New vulnerabilities in Windows Task Scheduler’s schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection. These actions map to MITRE ATT&CK tactics: Persistence, Privilege Escalation, Execution, Lateral Movement, and Defense Evasion. Abuse of schtasks.exe enables stealthy…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, which enables NTLM hash disclosure through spoofing, allows attackers to harvest sensitive user credentials with…
Beware! Online PDF Converters Tricking Users into Installing Password-Stealing Malware
CloudSEK’s Security Research team, a sophisticated cyberattack leveraging malicious online PDF converters has been demonstrated to target individuals and organizations globally. This attack, previously hinted at by the FBI’s Denver field office, involves the distribution of potent malware, known as…
Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises. This strategic shift to server-side operations is designed to evade detection and complicate analysis. Evolving Phishing Techniques Recent investigations have highlighted a marked…
CISA Extends Support a Last Minute to CVE Program, Averting Global Cybersecurity Crisis
CISA announced an eleventh-hour contract extension with MITRE Corporation to maintain the Common Vulnerabilities and Exposures (CVE) program, narrowly avoiding a lapse in federal funding that threatened to destabilize vulnerability management worldwide. The move came just hours before the program’s…
Researchers Expose Medusa Ransomware Group’s Onion Site
Researchers have successfully infiltrated the digital fortress of one of the most prolific ransomware groups, Medusa Locker. Known for targeting critical sectors like healthcare, education, and manufacturing, the group has been responsible for numerous cyberattacks since its detection in 2019.…
Interlock Ransomware Uses Multi-Stage Attack Through Legitimate Websites to Deliver Malicious Browser Updates
The Interlock ransomware intrusion set has escalated its operations across North America and Europe with sophisticated techniques. Not falling under the typical Ransomware-as-a-Service (RaaS) category, Interlock operates independently, focusing primarily on Big Game Hunting and double extortion campaigns. This group’s…
Hackers Target Investors Through Fraud Networks to Steal Financial Data
Hackers have launched sophisticated schemes designed to defraud investors and steal their financial data. Utilizing digital platforms, encrypted messaging apps, and crypto transactions, these criminals exploit the rise of online investment platforms to conduct their fraudulent activities. Fraudulent networks employ…
AI-Powered Bad Bots Account for 51% of Traffic, Surpassing Human Traffic for the First Time
Automated traffic generated by bad bots has for the first time surpassed human activity, accounting for 51% of all internet traffic in 2024, according to the latest Imperva Bad Bot Report. This marks a significant shift in the digital landscape,…
Hackers Weaponize Gamma Tool Through Cloudflare Turnstile to Steal Microsoft Credentials
Cybercriminals are exploiting an AI-powered presentation tool called Gamma to launch a multi-stage attack aimed at stealing Microsoft credentials. This attack route is designed not only to evade traditional security measures but also to deceive human recipients by leveraging trusted…