Cybersecurity experts have identified a new malware strain, dubbed “XFiles Stealer,” which is actively targeting Windows users to steal passwords and other sensitive information. The discovery was made public by MonThreat, a prominent cybersecurity research group, via their official social…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Universal Code Execution Vulnerability In Browsers Puts Millions Of Users At Risk
Hackers remotely execute malicious code on a compromised device or server by exploiting the Universal Code Execution vulnerability. Through this vulnerability, threat actors can inject codes into server-side interpreter languages such as Java, Python, and PHP. Hacking into this security…
Ghostscript Rendering Platform Vulnerability Let Attackers Execute Remote Code
A critical vulnerability has been discovered in the Ghostscript rendering platform, identified as CVE-2024-29510. This flaw, a format string vulnerability, affects versions up to 10.03.0 and allows attackers to bypass the -dSAFER sandbox, leading to remote code execution (RCE). This…
Turla Hackers Weaponizing LNK-Files To Deploy Fileless Malware
Hackers often weaponize LNK files because they can carry malware into systems undetected by anyone. LNK files are shortcuts that, when opened, launch a malicious payload (like scripts or executables). LNK files are widely used in Windows environments and can…
HCL Domino Vulnerability Let Attackers obtain Sensitive information
A critical security vulnerability has been discovered in HCL Domino, a popular enterprise server software, that could potentially expose sensitive configuration information to remote unauthenticated attackers. This vulnerability, CVE-2024-23562, has raised concerns among cybersecurity experts and enterprises relying on HCL…
Apple Removed VPN Services from the Russian AppStore
Apple has removed several prominent VPN service apps from the Russian division of the App Store. The affected apps include Proton VPN, Red Shield VPN, NordVPN, and Le VPN. This action comes in response to complaints from Roskomnadzor, Russia’s federal…
Egyptian Health Department Data Breach: 120,000 Users’ Data Exposed
The Egyptian Health Department (EHD) has reported a data breach affecting 121,995 individuals, including one resident of Maine. The breach, which occurred on December 21, 2023, was discovered on the same day and has since raised serious concerns about data…
Europol Concerns Over Privacy Enhancing Technologies Challenge Lawful Interception
A new position paper argues that Privacy Enhancing Technologies (PET) used in Home Routing are making it difficult for law enforcement to intercept information during investigations lawfully. Home Routing allows a user’s communication to be routed through their home network…
Orcinius Trojan Attacking Users Via Dropbox & Google Docs
A newly identified multi-stage trojan, dubbed “Orcinius,” has been reported to exploit popular cloud services Dropbox and Google Docs as part of its attack strategy. The sophisticated malware begins its assault with an innocuous-looking Excel spreadsheet, which contains a VBA…
Roblox Data Breach: Email & IP address Details Exposed
Roblox, the globally renowned online gaming platform, has suffered a data breach. According to a tweet from cybersecurity expert H4ckManac, the breach has exposed sensitive information, including email addresses and IP addresses of millions of users. This alarming incident has…