The AhnLab Security Intelligence Center (ASEC) has detected a sophisticated cyberattack targeting users of the popular text and code editor, Notepad++. Hackers have successfully manipulated a default plugin within the Notepad++ package, potentially compromising the security of countless systems. The…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Researchers Observed Visual Studio Code Extensions Stealing Users’ Sensitive Data
ReversingLabs has uncovered a series of Visual Studio Code (VS Code) extensions designed to transfer sensitive information from unsuspecting users. This discovery highlights the growing trend of supply chain attacks increasingly targeting open-source repositories and platforms. The threat landscape has…
Hosting Provider VMware ESXi Servers Hit by New SEXi Ransomware
A new ransomware variant is targeting VMware ESXi servers, a popular virtualization platform used by hosting providers worldwide. Dubbed “SEXi” by its creators, this ransomware has already made significant waves, with Powerhost’s CEO revealing a staggering ransom demand of approximately…
Gesture Jacking – New Attack That Deceives Website Visitors
The Web Platform is incredibly powerful, but regrettably, malicious websites will do all in their capacity to misuse it. To prevent such exploitation, blocking actions that weren’t accompanied by a “User Gesture” is one of the weakest (but easiest to…
Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents
A group of hackers has announced the release of sensitive documents purportedly belonging to the Five Eyes Intelligence Group (FVEY), a prominent intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. The United States Department…
New XZ Utils Backdoor Free Scanner to Detect Malicious Executables
A critical vulnerability has been discovered in XZ Utils, a widely used data compression tool across Unix-like operating systems, including Linux. This vulnerability, identified as CVE-2024-3094, involves a backdoor that could potentially allow unauthorized remote access, posing a significant threat…
Microsoft’s Exchange Server Hack: Key Rotation Flaw Triggers Breach
Storm-0558, a cyberespionage group affiliated with the People’s Republic of China, has reportedly compromised Microsoft Exchange mailboxes of 22 organizations and over 500 individuals between May and June 2023. This was done by using authentication tokens of accounts that were…
Jackson County Missouri Ransomware Attack Impacts IT Systems
Jackson County, Missouri, has become the latest victim of a ransomware attack, which has caused substantial disruptions within its Information Technology (IT) systems. This attack has highlighted the vulnerabilities in digital infrastructures and the cascading effects such disruptions can have…
Beware of New Mighty Stealer That Takes Webcam Pictures & Capture Cookies
A new menace has emerged that targets personal information with alarming precision. Dubbed the “Mighty Stealer,” this malicious software is designed to infiltrate devices and extract a wide range of sensitive data. The Mighty Stealer is a sophisticated malware that…
DarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over Teams
DarkGate loader delivery surged after the Qakbot takedown, with financially motivated actors like TA577 and ransomware groups (BianLian, Black Basta) using it to target financial institutions (US, Europe) for double extortion. It establishes an initial foothold and deploys info-stealers, ransomware,…