Cybersecurity researchers have encountered a cleverly crafted phishing email targeting Czech bank customers, employing a lesser-known but highly deceptive technique to bypass security mechanisms and trick users into clicking malicious links. At first glance, the email appears to be a…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
VMware NSX XSS Vulnerability Exposes Systems to Malicious Code Injection
Broadcom has issued a high-severity security advisory (VMSA-2025-0012) for VMware NSX, addressing three newly discovered stored Cross-Site Scripting (XSS) vulnerabilities: CVE-2025-22243, CVE-2025-22244, and CVE-2025-22245. These vulnerabilities impact the NSX Manager UI, gateway firewall, and router port components, exposing organizations to…
Researcher Found 6 Critical Vulnerabilities in NetMRI Allow Attackers Gain Complete Admin Access
In a Rhino Security Labs, six critical vulnerabilities have been identified in Infoblox’s NetMRI network automation and configuration management solution, specifically version 7.5.4.104695 of the virtual appliance. These security flaws, ranging from unauthenticated command injection to hardcoded credentials and arbitrary…
830 Organizations Hacked via Glitch-hosted Phishing Attack Uses Telegram & Fake CAPTCHAs
Netskope Threat Labs reported a staggering 3.32-fold increase in traffic to phishing pages hosted on the Glitch platform, a browser-based web development tool that allows users to create and deploy web apps with free subdomains. This alarming spike has impacted…
UNC6040 APT Hackers Steals Salesforce data Without Exploit Any Vulnerabilities
The financially motivated threat cluster UNC6040, tracked by Google Threat Intelligence Group (GTIG), has been orchestrating a series of voice phishing (vishing) campaigns specifically aimed at compromising Salesforce environments of multinational corporations. Unlike traditional cyberattacks that leverage software vulnerabilities, UNC6040…
Cisco IMC Vulnerability Allows Attackers to Gain Elevated Privileges
Cisco has issued a security advisory regarding a critical privilege escalation vulnerability (CVE-2025-20261) affecting its Integrated Management Controller (IMC) software used in UCS B-Series, C-Series, S-Series, and X-Series servers. The flaw, rated with a CVSS base score of 8.8, could…
CISA Releases TTPs & IoCs for Play Ransomware That Hacked 900+ Orgs
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the Federal Bureau of Investigation (FBI) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), has released detailed Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoCs) for the…
Critical Cisco Nexus Dashboard Vulnerability Lets Attackers Impersonate Managed Devices
Cisco has issued a high-severity security advisory (ID: cisco-sa-ndfc-shkv-snQJtjrp) regarding a critical SSH host key validation vulnerability in its Nexus Dashboard Fabric Controller (NDFC), tracked as CVE-2025-20163. The flaw, assigned a CVSS 3.1 base score of 8.7, could allow unauthenticated,…
Cisco Alerts Users to Critical ISE Vulnerability Exposing Sensitive Data
Cisco has issued a critical security advisory (Advisory ID: cisco-sa-ise-aws-static-cred-FPMjUcm7) for its Identity Services Engine (ISE) when deployed on major cloud platforms—Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). The vulnerability, tracked as CVE-2025-20286 and classified under…
U.S. Authorities Shut Down Major Dark Web Marketplace with 117,000 Users
In a blow to the cybercrime underworld, the U.S. Attorney’s Office for the Eastern District of Virginia announced the seizure of approximately 145 domains, spanning both darknet and traditional internet spaces, associated with the notorious BidenCash marketplace. This coordinated operation,…