Dell Technologies has released a security update addressing a critical vulnerability (CVE-2025-29987) in its PowerProtect Data Domain Operating System (DD OS). The vulnerability allows authenticated attackers to execute arbitrary commands with root privileges, posing a high security risk. Users are…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Sakura RAT Released on GitHub Can Bypass Antivirus and EDR Tools
A newly developed remote administration tool (RAT) named “Sakura RAT” has been released on GitHub, raising alarms for its powerful capabilities and ability to bypass modern detection systems like antivirus (AV) software and endpoint detection and response (EDR) tools. Tagged…
Bitdefender GravityZone Console PHP Vulnerability Lets Hackers Execute Arbitrary Commands
Cybersecurity firm Bitdefender has patched a severe flaw (CVE-2025-2244) in its GravityZone Console, which could allow unauthenticated attackers to execute arbitrary commands on vulnerable systems. The vulnerability, discovered by researcher Nicolas Verdier (@n1nj4sec), has a near-maximum CVSSv4 score of 9.5, highlighting…
NICE Workforce Framework 2.0.0 Released: Everything New and Improved
The National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity has undergone a significant update, with the release of its version 2.0.0 introducing numerous enhancements aimed at standardizing how cybersecurity work and competencies are understood and managed. This major…
10 Best XDR (Extended Detection & Response) Solutions 2025
As cyber threats grow increasingly sophisticated, traditional security tools often fall short in providing comprehensive protection. Extended Detection and Response (XDR) has emerged as a next-generation cybersecurity solution designed to unify and enhance threat detection, investigation, and response across an…
Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit
Cybersecurity researcher “0xdf” has cracked the “Ghost” challenge on Hack The Box (HTB), a premier platform for honing penetration testing skills, and shared an exhaustive technical breakdown on their GitLab blog. The write-up chronicles a sophisticated attack that navigates through…
Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence
Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering defenders with advanced threat analysis, vulnerability assessment, and incident response capabilities. The experimental system, developed by a team led by Elie Burzstein and Marianna Tishchenko,…
U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation
The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi, 28, from Kosovo to face charges in the Western District of Pennsylvania for their alleged roles as administrators of the Rydox cybercrime marketplace. The Rydox…
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 – Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow…
Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials
A surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation. These scams, which have been hitting users’ phones in waves, are part of a sophisticated campaign leveraging a platform called Lucid. Cybercriminals…