Zimperium zLabs has uncovered a highly advanced iteration of the GodFather Android banking malware, which employs a groundbreaking on-device virtualization technique to compromise legitimate mobile banking and cryptocurrency applications. Unlike traditional overlay attacks that merely mimic login screens, this malware…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Versa Director Flaws Let Attackers Execute Arbitrary Commands
A newly disclosed set of vulnerabilities in Versa Networks’ SD-WAN orchestration platform, Versa Director, with the flaws enabling authenticated attackers to upload malicious files and execute arbitrary commands on affected systems. The vulnerabilities, tracked as CVE-2025-23171 and CVE-2025-23172, stem from…
Microsoft Introduces Enhanced Security Defaults for Windows 365 Cloud PCs
Microsoft has announced a significant update to the security posture of its Windows 365 Cloud PCs, introducing new secure-by-default capabilities designed to fortify virtual desktop environments against modern cyber threats. These changes, set to roll out in the second half…
Dover Fueling Solutions Flaw Lets Attackers Control Fueling Operations
A newly disclosed critical vulnerability in Dover Fueling Solutions’ ProGauge MagLink LX consoles has sent shockwaves through the global fuel infrastructure sector. The flaw, tracked as CVE-2025-5310, allows remote attackers to seize control of fueling operations, manipulate tank monitoring, and…
Apache SeaTunnel Flaw Lets Unauthorized Users Launch Deserialization Attacks
A newly disclosed vulnerability in Apache SeaTunnel, a popular distributed data integration platform, has raised alarms in the cybersecurity community. The flaw, tracked as CVE-2025-32896, allows unauthorized users to exploit insecure REST API endpoints, enabling arbitrary file read and potentially…
IBM QRadar SIEM Bug Lets Attackers Run Arbitrary Commands
IBM has issued a critical security update for its QRadar SIEM platform after researchers uncovered multiple vulnerabilities, including a severe flaw that allows privileged users to execute arbitrary commands on affected systems. The vulnerabilities, disclosed in a security bulletin published…
16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
A staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Instagram, Telegram, GitHub, and even…
Tesla Wall Connector Hacked Through Charging Port in Just 18 Minutes
Security researchers from Synacktiv successfully hacked the Tesla Wall Connector through its charging port in just 18 minutes, exposing critical vulnerabilities in the device’s firmware and communication protocols. The Tesla Wall Connector and Its Architecture The Tesla Wall Connector is…
Malicious Support Tickets Let Hackers Exploit Atlassian’s Model Context Protocol
A new class of cyberattack is targeting organizations leveraging Atlassian’s Model Context Protocol (MCP), exposing a critical weakness in the boundary between external and internal users. Researchers have demonstrated that malicious support tickets can be weaponized to exploit AI-powered workflows…
North Korean Hackers Deploy Malware Using Weaponized Calendly and Google Meet Links
The North Korean state-sponsored threat actor group, identified as TA444 (also known as BlueNoroff, Sapphire Sleet, and others), has unleashed a sophisticated malware campaign targeting cryptocurrency foundations. This intricate attack, uncovered by Huntress, leverages weaponized Calendly links and deceptive Google…