CryptoChameleon, a phishing tool detected in February 2024, was developed by someone anonymous and is used by threat actors to collect personal data such as usernames and passwords of mobile phone users. A thorough investigation has exposed many CryptoChameleon fast-flux…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Spring Cloud Data Flow Let Attackers Compromise The Server
A critical vulnerability has been discovered in Spring Cloud Data Flow, a microservices-based platform for streaming and batch data processing in Cloud Foundry and Kubernetes. The flaw, identified in the Skipper server component, allows attackers to compromise the server by…
Okta Warns Credential Stuffing Attacks Targeting Customer Identity Cloud
Okta, a leading identity and access management company, has warned about credential stuffing attacks targeting its Customer Identity Cloud (CIC). The company has identified that threat actors are exploiting the cross-origin authentication feature within CIC. As part of its Okta…
Hackers Claiming Shell Data Breach On Popular Hacking Forum
In a shocking revelation, a threat actor has allegedly leaked sensitive data belonging to Shell, one of the world’s leading energy companies. According to a tweet from Data Web Informer, the May 2024 data was posted on a popular hacking…
Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability
Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes. The widespread use of GitHub and the diverse range of codebases hosted on the platform make it an attractive target for threat actors seeking valuable information…
DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn
Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting malware through harmful sites, and flooding DNS servers with fake requests such as DDoS. DNS is everywhere and is a basic part of internet communication, making…
CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily
Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS) attacks are actively exploited by hackers. Sometimes, DDoS attacks are used as a distraction from other criminal activities, for extortion, to gain a competitive advantage, or…
PoC Exploit Released For macOS Privilege Escalation Vulnerability
A new vulnerability has been discovered in macOS Sonoma that is associated with privilege escalation. This vulnerability has been assigned with CVE-2024-27842 and the severity is yet to be categorized. This vulnerability exists in the Universal Disk Format (UDF) filesystem…
GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials
GNOME desktop manager was equipped with a new feature which allowed remote users to create graphical sessions on the system by configuring the system daemon. This daemon runs as a dedicated “gnome-remote-desktop” and also provides a D-bus interface on the…
Kesakode: A Remote Hash Lookup Service To Identify Malware Samples
Today marks a significant milestone for Malcat users with the release of version 0.9.6, introducing Kesakode, a remote hash lookup service. This innovative tool is tightly integrated into Malcat’s UI and is designed to match known functions, strings, and constant…