A sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. Dubbed Trigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers can Crack Into Car Cameras Within Minutes Exploiting Vulnerabilities
At the upcoming Black Hat Asia 2025 conference, cybersecurity experts will unveil a groundbreaking vulnerability in modern dashcam technology, exposing how hackers can exploit these devices to breach privacy and steal sensitive data. The session, titled DriveThru Car Hacking: Fast…
Network Penetration Testing Checklist – 2025
Network penetration testing is a cybersecurity practice that simulates cyberattacks on an organization’s network to identify vulnerabilities and improve security defenses. Ethical hackers, or penetration testers, use tools and techniques to mimic real-world hacking attempts, targeting network components like routers,…
Hacktivist Groups Emerge With Powerful Tools for Large-Scale Cyber Operations
Hacktivism, once synonymous with symbolic website defacements and distributed denial-of-service (DDoS) attacks, has evolved into a sophisticated tool for cyber warfare and influence operations. Recent research highlights how state-sponsored actors are increasingly leveraging hacktivist tactics to conduct large-scale cyber campaigns,…
Chinese Hackers Breach Belgium State Security Service as Investigation Continues
Belgium’s State Security Service (VSSE) has suffered what is being described as its most severe security breach to date. For nearly two years, a group of Chinese hackers exploited a vulnerability in Barracuda’s Email Security Gateway Appliance, a cybersecurity tool…
New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable new threat: “Pass-the-Cookie” attacks. Recent findings reveal from Long Wall shows that threat actors exploit browser session cookies to bypass MFA entirely, granting full access to corporate…
Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to infiltrate organizations across Europe, Africa, and the Americas, according to cybersecurity researchers. The attacks, observed between June 2024 and January…
PingAM Java Agent Vulnerability Allows Attackers to Bypass Security
A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s PingAM Java Agent, potentially enabling attackers to bypass policy enforcement and access protected resources. The vulnerability—classified as a Relative Path Traversal (CWE-23) weakness—affects all PingAM Java Agent deployments…
New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data
A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software has been uncovered, exposing a dangerous convergence of social engineering tactics and automated credential harvesting. Security researchers identified over 1,100 malicious repositories distributing variants of the Redox…
260 Domains Hosting 5,000 Malicious PDFs to Steal Credit Card Data
Netskope Threat Labs uncovered a sprawling phishing operation involving 260 domains hosting approximately 5,000 malicious PDF files. These documents, disguised as legitimate resources, employ fake CAPTCHA prompts to redirect victims to phishing sites designed to harvest credit card details and…