The cyber threat group APT-C-36, widely known as Blind Eagle, has been orchestrating sophisticated cyberattacks targeting a range of sectors across Latin America, with a pronounced focus on Colombian organizations. This group has consistently zeroed in on government institutions, financial…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Mitsubishi Electric AC Flaw Lets Hackers Remotely Control Systems
A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected units. The flaw, identified as CVE-2025-3699, was disclosed by Mitsubishi Electric on June 26, 2025, and…
Windows Says Goodbye to Blue Screen of Death, Introduces Black Screen
After nearly four decades as a symbol of frustration and failure for PC users worldwide, Microsoft is officially retiring the iconic Blue Screen of Death (BSOD) in favor of a new, sleeker Black Screen of Death. The change, set to…
University Student Charged for Alleged Hacking and Data Theft
A 27-year-old former student of Western Sydney University has been charged with a string of cyber offences, following an extensive investigation into a series of cyber attacks that have plagued the institution since 2021. The arrest comes after a coordinated…
Pre-Auth Flaw in MongoDB Server Allows Attackers to Cause DoS
A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input validation in OIDC authentication. The flaw allows malicious actors to crash database servers by sending specially crafted JSON payloads containing…
Kansas City Man Pleads Guilty After Hacking to Promote His Cybersecurity Services
A Kansas City man has pleaded guilty to federal charges after admitting he hacked into the computer systems of multiple organizations in an attempt to promote his cybersecurity services, according to the U.S. Department of Justice. Nicholas Michael Kloster, 32,…
Open VSX Marketplace Flaw Enables Millions of Developers at Risk of Supply Chain Attacks
A newly disclosed critical vulnerability in the Open VSX Registry, the open-source marketplace for Visual Studio Code (VS Code) extensions, has put millions of developers worldwide at risk of devastating supply chain attacks. The flaw, discovered by cybersecurity researchers at…
IBM WebSphere Application Server Flaw Enables Arbitrary Code Execution
A severe security flaw has been identified in IBM WebSphere Application Server, potentially allowing remote attackers to execute arbitrary code on affected systems. Tracked under CVE-2025-36038, this vulnerability stems from a deserialization of untrusted data issue, classified under CWE-502. IBM…
Iranian APT35 Hackers Targeting High-Profile Cybersecurity Experts and Professors in Israel
The Iranian threat group Educated Manticore, also tracked as APT35, APT42, Charming Kitten, or Mint Sandstorm, has intensified its cyber-espionage operations targeting Israeli cybersecurity experts, computer science professors, and journalists. Associated with the Islamic Revolutionary Guard Corps’ Intelligence Organization (IRGC-IO),…
nOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS Applications
A severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full account takeover across tenant boundaries. Research conducted by Semperis, disclosed on June 26, 2025, revealed…