A significant cybersecurity breach has exposed vulnerabilities in critical US government infrastructure, as the National Nuclear Security Administration (NNSA) was reportedly compromised through a Microsoft SharePoint zero-day exploit linked to Chinese government-affiliated hacking groups. Chinese Hackers Target Critical Infrastructure The…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Lumma Stealer Masquerades as Pirated Apps to Steal Logins and Data
Lumma Stealer, a notorious information-stealing malware-as-a-service (MaaS) platform, has swiftly reemerged after a coordinated global law enforcement operation in May 2025. The U.S. Department of Justice, alongside international partners, seized approximately 2,300 malicious domains integral to Lumma’s command-and-control (C&C) infrastructure,…
Windows 11 Introduces Powerful New AI Features – What’s New!
Microsoft today unveiled a sweeping set of artificial intelligence enhancements for Windows 11, marking the most ambitious infusion of AI tools into its flagship operating system to date. Building on recent findings that nearly 60 percent of PC users have…
New ZuRu Malware Variant Targets macOS via Termius SSH Exploit
A sophisticated new variant of the macOS.ZuRu malware, originally identified in 2021, has resurfaced, employing a trojanized version of the Termius SSH client to deploy a modified Khepri command-and-control (C2) beacon. This iteration, detected in late May 2025, demonstrates advanced…
Synology BeeDrive for Desktop on Windows Vulnerabilities Let Hackers Run Malicious Code
Synology has issued an urgent security advisory addressing critical vulnerabilities in its BeeDrive desktop application for Windows that could allow attackers to execute malicious code and delete arbitrary files. The company disclosed three separate Common Vulnerabilities and Exposures (CVE) identifiers…
Critical JavaScript Library Vulnerability Exposes Apps to Remote Attacks
A critical security vulnerability has been discovered in the widely-used form-data JavaScript package, potentially exposing thousands of applications to remote attacks through predictable boundary value generation. The vulnerability, designated as CVE-2025-7783, was published five days ago by Jordan Harband (ljharb), a prominent…
Brave Browser Block Microsoft Recall Over Privacy Issues
Brave Software today announced that, beginning with version 1.81 for Windows 11 and newer, the Brave browser will automatically disable Microsoft’s Recall feature by default. Recall, introduced by Microsoft in May 2024 as a Copilot PC utility that periodically captures full-screen snapshots of user activity, faced immediate criticism for its potential to expose sensitive browsing habits through an unencrypted,…
Coyote Malware Targets WILS, Abusing Microsoft UI Automation to Exfiltrate Logins
Akamai security researchers have uncovered a novel variant of the Coyote banking trojan that marks the inaugural documented instance of malicious actors exploiting Microsoft’s UI Automation (UIA) framework in real-world attacks. Initially detailed in a December 2024 Akamai blog post…
CISA Alerts on Chinese Hackers Actively Exploiting SharePoint 0-Day
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of critical SharePoint vulnerabilities by threat actors, with security researchers attributing the attacks to Chinese hackers. The agency warns that malicious actors are leveraging a…
Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data
Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network intrusions, persistence, lateral movement, and data exfiltration. Investigations conducted in the second half of 2024 and the first quarter of…