen a shift where established and […]

The post Ransomware Groups Target Organizations to Exfiltrate Data and Blackmail via Leak Site Posts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors. Hellcat, which emerged in mid-2024, now employs a sophisticated blend of psychological manipulation, zero-day vulnerabilities, and Ransomware-as-a-Service (RaaS) to expand its influence. Spear Phishing and Zero-day Exploits Hellcat operators initiate attacks […]

The post Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has uncovered a sophisticated ransomware campaign exploiting a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The vulnerability allows attackers to escalate privileges from a standard user account to SYSTEM level, enabling widespread deployment of ransomware within compromised environments. Exploitation Details The exploit, deployed by the threat actor known […]

The post Ransomware Group Actively Exploits Windows CLFS Zero-Day Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of a critical vulnerability in the Microsoft Windows Common Log File System (CLFS) Driver. The vulnerability, tracked as CVE-2025-29824, poses a significant security risk by allowing attackers to locally elevate privileges on compromised systems. The flaw is categorized as a Use-After-Free vulnerability—a […]

The post CISA Issues Alert on Active Exploits of Windows CLFS Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical flaw in Apache mod_auth_openidc (versions ≤2.4.16.10) allows unauthenticated attackers to bypass authentication and access protected resources. The bug, CVE-2025-31492, patched in version 2.4.16.11, affects systems using OIDCProviderAuthRequestMethod POST without an application-level gateway or load balancer. Technical Breakdown The vulnerability stems from improper handling of authentication requests when the POST method is configured. Under specific conditions: Attackers triggering a request […]

The post Apache mod_auth_openidc Flaw Lets Unauthenticated Users Access Protected Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researcher “0xdf” has cracked the “Ghost” challenge on Hack The Box (HTB), a premier platform for honing penetration testing skills, and shared an exhaustive technical breakdown on their GitLab blog. The write-up chronicles a sophisticated attack that navigates through reconnaissance, vulnerability exploitation, and privilege escalation, ultimately claiming the system’s flag—a digital proof of victory. […]

The post Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering defenders with advanced threat analysis, vulnerability assessment, and incident response capabilities. The experimental system, developed by a team led by Elie Burzstein and Marianna Tishchenko, aims to address the critical asymmetry in cybersecurity where attackers need only one vulnerability to […]

The post Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, from Kosovo to face charges in the Western District of Pennsylvania for their alleged roles as administrators of the Rydox cybercrime marketplace. The Rydox cybercrime marketplace was an illicit online platform that operated as a hub for cybercriminals, facilitating […]

The post U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.