Forescout Research Vedere Labs has uncovered that nearly 35,000 solar power devices, including inverters, data loggers, and gateways from 42 vendors, are exposed on the internet with vulnerable management interfaces. Identified using the Shodan search engine, these devices represent a…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
APT37 Hackers Fake Academic Forum Invites to Deliver Malicious LNK Files via Dropbox Platform
The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues. Disguised as invitations to an academic forum hosted by a South Korean national security think tank,…
New Malware Attack Uses Malicious Chrome & Edge Extensions to Steal Sensitive Data
Cybersecurity experts from Positive Technologies’ Security Expert Center have uncovered a sophisticated malicious campaign dubbed “Phantom Enigma,” primarily targeting Brazilian residents while also affecting organizations worldwide. This campaign employs a dual-attack strategy, utilizing malicious browser extensions for Google Chrome, Microsoft…
Wireshark Certified Analyst – Wireshark Released Official Certification for Security Professionals
The Wireshark Foundation has officially launched the Wireshark Certified Analyst (WCA-101) certification, marking a significant milestone for IT professionals and network engineers worldwide. Designed by Wireshark’s developers and leading protocol experts, the WCA-101 exam is tailored to validate advanced proficiency…
IBM QRadar Vulnerabilities Expose Sensitive Configuration Files to Attackers
IBM has issued a security bulletin highlighting multiple vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. The flaws, which range from medium to critical severity, could enable attackers to compromise sensitive data, execute arbitrary code, or…
New Crocodilus Malware Grants Full Control Over Android Devices
The Mobile Threat Intelligence (MTI) team identified a formidable new player in the mobile malware landscape: Crocodilus, an Android banking Trojan designed for device takeover. Initially observed in test campaigns with limited live instances, this malware has rapidly evolved, demonstrating…
Threat Actors Abuse ‘Prove You Are Human’ System to Distribute Malware
Threat actors have been found exploiting the ubiquitous “Prove You Are Human” verification systems to distribute malicious software. Specifically, this campaign leverages spoofed websites mimicking legitimate platforms like Gitcodes and DocuSign to deceive users into executing harmful PowerShell scripts on…
Threat Actor Bribes Overseas Support Agents to Steal Coinbase Customer Data
On May 15, 2025, Coinbase, the largest U.S. cryptocurrency exchange, publicly disclosed a major security breach that exposed the sensitive personal data of 69,461 users—less than 1% of its monthly transacting base, but a significant figure given the depth of…
Microsoft Defender for Endpoint Prevents Cyberattack,Secures 180,000 Devices
The modern digital estate is under siege. Over the past 18 months, Microsoft’s threat protection teams have tracked a staggering 275% increase in ransomware encounters, with attackers shifting from broad, random attacks to highly targeted, multi-domain campaigns that exploit unique…
Hackers Exploit Ruby Gems to Steal Telegram Tokens and Messages
Researchers have unearthed a sophisticated supply chain attack targeting Ruby Gems, a popular package manager for the Ruby programming language. Malicious actors have infiltrated the ecosystem by embedding backdoors in seemingly legitimate gems, enabling them to steal sensitive Telegram tokens…