Mandiant Threat Defense has uncovered a malicious campaign orchestrated by the threat group UNC6032, which capitalizes on the global fascination with artificial intelligence (AI). Since at least mid-2024, UNC6032 has been deploying fake AI video generator websites to distribute malware,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
251 Malicious IPs Target Cloud-Based Device Exploiting 75 Exposure Points
On May 8, 2025, cybersecurity researchers at GreyNoise detected a highly orchestrated scanning operation targeting 75 known exposure points across the internet in just 24 hours. The campaign, executed by 251 malicious IP addresses—all geolocated to Japan and hosted on…
SilentWerewolf Attack Combines Legitimate Tools with Code Obfuscation for Stealthy Infiltration
The threat actor dubbed SilentWerewolf has employed advanced phishing techniques to infiltrate organizations in Russia and Moldova, focusing on critical sectors such as nuclear energy, aircraft, and mechanical engineering. Starting on March 11, the first campaign used spearphishing emails with…
VenomRAT Malware Introduces New Tools for Password Theft and Stealthy Access
A malicious cyber campaign leveraging VenomRAT, a potent Remote Access Trojan (RAT), has been uncovered, posing a significant threat to unsuspecting users through a deceptive website mimicking Bitdefender’s Antivirus for Windows download page. The fraudulent domain, “bitdefender-download[.]com,” lures victims with…
Threat Actors Weaponizing DCOM to Harvest Credentials on Windows Systems
Threat actors are now leveraging the often-overlooked Component Object Model (COM) and its distributed counterpart, Distributed Component Object Model (DCOM), to harvest credentials on Windows systems. As traditional red team methods like direct access to the Local Security Authority Subsystem…
Emerging FormBook Malware Threatens Windows Users with Complete System Takeover
A critical cybersecurity threat has surfaced targeting Microsoft Windows users, as detailed in the latest analysis of the FormBook malware. Documented in Part II of a comprehensive FormBook analysis blog, this malware variant poses a severe risk by enabling attackers…
Hackers Circulate Over 93 Billion Stolen User Cookies on the Dark Web
Web cookies, those ubiquitous pop-ups we routinely dismiss with a click, are small text files stored on your device by websites you visit. While cookies are essential for a seamless browsing experience—remembering your login, shopping cart, or language preferences—they also…
Robinhood Ransomware Operator Arrested for Attacks on Government and Private Networks
On May 27, 2025, Iranian national Sina Gholinejad, 37, pleaded guilty in a North Carolina federal court to charges of computer fraud and conspiracy to commit wire fraud, admitting his central role in the international Robbinhood ransomware campaign that targeted…
CISA Releases Executive Guide on SIEM and SOAR Platforms for Rapid Threat Detection
In today’s rapidly evolving threat landscape, Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms have become foundational to organizational cybersecurity strategies. SIEM platforms collect, centralize, and analyze log data from diverse sources, such as…
MATLAB, Serving Over 5 Million Users, Hit by Ransomware Attack
MathWorks, the renowned developer of MATLAB and Simulink, has been grappling with the aftermath of a significant ransomware attack that began on Sunday, May 18, 2025. The incident, which affected both customer-facing and internal IT systems, prompted immediate notification to…