Hill ASC Inc., operating as Hill Associates and based in Rockville, Maryland, has agreed to a multimillion-dollar settlement with the U.S. Department of Justice to address allegations of violating the False Claims Act through improper billing practices under a General…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Iranian Threat Actors Target U.S. Critical Infrastructure, Including Water Systems
Iran’s Islamic Revolutionary Guard Corps (IRGC) has increased its asymmetric cyber operations in response to recent U.S. attacks on Iranian nuclear sites. Intelligence Group 13 has emerged as a major aggressor in attacking critical infrastructure in the United States. This…
GLOBAL GROUP RaaS Adds AI-Powered Negotiation Feature for Ransom Demands
A newly surfaced Ransomware-as-a-Service operation, dubbed GLOBAL GROUP, has begun deploying an AI‐driven negotiation tool that elevates the psychological pressure on victims and streamlines extortion workflows for affiliates. Security researchers at EclecticIQ first identified GLOBAL GROUP’s activity in early June…
Octalyn Stealer Harvests VPN Configs, Passwords, and Cookies in Organized Folder Structure
The Octalyn Forensic Toolkit, which is openly accessible on GitHub, has been revealed as a powerful credential stealer that poses as a research tool for red teaming and digital forensics. This is a worrying development for cybersecurity. Developed with a…
Kafbat UI Vulnerabilities Allow Arbitrary Code Execution via JMX Services
A critical security vulnerability has been discovered in Kafbat UI, a popular web-based interface for managing Apache Kafka clusters, allowing unauthenticated attackers to execute arbitrary code on affected systems through unsafe deserialization attacks. Critical Vulnerability Details The vulnerability, designated as…
North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware
The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the…
New AsyncRAT Forks Discovered Featuring Screamer Tool and USB Malware Spreader
Cybersecurity researchers have identified two sophisticated AsyncRAT variants that expand the remote access trojan’s capabilities with a psychological warfare component and enhanced propagation mechanisms. The newly discovered forks introduce a “Screamer” plugin designed to terrorize victims through audio manipulation and…
BaitTrap Reveals Global Web of 17,000+ Fraud-Promoting Fake News Sites
Cybersecurity firm CTM360 has unveiled an extensive network of over 17,000 Baiting News Sites (BNS), engineered by cybercriminals to disseminate investment fraud on a global scale. These deceptive platforms, identified through CTM360’s proprietary WebHunt monitoring system, masquerade as authoritative news…
Hacktivists Launch Attacks on ICS Systems to Exfiltrate Sensitive Information
Hacktivists’ attacks on Industrial Control Systems (ICS) are becoming more intense in a noticeable evolution of ideologically motivated cyber operations. They have progressed from simple Distributed Denial of Service (DDoS) attacks and website vandalism to more complex intrusions targeted at…
LaRecipe Tool with 2.3M Downloads Found Vulnerable to Full Server Takeover
A critical security vulnerability has been discovered in LaRecipe, a popular Laravel documentation package with over 2.3 million downloads, that could allow attackers to completely compromise affected servers. The vulnerability, identified as CVE-2025-53833, enables Server-Side Template Injection (SSTI) attacks that…