Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed a significant cybersecurity breach that has compromised the personal information of an undisclosed number of customers and associates. The incident was first identified on November 9,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
XorDDoS Malware Upgrade Enables Creation of Advanced DDoS Botnets
Cisco Talos has uncovered significant advancements in the XorDDoS malware ecosystem, revealing a multi-layered infrastructure enabling sophisticated distributed denial-of-service (DDoS) attacks through a new “VIP version” of its controller and a centralized command system. Between November 2023 and February 2025,…
Researchers Uncover Stealthy Tactics and Techniques of StrelaStealer Malware
Cybersecurity experts have recently shed light on the sophisticated operations of StrelaStealer, also known by its alias Strela, revealing a suite of stealthy tactics employed in its information theft campaigns. This malware, spotlighted by IBM Security X-Force for its association…
PoC Released for Linux Kernel Vulnerability Allowing Privilege Escalation
A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel’s ipset component. This flaw enables out-of-bounds (OOB) write on the kernel heap, which threat actors can exploit to execute arbitrary code with elevated privileges. Security researchers…
SpyMax Android Spyware: Full Remote Access to Monitor Any Activity
Threat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of Android spyware, cleverly disguised as the official application of the Chinese Prosecutor’s Office (检察院). This malicious software was targeting Chinese-speaking users in mainland China and Hong…
KeyPlug Malware Server Leak Exposes Fortinet Firewall and VPN Exploitation Tools
Cybersecurity researchers have stumbled upon a treasure trove of operational tools and scripts linked to the KeyPlug malware, associated with the threat group RedGolf, also known as APT41. The server, which was inadvertently exposed for less than 24 hours, provided…
Defending Against Web API Exploitation With Modern Detection Strategies
In today’s interconnected digital landscape, APIs serve as the critical building blocks of modern web applications, enabling seamless data exchange and functionality. However, as their usage has exploded in recent years, attackers have increasingly adapted their tactics to target these…
How To Integrate MITRE ATT&CK Into Your SOC For Better Threat Visibility
The evolving cybersecurity landscape demands advanced strategies to counter sophisticated threats that outpace traditional security measures. The MITRE ATT&CK framework emerges as a critical tool for Security Operations Centers (SOCs), offering a structured, knowledge-driven approach to understanding adversary behavior. By…
Over 6 Million Chrome Extensions Found Executing Remote Commands
Security researchers have uncovered a network of over 35 Google Chrome extensions—collectively installed on more than 6 million browsers—secretly executing remote commands and potentially spying on users for years. The alarming discovery began during a routine security review at an…
Global Zoom Outage Linked to Server Block by GoDaddy Registry
Millions of users worldwide experienced a sudden disruption of Zoom services on April 16, as the popular video conferencing platform suffered a global outage traced back to a server block imposed by GoDaddy Registry. The incident, which rendered the core…