In a significant development, the China-aligned advanced persistent threat (APT) group known as MirrorFace has been observed employing sophisticated tactics to enhance the stealthiness of its attacks. Recently, MirrorFace modified the execution of AsyncRAT, a publicly available remote access trojan…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This action, exploited under CVE-2025-30066, is designed to identify changes in files during pull requests or…
Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware
A sophisticated cyberattack has been uncovered, targeting booking websites to spread the LummaStealer malware. This campaign leverages fake CAPTCHA prompts and social engineering techniques to deceive users into executing malicious commands on their systems. LummaStealer, an info-stealer malware operating under…
Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code
A critical vulnerability affecting Synology’s DiskStation Manager (DSM) has been disclosed, allowing remote attackers to execute arbitrary code on vulnerable systems. This severe issue, identified as CVE-2024-10441, has been reported in multiple DSM versions, including DSM 6.2, 7.1, 7.2, and…
Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released
A critical vulnerability in Windows File Explorer has been discovered, allowing attackers to capture NTLM hashes and potentially exploit them for network spoofing attacks. The vulnerability, identified as CVE-2025-24071, involves the automatic processing of specially crafted .library-ms files within compressed archives like…
CISA Issues Security Warning on Fortinet FortiOS Authentication Bypass Exploit
The Cybersecurity and Infrastructure Security Agency (CISA) issued a critical security warning regarding a severe vulnerability in Fortinet’s FortiOS and FortiProxy systems. Specifically, CVE-2025-24472, an authentication bypass vulnerability, poses a significant threat as it allows remote attackers to gain super-admin…
New ClearFake Variant Uses Fake reCAPTCHA to Deploy Malicious PowerShell Code
A recent variant of the ClearFake malware framework has been identified, leveraging fake reCAPTCHA and Cloudflare Turnstile verifications to deceive users into executing malicious PowerShell code. This evolution marks a significant shift in how ClearFake exploits Web3 capabilities to deliver…
MirrorGuard: Adaptive Defense Mechanism Against Jailbreak Attacks for Secure Deployments
A novel defense strategy, MirrorGuard, has been proposed to enhance the security of large language models (LLMs) against jailbreak attacks. This approach introduces a dynamic and adaptive method to detect and mitigate malicious inputs by leveraging the concept of “mirrors.”…
Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices
Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices, particularly in the era of the Internet of Things (IoT). These attacks exploit information leakages through physical parameters such as EM radiation, which is emitted by…
Fake Coinbase Migration Messages Target Users to Steal Wallet Credentials
A sophisticated phishing campaign is currently targeting cryptocurrency investors with fraudulent emails claiming to be from Coinbase. The scam attempts to trick users into transferring their funds to wallets controlled by attackers through a deceptive “mandatory wallet migration” scheme. How…