Multiple high-severity security vulnerabilities have been discovered in Weidmueller Industrial Routers, potentially allowing attackers to execute arbitrary code with root privileges on affected devices. The German industrial automation company has released security patches to address five critical flaws affecting its…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
SonicWall SMA 100 Vulnerabilities Allow Remote Execution of Arbitrary JavaScript
Cybersecurity vendor SonicWall issued a critical advisory highlighting three serious vulnerabilities affecting its Secure Mobile Access (SMA) 100 series appliances. Impacting SMA 210, SMA 410, and SMA 500v models running firmware version 10.2.1.15-81sv and earlier, the flaws could allow unauthenticated…
Key Operator of World’s Largest XSS Dark Web Platform Detained
International law enforcement agencies have dismantled one of the world’s most influential Russian-speaking cybercrime platforms following the arrest of its suspected administrator in a coordinated operation spanning France, Ukraine, and broader European cooperation. The takedown of xss.is represents a significant…
CISA Alerts on Google Chromium Input Validation Flaw Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe input validation vulnerability in Google Chromium that is currently being actively exploited by threat actors. The vulnerability, designated as CVE-2025-6558, poses significant risks to millions…
Hidden Backdoor in WordPress Plugins Grants Attackers Ongoing Access to Websites
Security researchers have discovered a concerning trend in which a highly skilled malware campaign has been targeting WordPress websites by using the frequently disregarded mu-plugins directory to insert a covert backdoor. This directory, short for “must-use plugins,” houses automatically activated…
Operation CargoTalon Targets Russian Aerospace & Defense to Deploy EAGLET Implant
SEQRITE Labs’ APT-Team has uncovered a sophisticated spear-phishing campaign dubbed Operation CargoTalon, targeting employees at Russia’s Voronezh Aircraft Production Association (VASO), a key aerospace entity. The operation leverages malicious attachments disguised as товарно-транспортная накладная (TTN) logistics documents, critical for Russian…
New ACRStealer Exploits Google Docs and Steam for C2 Server Using DDR Technique
ACRStealer, an infostealer malware that has been circulating since last year and gained momentum in early 2025, continues to evolve with sophisticated modifications aimed at evading detection and complicating analysis. Initially documented by AhnLab Security Intelligence Center (ASEC) for leveraging…
Clorox Files Lawsuit Against Cognizant Over Employee Password Leak to Hackers
The Clorox Company filed a major lawsuit against IT services provider Cognizant on July 22, 2025, seeking $380 million in damages over a devastating cyberattack that the cleaning products giant claims was enabled by Cognizant’s security failures. The lawsuit, filed…
Mimo Targets Magento CMS to Steal Card Details and Monetize Bandwidth
The Datadog Security Research team has uncovered the Mimo threat actor also known as Mimo’lette or Hezb expanding its operations from Craft CMS to Magento CMS. Previously documented for deploying cryptominers via public-facing vulnerabilities, Mimo now exploits undetermined PHP-FPM flaws…
Cyberattack on Germany’s AMEOS Hospital Network Exposes Patient Data
Germany’s AMEOS Hospital Network has confirmed a sophisticated cyberattack that compromised its IT infrastructure, leading to unauthorized access and potential exposure of sensitive data. Despite robust defenses including multi-factor authentication, intrusion detection systems, and regular vulnerability assessments, attackers managed to…