Fortra’s Suspicious Email Analysis (SEA) team uncovered a highly sophisticated phishing campaign targeting Microsoft Office 365 (O365) credentials. Unlike typical phishing attempts, this attack stood out due to its intricate use of modern technologies and developer infrastructure. The threat actors…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Attaxion Leads the Way as First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)
Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration of the European Vulnerability Database (EUVD) into its platform. Operated by the European Union Agency for Cybersecurity (ENISA), the EUVD is a publicly accessible vulnerability repository developed…
Critical VMware ESXi & vCenter Flaw Allows Remote Execution of Arbitrary Commands
VMware by Broadcom has released critical security updates to address multiple severe vulnerabilities affecting its virtualization products, with evidence suggesting active exploitation in the wild. The vulnerabilities, tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, affect VMware ESXi, Workstation, Fusion, Cloud Foundation,…
Hazy Hawk Targets DNS Vulnerabilities to Hijack Cloud Resources and Spread Malware
The threat actor gained attention in February 2025 after successfully hijacking a subdomain of the U.S. Centers for Disease Control and Prevention (CDC). Sophisticated threat actor dubbed “Hazy Hawk” has been exploiting DNS misconfigurations since at least December 2023 to…
Critical Vulnerability in Palo Alto GlobalProtect Gateway & Portal Enables Remote Code Execution
Palo Alto Networks has assigned the vulnerability a LOW severity rating but urges administrators to apply patches by upgrading to fixed PAN-OS versions, with timelines extending through August 2025. Reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks’ GlobalProtect gateway and portal…
Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data
A new research report released today by Progressive International, Expose Accenture, and the Movement Research Unit uncovers the sprawling influence of Accenture, the world’s largest consultancy firm, in driving a global wave of surveillance, exclusion, and authoritarianism. The investigation reveals…
More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads
The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as Golden Chickens), continues to exploit human trust through meticulously crafted social engineering. Sold as a Malware-as-a-Service (MaaS) to notorious threat actors like FIN6 and Cobalt Group,…
Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT
Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent Threat (APT) group, deploying intricately crafted PowerShell payloads to deliver the XWorm Remote Access Trojan (RAT). This operation showcases the group’s advanced tactics, leveraging encoded…
RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances
Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed “RedisRaider,” specifically targeting Linux servers with publicly accessible Redis instances. This sophisticated Linux worm employs aggressive propagation techniques and advanced obfuscation to exploit vulnerabilities in misconfigured Redis servers, deploying…
Regeneron to Buy 23andMe for $256M Amid Growing Data Privacy Concerns
Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for genetic testing pioneer 23andMe, offering $256 million for the majority of the company’s assets. Announced Monday, the deal would transfer 23andMe’s consumer genomics business and…