A critical vulnerability discovered by Varonis Threat Labs has exposed users of Microsoft Azure’s AI and High-Performance Computing (HPC) workloads to a potential privilege escalation attack. The flaw, found in a utility pre-installed on select Azure Linux virtual machines, made…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Seamless AI Communication: Microsoft Azure Adopts Google’s A2A Protocol
Microsoft has announced its support for the Agent2Agent (A2A) protocol, an open standard developed in collaboration with industry partners including Google, to enable seamless communication between AI agents across platforms, clouds, and organizational boundaries. This strategic move, integrated into Azure…
Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks
Cisco has released security updates addressing a critical vulnerability in the Switch Integrated Security Features (SISF) of multiple software platforms that could allow unauthenticated attackers to cause denial of service (DoS) conditions. The vulnerability stems from incorrect handling of DHCPv6…
IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers
A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and macOS systems to local privilege escalation attacks, enabling non-privileged users to gain root or SYSTEM-level access. Designated as CVE-2025-26168 and CVE-2025-26169, these flaws affect versions…
Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers
Critical security vulnerabilities in Ubiquiti’s UniFi Protect surveillance ecosystem-one rated the maximum severity score of 10.0-could allow attackers to hijack cameras, execute malicious code remotely, and maintain unauthorized access to video feeds. The flaws, disclosed on May 6, 2025, affect…
Radware Cloud Web App Firewall Flaw Allows Attackers to Bypass Security Filters
Security researchers have uncovered two critical vulnerabilities in Radware’s Cloud Web Application Firewall (WAF) that enable attackers to bypass security filters and deliver malicious payloads to protected web applications. These flaws, designated CVE-2024-56523 and CVE-2024-56524, highlight systemic weaknesses in how…
ESET Reveals How to Spot Fake Calls Demanding Payment for ‘Missed Jury Duty’
ESET, a leading cybersecurity firm, has shed light on one particularly insidious scheme: fake calls purportedly from government officials demanding payment for ‘missed jury duty’. Here’s how to identify and protect against these scams. Scammers employing these tactics often impersonate…
New Spam Campaign Leverages Remote Monitoring Tools to Exploit Organizations
A sophisticated spam campaign targeting Portuguese-speaking users in Brazil has been uncovered by Cisco Talos, active since at least January 2025. This campaign exploits commercial remote monitoring and management (RMM) tools, such as PDQ Connect and N-able Remote Access, to…
Researchers Turn the Tables: Scamming the Scammers in Telegram’s PigButchering Scheme
Cybersecurity specialists have devised an innovative approach to combat an emerging cybercrime called “PigButchering” on the Telegram platform. This form of cyber fraud involves scammers cultivating false relationships with victims over time, much like fattening a pig for slaughter, only…
Ransomware-as-a-Service (RaaS) Emerges as a Leading Framework for Cyberattacks
Ransomware-as-a-Service (RaaS) has solidified its position as the dominant framework driving ransomware attacks in 2024, according to the latest insights from Kaspersky ahead of International Anti-Ransomware Day on May 12. Kaspersky Security Network data reveals an 18% drop in ransomware…