In a race against time to safeguard user security, major browser vendors, including Google and Mozilla, have scrambled to release urgent updates in response to a critical vulnerability discovered in the WebP Codec. This newly unearthed vulnerability, bearing the identifier…
Category: GBHackers – Latest Cyber Security News | Hacker News
Chrome Zero-Day Vulnerability Exploited in the Wild
Chrome’s Stable and Extended stable channels have been upgraded to 116.0.5845.187 for Mac and Linux and 116.0.5845.187/.188 for Windows as part of a security update. One “Critical” security upgrade is included in this release. In the coming days and weeks,…
Windows Arbitrary File Deletion Vulnerability Leads to Full System Compromise
Threat actors were using Windows Arbitrary File Deletion to perform Denial-of-service attacks on systems affected by this vulnerability. However, recent reports indicate that this Windows Arbitrary file deletion can be used for a full compromise. The possibility of this attack…
New Sponsor Malware Attacking Government & Healthcare Organizations
The Ballistic Bobcat is an Iran-aligned APT group, and initially, about two years ago, cybersecurity researchers at ESET tracked this threat group. Here below, we have mentioned all the other names of the Ballistic Bobcat APT group:- Recently, cybersecurity analysts…
Top 10 SaaS Security Checklist in 2023
Software as a Service (SaaS) security refers to the measures and practices employed to protect SaaS solutions’ data, applications, and infrastructure. SaaS is a cloud computing model where software applications are hosted and delivered over the internet, rather than installed…
Hacker Group Infrastructure That Uses Weaponized MS Word Docs Uncovered
Gamaredon, also known as Primitive Bear, Actinium, or Shuckworm, is a Russian Advanced Persistent Threat (APT) group active since at least 2013. It is a very aggressive threat group that employs prolonged attacks that are highly disguised and particularly aggressive. The…
Beware of Fake Browser Updates that Install Malware on Systems
In recent times, it’s been observed that fake malware-loaded browser updates are gaining rapid growth in the threat landscape. Rapid7 researchers recently identified a Fake Browser Update lure that tricks users into running malicious binaries, using a new loader to…
Hive0117 Group Attacking Employees of Energy, Finance, & Software Industries
Hive0117 group has launched a new phishing campaign, which targets individuals working for significant industries in the energy, banking, transportation, and software security sectors with headquarters in Russia, Kazakhstan, Latvia, and Estonia. This group is known for disseminating the fileless…
Notepad++ v8.5.7 Released: Fix for 4 Security Vulnerabilities
Notepad++ v8.5.7 has been released, which has several bug fixes and new features. There has also been Integrity and authenticity validation, added Security enhancement and fixed a memory leak while reading Utf8-16 files. Multiple vulnerabilities in Notepad++ relating to Heap…
Hackers Using Microsoft Teams to Deliver DarkGate Malware Via HR-themed Messages
Recent reports indicate that threat actors have been using Microsoft Teams to deliver DarkGate Loader malware. The campaign originated from two compromised external Office 365 accounts identified to be “Akkaravit Tattamanas” (63090101@my.buu.ac.th) and “ABNER DAVID RIVERA ROJAS” (adriverar@unadvirtual.edu.co) DarkGate loader…