Symantec, a division of Broadcom, has released a critical security update to address a high-severity vulnerability identified in its Symantec Diagnostic Tool (SymDiag). This vulnerability tracked as CVE-2025-0893, could enable unauthorized privilege escalation, posing significant security risks. The issue specifically…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CISA and FBI Issue Alert as Ghost Ransomware Targets 70+ Organizations
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the increasing threat posed by Ghost ransomware. This malicious campaign has already impacted more than 70 organizations across various…
Windows Disk Cleanup Tool Exploit Allows SYSTEM Privilege Escalation
Microsoft has urgently addressed a high-severity privilege escalation vulnerability (CVE-2025-21420) in the Windows Disk Cleanup Utility (cleanmgr.exe) during its February 2025 Patch Tuesday updates. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM…
Citrix NetScaler Vulnerability Exposes Systems to Unauthorized Commands
Cloud Software Group has raced to address a severe security flaw in its widely used NetScaler management infrastructure that could enable authenticated attackers to execute malicious commands across enterprise networks. The vulnerability tracked as CVE-2024-12284 and scoring 8.8 on the…
Critical Microsoft Bing Vulnerability Enabled Remote Code Execution Attacks
A critical security flaw in Microsoft Bing tracked as CVE-2025-21355, allowed unauthorized attackers to execute arbitrary code remotely, posing severe risks to organizations and users globally. The vulnerability, rooted in a missing authentication mechanism for a critical Bing function, enabled…
Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware
The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated group is leveraging a ransomware strain named UxCryptor, which has gained notoriety…
Snake Keylogger Targets Chrome, Edge, and Firefox Users in New Attack Campaign
A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected targeting users of popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. FortiGuard Labs identified this threat using FortiSandbox v5.0 (FSAv5), a…
Hackers Converting Stolen Payment Card Data into Apple & Google Wallets
Cybercriminal groups, primarily based in China, are leveraging advanced phishing techniques and mobile wallet technologies to convert stolen payment card data into fraudulent Apple and Google Wallet accounts. This innovative approach has revitalized the underground carding industry, which had been…
Hackers Exploit Jarsigner Tool to Deploy XLoader Malware
Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a new campaign leveraging the legitimate JAR signing tool, jarsigner.exe, to distribute the XLoader malware. The attack employs a DLL side-loading technique, where malicious DLL files are placed alongside legitimate…
Russian Hackers Target Signal Messenger Users to Steal Sensitive Data
Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept…