On June 6, 2025, the Jenkins Project issued a security advisory (SECURITY-3588 / CVE-2025-5806) affecting the Gatling Plugin, a widely used tool for displaying performance test reports within the Jenkins automation server. The vulnerability carries a high severity rating, with…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Beware for Developers: 16 React Native Packages with Millions of Downloads Compromised Overnight
Cybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one million per week. The attack, detected on June 6th, 2025, represents a significant escalation in the…
Australian Naval Operations Accidentally Jam New Zealand’s Internet and Radio
Residents and businesses across New Zealand’s North and South Islands experienced an unexpected and widespread interruption to wireless internet and radio services. The cause was traced to HMAS Canberra, the Royal Australian Navy’s largest warship, as it navigated the Cook…
Critical Salesforce Vulnerability Exposes Global Users to SOQL Injection Attacks
In June 2025, a security researcher uncovered a critical SOQL (Salesforce Object Query Language) injection vulnerability in a default Salesforce Aura controller, affecting potentially thousands of deployments and millions of user records. The discovery highlights the risks of dynamic query…
HelloTDS Malware Spread via FakeCaptcha Infrastructure Infects Millions of Devices
In a Gen Threat Labs, a complex Traffic Direction System (TDS) dubbed “HelloTDS” has been uncovered, orchestrating the delivery of FakeCaptcha and other malicious campaigns to millions of users worldwide. This elaborate infrastructure employs advanced fingerprinting techniques and social engineering…
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems
Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias “botsailer” with the associated email anupm019@gmail[.]com, these…
Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT—a groundbreaking AI assistant tailored specifically for the Kali Linux ecosystem,…
Kimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and Telegram
A recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Facebook, email,…
New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers
A newly identified information-stealing malware, crafted in the Rust programming language, has emerged as a significant threat to users of Chromium-based browsers such as Google Chrome, Microsoft Edge, and others. Dubbed “RustStealer” by cybersecurity researchers, this sophisticated malware is designed…
Hackers Leverage New ClickFix Tactic to Exploit Human Error with Deceptive Prompts
A sophisticated social engineering technique known as ClickFix baiting has gained traction among cybercriminals, ranging from individual hackers to state-sponsored Advanced Persistent Threat (APT) groups like Russia-linked APT28 and Iran-affiliated MuddyWater. This method targets human end users as the weakest…