A newly disclosed vulnerability, CVE-2025-33073, dubbed the “Reflective Kerberos Relay Attack,” has shaken the Windows security landscape. Discovered by RedTeam Pentesting and patched by Microsoft on June 10, 2025, this flaw allows low-privileged Active Directory users to escalate privileges to…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
0-Click Vulnerability in Microsoft 365 Copilot Exposes Sensitive Data via Teams
Security researchers have uncovered the first-ever zero-click vulnerability in an AI agent, targeting Microsoft 365 Copilot and potentially exposing sensitive organizational data through a sophisticated attack chain dubbed “EchoLeak.” The critical flaw, assigned CVE-2025-32711 with a CVSS score of 9.3,…
Nytheon AI Tool Gaining Traction on Hacking Forums for Malicious Activities
The emergence of Nytheon AI marks a significant escalation in the landscape of uncensored large language model (LLM) platforms. Unlike previous single-model jailbreaks, Nytheon AI offers a comprehensive suite of open-source models, each stripped of safety guardrails and unified under…
CISA Issues Comprehensive Guide to Safeguard Network Edge Devices
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with international cybersecurity authorities, announced the release of comprehensive guidance to help organizations protect their network edge devices and appliances. This collaborative effort, involving agencies from Australia, Canada, the United Kingdom,…
Over 40,000 Internet-Connected Cameras Exposed, Streaming Live Online
Bitsight TRACE has uncovered more than 40,000 security cameras openly accessible on the internet—streaming live footage from homes, offices, factories, and even sensitive datacenter rooms. This widespread exposure, which Bitsight first flagged in 2023, shows no sign of improvement, leaving…
Interpol Dismantles 20,000 Malicious IPs and Domains Tied to 69 Malware Variants
INTERPOL’s Operation Secure has seen the takedown of more than 20,000 malicious IP addresses and domains associated with infostealer malware. Law enforcement across 26 countries collaborated to dismantle cybercriminal infrastructure, marking a significant step forward in the fight against digital…
New Secure Boot Vulnerability Allows Attackers to Install Malware in PC and Server Boot Processes
Security researchers from Binarly have uncovered a major software vulnerability in the Unified Extensible Firmware Interface (UEFI) ecosystem, specifically impacting the Secure Boot mechanism used by almost all modern PCs and servers. Dubbed CVE-2025-3052 (BRLY-2025-001), this memory corruption flaw enables attackers…
ConnectWise to Update Code Signing Certificates for ScreenConnect, Automate, and RMM
ConnectWise, a leading provider of remote management and cyber protection tools for managed service providers (MSPs), is set to implement a significant security update affecting ScreenConnect, ConnectWise Automate, and ConnectWise RMM. The action, scheduled for June 13, 2025, at 8:00…
Linux Malware Authors Targeting Cloud Environments with ELF Binaries
Unit 42, Palo Alto Networks’ threat intelligence division, has recently conducted investigations that have revealed a worrying trend: threat actors are increasingly creating and modifying Linux Executable and Linkable Format (ELF) malware to attack cloud infrastructure. With cloud adoption skyrocketing…
Insyde UEFI Application Vulnerability Enables Digital Certificate Injection Through NVRAM Variable
A critical vulnerability in Insyde H2O UEFI firmware (tracked as CVE-2025-XXXX) allows attackers to bypass Secure Boot protections by injecting malicious digital certificates via an unprotected NVRAM variable. This flaw exposes millions of devices to pre-boot malware and kernel-level rootkits…