Jérôme Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands like Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. This sophisticated attack, technically termed a “search parameter injection…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New DRAT V2 Update Enhances C2 Protocol with Shell Command Execution Capabilities
A new variant of the DRAT remote access trojan (RAT), dubbed DRAT V2, has been uncovered as part of a TAG-140 campaign targeting Indian government entities. This threat actor, believed to overlap with SideCopy and linked to Transparent Tribe (aka…
Gonjeshke Darande Hackers Pose as Activists to Infiltrate Iranian Crypto Exchange
Gonjeshke Darande, a cyber threat actor widely suspected to be an Israeli state-sponsored group masquerading as an Iranian opposition hacktivist entity, executed a devastating attack on Nobitex, Iran’s largest cryptocurrency exchange. This high-profile breach resulted in the destruction of US$90…
Threat Actors Exploit ConnectWise Configuration to Create Signed Malware
Threat actors have increasingly exploited vulnerabilities and configurations in ConnectWise software to distribute signed malware, masquerading as legitimate applications. Initially observed in February 2024 with ransomware attacks linked to vulnerabilities CVE-2024-1708 and CVE-2024-1709, the abuse escalated by March 2025 under…
Over 2,000 Devices Compromised by Weaponized Social Security Statement Phishing Attacks
CyberArmor analysts have uncovered a meticulously crafted phishing campaign that has already compromised over 2,000 devices by exploiting the trusted theme of Social Security Administration (SSA) statements. Cybercriminals behind this operation deployed a highly convincing email lure masquerading as an…
Weaponized DMV-Themed Phishing Scam Targets U.S. Citizens to Steal Personal and Financial Data
A highly coordinated phishing campaign impersonating various U.S. state Departments of Motor Vehicles (DMVs) has emerged as a significant threat, targeting citizens across multiple states with the intent to harvest personal and financial data. This sophisticated operation employs SMS phishing,…
EagleSpy v5 RAT Promoted by Hacker for Stealthy Android Access
A notorious threat actor known as “xperttechy” is actively promoting a new version of the EagleSpy remote access Trojan (RAT), dubbed EagleSpy v5, on a prominent dark web forum. Marketed as a “lifetime activated” tool, EagleSpy v5 is raising alarms…
Zimbra Classic Web Client Vulnerability Allows Arbitrary JavaScript Execution
A critical security flaw has been discovered and patched in the Zimbra Collaboration Suite (ZCS) Classic Web Client, exposing millions of business users to the risk of arbitrary JavaScript execution through stored cross-site scripting (XSS). Tracked as CVE-2025-27915, this vulnerability…
Google Cloud Donates A2A Protocol to Linux Foundation for Smarter, Secure Communication
In a landmark move for the artificial intelligence industry, Google Cloud has donated its Agent2Agent (A2A) protocol to the Linux Foundation, marking a significant step toward open, secure, and interoperable communication between AI agents. The announcement was made at the…
NCSC Warns of SHOE RACK Malware Targeting Fortinet Firewalls via DOH & SSH Protocols
The National Cyber Security Centre (NCSC) has issued a critical alert regarding a newly identified malware, dubbed SHOE RACK, which has been observed targeting Fortinet firewalls and other perimeter devices. Developed using the Go 1.18 programming language, this malicious software…