Apple has released a comprehensive security update for iOS 26 and iPadOS 26, addressing 27 vulnerabilities across multiple system components. The update, released on September 15, 2025, targets devices including iPhone 11 and later models, along with various iPad generations from iPad…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Releases Fix for Windows 11 24H2 Bluetooth Audio Malfunction Affecting Headsets and Speakers
Microsoft has successfully resolved a critical audio compatibility issue that left thousands of Windows 11 version 24H2 users without functioning Bluetooth headsets, speakers, and integrated laptop audio devices. The company released a targeted driver update on September 12, 2025, addressing…
Spring Framework Security Flaws Allow Authorization Bypass and Annotation Detection Issues
A pair of medium-severity vulnerabilities in the Spring Framework and Spring Security libraries were disclosed on September 15, 2025. Both flaws involve the annotation detection mechanism used by Spring Security’s method security features and can lead to authorization bypass in…
0-Click Linux Kernel KSMBD Vulnerability Enables Remote Code Execution via N-Day Exploit
A recent vulnerability in the Linux Kernel’s KSMBD module allows an attacker to execute arbitrary code on a target system without any user interaction. KSMBD is a kernel-space SMB3 server that handles network file sharing. Researchers demonstrated a stable exploit…
Popular NPM Package ‘ctrl/tinycolor’ with 2M Weekly Downloads and 40+ Others Compromised in Supply Chain Attack
The NPM ecosystem is under attack once again, with a sophisticated supply chain compromise targeting the widely-used @ctrl/tinycolor package and over 40 other JavaScript packages. This latest incident represents a significant escalation in supply chain threats, featuring self-propagating malware that…
New Maranhão Stealer Targets Users Through Pirated Software and Cloud Services
A sophisticated new information-stealing malware campaign dubbed Maranhão Stealer has emerged, targeting gaming enthusiasts through malicious pirated software distributed via cloud-hosted platforms. The campaign, first identified by security researchers in May 2025, represents a concerning evolution in credential theft operations, combining social…
Open Source CyberSOCEval Sets New Benchmark for AI in Malware Analysis and Threat Intelligence
Open Source CyberSOCEval, a newly launched evaluation platform, is making waves in the cybersecurity community by demonstrating how artificial intelligence can transform malware analysis and threat intelligence. Developed by a group of independent security researchers, CyberSOCEval combines advanced machine learning…
Microsoft Resolves Bluetooth Audio Problem in Windows 11 24H2 Update
Microsoft has addressed a widespread audio issue affecting Bluetooth speakers, headsets, and integrated laptop speakers in Windows 11 version 24H2. The problem stemmed from an incompatibility with Dirac Audio software on certain devices, causing audio devices to go silent and…
Phishing Campaigns Exploit RMM Tools to Sustain Remote Access
A sophisticated phishing operation in which attackers deploy remote monitoring and management (RMM) tools—ITarian (formerly Comodo), PDQ Connect, SimpleHelp, and Atera—to gain persistent remote access to compromised systems. By disguising malicious installers as legitimate browser updates, meeting or party invitations,…
Sidewinder Hackers Weaponize Nepal Protests to Spread Cross-Platform Malware
Sidewinder, a well-known advanced persistent threat (APT) group, has adapted its tactics to exploit the ongoing protests in Nepal, deploying a coordinated campaign of mobile and Windows malware alongside credential phishing. By masquerading as respected national institutions and figures, the…