A groundbreaking report titled “The State of Ransomware 2025” by Sophos, released in June 2025, has shed light on the persistent and evolving threat of ransomware attacks targeting organizations worldwide. The study, based on responses from 3,400 victims, identifies exploited…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers
Ahold Delhaize USA Services, LLC, a major grocery retail operator, has confirmed a significant data breach that compromised the personal information of over 2.2 million shoppers across the United States, including nearly 100,000 residents of Maine. The breach, which was…
IBM WebSphere Application Server Vulnerability Allows Remote Code Execution
A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated attackers. This flaw, which affects widely deployed versions 8.5 and 9.0, is rated with a CVSS…
Synology ABM Vulnerability Leaks Microsoft 365 Sensitive Information
A critical vulnerability in Synology’s Active Backup for Microsoft 365 (ABM) has exposed sensitive data from Microsoft 365 tenants worldwide, potentially impacting over a million organizations relying on the popular backup solution. The flaw, tracked as CVE-2025-4679, allowed attackers to access confidential Microsoft…
Zig Strike: New Offensive Toolkit Generates Payloads to Evade AV, EDR, and XDR
A newly released offensive cybersecurity toolkit, Zig Strike, is making waves in the security community for its advanced ability to generate payloads that evade traditional and next-generation security defenses, including antivirus (AV), Endpoint Detection and Response (EDR), and Extended Detection and…
Hackers Exploit Bluetooth Flaws to Eavesdrop via Headphones and Earbuds
In a major security revelation, researchers have uncovered critical vulnerabilities in millions of Bluetooth headphones and earbuds, enabling hackers to eavesdrop on conversations, hijack devices, and access sensitive data—all without user authentication or pairing. The flaws, discovered by German security…
Threat Actors Transform GIFTEDCROOK Stealer into an Intelligence-Gathering Tool
The Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the threat group UAC-0226. Initially identified as a rudimentary browser data stealer in early 2025, this malware has undergone rapid evolution…
ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments
ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but now spreading worldwide. According to the ESET Threat Report H1 2025, the incidence of NFC-related attacks has skyrocketed, with telemetry…
Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells
Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and Linux systems. The campaign, which showcases a blend of publicly available tools and custom malicious payloads, indicates a highly coordinated…
Beware of Trending TikTok Videos Promoting Pirated Apps That Deliver Stealer Malware
A sophisticated social engineering campaign has surfaced on TikTok, leveraging the platform’s massive user base and algorithmic reach to distribute information-stealing malware, specifically Vidar and StealC. Identified by Trend Research, this attack uses potentially AI-generated videos to deceive users into…