Penetration testing is still essential for upholding strong security procedures in a time when cybersecurity threats are changing quickly. Recently, a team of security professionals has announced significant advancements in penetration testing tools with the introduction of a new agent…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Ransomware Attacks Surge by 123% Amid Evolving Tactics and Strategies
The 2025 Third-Party Breach Report from Black Kite highlights a staggering 123% surge in ransomware attacks during 2024, driven largely by sophisticated exploitation of third-party vendor ecosystems. As cybercriminals refine their tactics, third-party vendors have emerged as the predominant entry…
Hackers Weaponize KeePass Password Manager to Spread Malware and Steal Passwords
Threat actors have successfully exploited the widely-used open-source password manager, KeePass, to spread malware and facilitate large-scale password theft. The attack, which was reported by WithSecure’s Incident Response team, involved modifying and re-signing KeePass installers with trusted certificates to deliver…
Swan Vector APT Targets Organizations with Malicious LNK and DLL Implants
A newly identified advanced persistent threat (APT) campaign, dubbed “Swan Vector” by Seqrite Labs, has been targeting educational institutions and mechanical engineering industries in East Asian nations, particularly Taiwan and Japan. Discovered in April 2025, this campaign leverages intricate social…
Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack
British retail giant Marks & Spencer has officially confirmed that customer personal data was compromised during a cyber attack that began three weeks ago. The retailer revealed that the breach affects potentially millions of customers whose information has been stolen,…
PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)
Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied by a proof-of-concept (PoC) exploit demonstrating partial sandbox bypass via Apple’s RemoteViewServices framework. The flaw, discovered by researcher wh1te4ever, exposes weaknesses in macOS’s inter-process communication (IPC)…
Zoom Workplace Apps Flaws Allow Hackers to Gain Elevated Access
Zoom has released multiple security bulletins addressing seven newly discovered vulnerabilities in Zoom Workplace Apps, with one rated as high severity. All vulnerabilities were disclosed on May 13, 2025, and could potentially allow attackers to escalate privileges through various attack…
Scattered Spider Launches Supply Chain Attacks on UK Retail Organizations
Scattered Spider, also known as Roasting 0ktapus and Scatter Swine, has emerged as a formidable threat actor targeting UK retail organizations. Active since May 2022, this financially motivated group has historically focused on telecommunications and business process outsourcing (BPO) sectors…
F5 BIG-IP Vulnerability Allows Remote Command Execution
Critical security vulnerability in F5 BIG-IP systems has been discovered that allows authenticated administrators to execute arbitrary system commands, effectively bypassing security boundaries. Identified as CVE-2025-31644, the command injection flaw affects multiple versions of BIG-IP running in Appliance mode. Security…
Four Hackers Caught Exploiting Old Routers as Proxy Servers
U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and…