A Canadian man has been charged with exploiting decentralized finance (DeFi) protocols to steal approximately $65 million from unsuspecting investors. A five-count criminal indictment, unsealed today in a federal court in New York, accuses 22-year-old Andean Medjedovic of targeting vulnerabilities…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Multiple Flaws in Dell PowerProtect Allow System Compromise
Dell has released a Critical Security Update (DSA-2025-022) for its PowerProtect Data Domain (DD) systems to address multiple vulnerabilities that could allow attackers to compromise affected systems. These vulnerabilities, identified in various components and open-source dependencies, highlight the importance of timely patching…
Roundcube XSS Flaw Allows Attackers to Inject Malicious Files
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in the popular open-source webmail client, Roundcube, potentially exposing users to serious security risks. Tracked as CVE-2024-57004, the flaw affects Roundcube Webmail version 1.6.9 and allows remote authenticated users to upload malicious files disguised as…
Hackers Exploit AWS & Microsoft Azure for Large-Scale Cyber Attacks
Silent Push, a cybersecurity research firm, has introduced the term “infrastructure laundering” to describe a sophisticated method used by cybercriminals to exploit legitimate cloud hosting services for illegal purposes. This practice involves renting IP addresses from mainstream providers like Amazon…
New Phishing Attack Hijacks High-Profile X Accounts to Promote Scam Sites
A new wave of phishing attacks has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter). This campaign, analyzed by SentinelLABS, aims to hijack accounts belonging to prominent individuals and organizations, including U.S. political figures, international…
Lazarus Group Exploits Trusted Apps for Data Theft via Dropbox
In an alarming development, North Korea’s infamous Lazarus Group has been linked to a global cyber espionage campaign, code-named Operation Phantom Circuit. Beginning in September 2024, this operation exploited trusted software development tools to infiltrate systems worldwide, targeting cryptocurrency and…
New 0-Day Vulnerability in Arm Mali GPU Kernel Driver Exploited in the Wild
On February 3, 2025, Arm disclosed a vulnerability in the Mali GPU Kernel Driver that allows improper GPU processing operations. This issue affects Valhall GPU Kernel Driver versions ranging from r48p0 to r49p1 and r50p0 to r52p0, as well as…
Coyote Malware Launches Stealthy Attack on Windows Systems via LNK Files
FortiGuard Labs has issued a high-severity alert regarding the Coyote Banking Trojan, a sophisticated malware targeting Microsoft Windows users. Over the past month, researchers have identified malicious LNK files employing PowerShell commands to execute scripts and connect to remote servers,…
CryptoDNA: AI-Powered Cryptojacking Defense Against DDoS Threats in Healthcare IoT
The integration of Internet of Things (IoT) and Internet of Medical (IoM) devices has revolutionized healthcare, enabling real-time monitoring, remote diagnostics, and data-driven decision-making. However, these advancements have also introduced significant cybersecurity vulnerabilities, particularly Distributed Denial-of-Service (DDoS) attacks. These attacks…
Microsoft Introduces AI-Generated Team Avatars for Personalization
Tech giant Microsoft has unveiled a groundbreaking feature for its Microsoft Teams platform: AI-generated avatars designed to revolutionize meeting personalization. This innovative feature allows users to represent themselves in meetings as digital avatars, offering a dynamic alternative to traditional video…