Luxury fashion house Dior experienced a significant security incident when unauthorized external actors breached their customer database. According to the official notification, Dior immediately implemented containment protocols and engaged cybersecurity experts to investigate the intrusion. The breach exposed various categories…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Nucor Steel Manufacturer Halts Production After Cyberattack
Nucor Corporation, one of North America’s largest steel producers, has temporarily halted production at multiple facilities following a cybersecurity breach that compromised critical operational systems. The incident, disclosed in a May 15, 2025, SEC filing, marks one of the most…
Node.js Vulnerability Enables Attackers to Crash Processes and Disrupt Services
Node.js project has released a critical security update addressing several vulnerabilities that could allow attackers to crash server processes and disrupt critical services. The security fixes, announced on May 14, 2025 by Node.js maintainer RafaelGSS, affect multiple release lines (LTS…
Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns
Artificial intelligence platform named Xanthorox has emerged as a potent new tool for cybercriminals, enabling the automated generation of phishing campaigns, malware, and hyperrealistic deepfakes. Unlike traditional dark-web tools restricted to hidden forums, Xanthorox’s developer openly advertises its capabilities on…
Enisa Launched New European Vulnerability Database to Strengthen Cybersecurity
European Union Agency for Cybersecurity (ENISA) has officially launched the European Vulnerability Database (EUVD), a groundbreaking platform designed to enhance digital security across the EU. Developed in accordance with the NIS2 Directive, the database is now operational and accessible to…
Windows Defender Application Control Bypassed Through Browser Exploit Techniques
Security researchers from the X-Force Red Adversary Simulation team have uncovered a novel method to bypass Windows Defender Application Control (WDAC), a robust Windows security feature designed to prevent unauthorized code execution through strict application whitelisting policies. Often deployed in…
Weaponized Google Calendar Invites Deliver Malicious Payload Using a Single Character
Security researchers have unearthed a sophisticated malware distribution method leveraging Google Calendar invites to deliver malicious payloads through seemingly innocuous links. The attack, centered around a deceptive npm package named os-info-checker-es6, showcases an unprecedented level of obfuscation that begins with…
Russian Hackers Exploit XSS Vulnerabilities to Inject Malicious Code into Email Servers
A sophisticated cyberespionage campaign, dubbed Operation RoundPress, has been uncovered by cybersecurity researchers at ESET. Attributed with medium confidence to the Russian-linked Sednit group-also known as APT28, Fancy Bear, and Forest Blizzard-this operation targets high-value webmail servers using cross-site scripting…
DarkCloud Stealer Employs AutoIt to Evade Detection and Steal Login Credentials
Unit 42 researchers from Palo Alto Networks have uncovered a series of attacks in January 2025 involving the DarkCloud Stealer malware. This infostealer, first observed in 2022, has evolved with new tactics to bypass traditional detection mechanisms. By leveraging AutoIt…
TransferLoader Malware Enables Attackers to Execute Arbitrary Commands on Infected Systems
A formidable new malware loader, dubbed TransferLoader, has emerged as a significant cybersecurity threat, as detailed in a recent report by Zscaler ThreatLabz. Active since at least February 2025, this sophisticated malware has been observed deploying multiple components, including a…