The cybersecurity landscape witnessed the emergence of new PowerShell-based malware samples circulating in underground forums and threat-hunting communities, marking a significant evolution of the notorious ViperSoftX stealer. This updated variant, building on its 2024 predecessor, showcases remarkable advancements in modularity,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Chaos RAT Targets Linux and Windows Users to Steal Sensitive Data
A new wave of cyber threats has emerged with the discovery of updated variants of Chaos RAT, a notorious open-source remote administration tool (RAT) first identified in 2022. As reported by Acronis TRU researchers in their recent 2025 analysis, this…
China Accuses Taiwan of Operating APT Groups with US Support
China has accused Taiwan’s Democratic Progressive Party (DPP) authorities of orchestrating a series of sophisticated cyber attacks through Advanced Persistent Threat (APT) groups. Referred to as “T-APTs,” these groups are allegedly supported by Taiwan’s Information, Communications and Electronic Force Command…
Beware of Fake Zoom Client Downloads Granting Attackers Access to Your Computer
In the wake of the COVID-19 pandemic, collaborative tools like Microsoft Teams, Zoom, and WebEx have become indispensable for remote work, enabling seamless communication with colleagues and clients. However, their widespread adoption has also made them prime targets for cybercriminals.…
WordPress Admins Cautioned About Fake Cache Plugin Stealing Admin Credentials
A newly identified malicious plugin, dubbed “wp-runtime-cache,” has been discovered targeting WordPress sites with a sophisticated method to steal admin credentials. Disguised as a caching plugin, this malware lurks in the wp-content/plugins directory, evading detection by hiding from the WordPress…
Members of ViLE Hacker Group Arrested for Hacking DEA Portal
Two members of the cybercriminal group “ViLE” were sentenced this week in Brooklyn federal court for their roles in a high-profile hacking and extortion scheme targeting a U.S. federal law enforcement web portal. Sagar Steven Singh, known online as “Weep,”…
Odoo Employee Database Allegedly Exposed and Put Up for Sale on Dark Web
A data breach has reportedly struck Odoo, a leading Belgian provider of open-source business management software. On June 5, 2025, a 63.4MB employee database—allegedly sourced through a “collaborative effort with a senior insider”—was advertised for sale on a dark web…
Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem
Dell Technologies has issued a critical security advisory (DSA-2025-208) for its PowerScale OneFS operating system, addressing multiple vulnerabilities that could allow malicious actors to compromise affected systems. The most severe of these vulnerabilities, tracked as CVE-2024-53298, involves a missing authorization…
TA397 Hackers Exploits Scheduled Tasks to Deploy Malware on Targeted Systems
A recent in-depth analysis by Proofpoint Threat Research has shed light on the sophisticated operations of TA397, also known as Bitter, a suspected state-backed threat actor highly likely aligned with Indian intelligence interests. Identified as an espionage-focused group, TA397 has…
Wireshark Vulnerability Allows Attackers to Launch DoS Attacks
A critical security vulnerability, tracked as CVE-2025-5601, was disclosed on June 4, 2025, affecting Wireshark versions 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12. This flaw, identified as “Dissection engine crash” (wnpa-sec-2025-02), stems from a bug in the column utility module…