A critical security flaw in Langflow, a widely adopted Python-based AI prototyping framework, is being actively exploited by cybercriminals to deploy the rapidly evolving Flodrix botnet. Security researchers have confirmed that attackers are exploiting CVE-2025-3248, a remote code execution (RCE)…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Zyxel Devices Under Attack as Hackers Exploit UDP Port RCE Flaw
A sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500—the…
Washington Post Hacked – Multiple Journalists’ Email Accounts Compromised
The Washington Post confirmed late last week that its email systems were targeted in a cyberattack, resulting in the compromise of several journalists’ email accounts. “The Wall Street Journal, which first reported the breach, said it was potentially the work…
Katz Stealer Boosts Credential Theft with System Fingerprinting and Persistence Mechanisms
The emergence of Katz Stealer, a sophisticated information-stealing malware-as-a-service (MaaS) that is redefining the boundaries of credential theft. First detected this year, Katz Stealer combines aggressive data exfiltration with advanced system fingerprinting, stealthy persistence mechanisms, and evasive loader tactics. Distributed…
Hackers Upload Weaponized Packages to PyPI Repositories to Steal AWS Tokens and Sensitive Data
The JFrog Security Research team has uncovered a sophisticated malicious package named “chimera-sandbox-extensions” on the Python Package Index (PyPI), a widely used repository for Python software. Uploaded by a user identified as “chimerai,” this package was designed to exploit unsuspecting…
Malicious Payload Found in JPEG Image Using Steganography and Base64 Obfuscation
Cybersecurity enthusiast Xavier shed light on a sophisticated method of hiding malicious payloads within seemingly innocuous JPEG images. This discovery has sparked significant interest in the infosec community, as it highlights the growing complexity of cyber threats leveraging steganography the…
Hackers Target and Hijack Washington Post Journalists’ Email Accounts
A targeted cyberattack has struck The Washington Post, compromising the email accounts of several of its journalists and raising new concerns about the digital security of newsrooms worldwide. The breach, discovered late last week, prompted an immediate and sweeping response…
Operation Deep Sentinel: Authorities Shut Down Darknet Market Archetyp
In a major international law enforcement operation dubbed “Operation Deep Sentinel,” authorities have successfully dismantled the notorious darknet marketplace “Archetyp Market,” one of the world’s largest and longest-running illegal trading platforms. The takedown marks a significant victory in the ongoing…
Zoomcar Data Breach Exposes Sensitive Details of 8.4 Million Users
Zoomcar Holdings, Inc., the prominent car-sharing platform, has confirmed a significant data breach that has compromised the personal information of approximately 8.4 million users. The incident, which was first detected on June 9, 2025, was disclosed in a recent filing…
Threat Actors Deploy XWorm Malware via Fake Travel Websites to Infect Users’ PCs
The HP Threat Research team discovered a sophisticated malware campaign in Q1 2025 that targets vacation planners by imitating Booking.com using phony travel websites. As detailed in the latest HP Wolf Security Threat Insights Report, attackers are leveraging users’ “click…