A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF), has exposed enterprise cloud infrastructures to denial-of-service (DoS) attacks. Designated as CVE-2024-50608 and CVE-2024-50609, these vulnerabilities—scoring…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Darcula 3.0 Tool Generates Phishing Kits to Mimic Global Brands
The cybercriminal group behind the notorious “darcula-suite” platform has unveiled its latest iteration, darcula 3.0, which introduces groundbreaking capabilities for creating phishing kits targeting any brand globally. This “Phishing-as-a-Service” (PhaaS) platform lowers the technical barrier for bad actors by automating…
Adversary-in-the-Middle Hackers Exploit Vulnerabilities to Deploy Advanced Malware
Cybercriminals are increasingly leveraging sophisticated Adversary-in-the-Middle (AiTM) phishing techniques, enabled by the rise of Phishing-as-a-Service (PhaaS) ecosystems. These operations target financial institutions globally, bypassing multi-factor authentication (MFA) by intercepting live authentication sessions. Threat actors use reverse proxy servers to relay…
CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
The notorious CL0P ransomware group has intensified its operations in early 2025, targeting critical sectors such as telecommunications and healthcare. Known for its sophisticated tactics, the group has exploited zero-day vulnerabilities to infiltrate systems, steal sensitive data, and extort victims.…
Salt Typhoon Hackers Exploit Cisco Vulnerability to Gain Device Access on US.Telecom Networks
A highly advanced threat actor, dubbed “Salt Typhoon,” has been implicated in a series of cyberattacks targeting major U.S. telecommunications networks, according to a report by Cisco Talos. The campaign, which began in late 2024 and was confirmed by the…
CISA Issues Seven ICS Advisories Highlighting Critical Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released seven Industrial Control Systems (ICS) advisories on February 20, 2025, addressing critical vulnerabilities in products from ABB, Siemens, Mitsubishi Electric, and other industrial technology providers. These advisories underscore escalating risks to…
Pegasus Spyware Now Targeting Business Executives and Financial Sector Professionals
The once-shadowy realm of Pegasus spyware has breached new frontiers, with forensic analyses revealing a stark pivot from targeting journalists and activists to infiltrating the private sector. In December 2024, mobile security firm iVerify detected 11 new Pegasus infections among…
New Bookworm Malware Using SLL Sideloading Technique To Windows
Cybersecurity researchers from Palo Alto Networks’ Unit 42 disclosed the resurgence of the Bookworm malware, which has been linked to the Stately Taurus threat actor group. This malware employs a sophisticated DLL sideloading technique that enables it to infiltrate Windows…
Hackers Delivering Malware Bundled with Fake Job Interview Challenges
ESET researchers have uncovered a series of malicious activities orchestrated by a North Korea-aligned group known as DeceptiveDevelopment, active since early 20241. The cybercriminals pose as company recruiters, enticing freelance software developers with fake employment offers. As part of the…
Ransomware Trends 2025 – What’s new
As of February 2025, ransomware remains a formidable cyber threat, evolving in complexity and scale. The ransomware ecosystem has adapted to previous law enforcement disruptions, showcasing a resilient business model that continues to attract financially motivated cybercriminals. The proliferation of…