Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions of users worldwide. The latest Stable channel update, version 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux will be rolled out over the coming…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Use Fog Ransomware To Attack SonicWall VPNs And Breach Corporate Networks
Recent cyberattacks involving Akira and Fog threat actors have targeted various industries, exploiting a vulnerability (CVE-2024-40766) in SonicWall SSL VPN devices, where these attacks, initiated early in the kill chain, leverage malicious VPN logins from VPS-hosted IP addresses. The rapid…
New Windows Downgrade Attack Let Hackers Downgrade Patched Systems To Exploits
The researcher discovered a vulnerability in the Windows Update process that allowed them to downgrade critical system components, including DLLs, drivers, and the NT kernel. This enabled the attacker to bypass security measures like Secure Boot and expose previously patched…
Notorious WrnRAT Delivered Mimic As Gambling Games
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games like Badugi, Go-Stop, and Hold’em to disguise itself as a malicious program. The attackers created a fraudulent gambling website that, when accessed, prompts users to…
RedLine and META Infostealers Infrastructure Seized by Authorities
An international coalition led by the U.S. Department of Justice has dismantled the infrastructure behind the notorious RedLine and META infostealers. These malware variants have plagued millions of computers worldwide, stealing sensitive information and facilitating further cybercriminal activities. Operation Magnus…
Chinese Hackers Scanning Canadian IT Systems for Vulnerabilities
The Canadian Centre for Cyber Security (Cyber Centre), a Communications Security Establishment Canada (CSE) division, has warned Canadian organizations about an ongoing cyber threat. The Cyber Centre reports that a sophisticated state-sponsored threat actor from the People’s Republic of China…
SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows
Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM credentials of the OPA server’s local user account to remote attackers, which was present in both the OPA CLI and Go SDK. By exploiting this flaw,…
ClickFix Malware Infect Website Visitors Via Hacked WordPress Websites
Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins. These plugins, disguised as legitimate tools, inject malicious JavaScript code into compromised websites, tricking users into installing malware. The malware uses blockchain…
Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk
Recent analysis has revealed a concerning trend in mobile app security: Many popular apps store hardcoded and unencrypted cloud service credentials directly within their codebases. It poses a significant security risk as anyone accessing the app’s binary or source code…
Latrodectus Employs New anti-Debugging And Sandbox Evasion Techniques
Latrodectus, a new malware loader, has rapidly evolved since its discovery, potentially replacing IcedID. It includes a command to download IcedID and has undergone multiple iterations, likely to evade detection. Extracting configurations from these versions is crucial for effective threat…