A recent report from the S2W Threat Intelligence Center, TALON, sheds light on the escalating misuse of generative AI and large language models (LLMs) by threat actors on the dark web for malicious cyber operations. As LLMs like ChatGPT, Claude,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Healthcare Cyberattacks in 2024 Expose 276 Million Patient Records Compromised
The healthcare sector faced an unprecedented wave of cyber threats, with a staggering 92% of organizations reporting at least one cyberattack. This alarming statistic resulted in the compromise of over 276 million patient records, equating to approximately 758,000 records breached…
Microsoft Defender Vulnerability Allows Unauthorized Privilege Gain
Newly disclosed vulnerability in Microsoft Defender for Endpoint (CVE-2025-26684) exposes systems to local privilege escalation attacks by exploiting improper handling of file paths. Rated Important with a CVSS score of 6.7, the flaw enables authenticated attackers with high privileges to…
Nation-State Actors Target Healthcare Institutions to Sabotage IT and OT Systems
The nation-state actors have increasingly set their sights on healthcare institutions worldwide, launching sophisticated cyberattacks aimed at disrupting both Information Technology (IT) and Operational Technology (OT) systems. These attacks, often orchestrated by state-sponsored groups with significant resources, pose a severe…
Microsoft Alerts on AD CS Flaw Enabling Remote Denial-of-Service Attacks
Microsoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as CVE-2025-29968, which could allow authenticated attackers to disrupt critical certificate management operations over a network. Rated Important with a CVSS…
Weaponized PyPI Package Targets Developers to Steal Source Code
Security researchers at RL have discovered a malicious Python package called “solana-token” on PyPI that is intended to prey on developers working with the Solana blockchain, serving as a terrifying reminder of the ongoing hazards that lurk in the open-source…
Windows CLFS Zero-Day Vulnerability Actively Exploited in the Wild
Microsoft has disclosed two critical security vulnerabilities in the Windows Common Log File System (CLFS) Driver that are currently being exploited in the wild. Released on May 13, 2025, the vulnerabilities-identified as CVE-2025-32706 and CVE-2025-32701-both allow local privilege escalation and…
Researchers Unveil New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse
A group of cybersecurity specialists from Hunters, working under the prestigious Team Axon, have presented sophisticated threat-hunting techniques in a ground-breaking research paper titled “Mastering Azure Managed Identities: Attack & Defense, Part 2,” with the goal of identifying and preventing…
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
EclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat actors launched a high-tempo exploitation campaign against SAP NetWeaver Visual Composer, exploiting a zero-day vulnerability…
Critical Samsung MagicINFO 9 Server Flaw Allows Arbitrary File Writes
Samsung’s SmartTV and digital signage ecosystem faces renewed cybersecurity scrutiny following the disclosure of a critical path traversal vulnerability (CVE-2025-4632) in its MagicINFO 9 Server platform. The flaw, cataloged as SVE-2025-50001 and addressed in the May 2025 Security Vulnerability Patch…