A recent security audit has uncovered critical vulnerabilities within Moodle, the widely used open-source learning management system (LMS). These vulnerabilities allow attackers to evade core security mechanisms and potentially exploit systems via Server-Side Request Forgery (SSRF). The flaws center around…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans
The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network infrastructure named “Cloudflare tunnel infrastructure to deliver multiple RATs” being exploited by cyber attackers since at least February 2024. This infrastructure has been utilized to host…
Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft
The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted on the Python Package Index (PyPI) and one on the npm registry, designed to silently pilfer cryptocurrency secrets, including mnemonic seed phrases and private keys. Released…
Cybercriminals Exploit Network Edge Devices to Infiltrate SMBs
Small and midsized businesses (SMBs) continue to be prime targets for cybercriminals, with network edge devices playing a critical role in initial attacks, according to the latest annual threat report by Sophos. The report highlights the persistent threat of ransomware,…
Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload
Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into unsuspecting systems. This utility, intended for injecting DLLs in Application Virtualization (App-V) environments, has become a tool of choice for cyber attackers due to its signed…
TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands
Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four TP-Link router models, enabling attackers to execute malicious commands, bypass authentication, and potentially hijack devices. The flaws, discovered by researcher The Veteran between February and March 2025, highlight ongoing security risks in…
Faster Vulnerability Patching Reduces Risk and Lowers Cyber Risk Index
Trend Micro’s Cyber Risk Exposure Management (CREM) solution has highlighted the critical role that timely patching plays in reducing an organization’s cyber risk exposure. The report, which scrutinizes the Cyber Risk Index (CRI) a metric quantifying an organization’s security risk…
Samsung One UI Vulnerability Leaks Sensitive Data in Plain Text With No Expiration!
A glaring vulnerability has come to light within Samsung’s One UI interface: the clipboard history function stores all copied text, including sensitive data like passwords and personal information, in plain text and retains it indefinitely, unless users manually delete it.…
Malicious npm Packages Target Linux Developers with SSH Backdoor Attacks
In a sophisticated onslaught targeting the open-source ecosystem, reports have emerged detailing several malicious npm packages that are nefariously exploiting the Telegram Bot API to install backdoors on unsuspecting developers’ Linux systems. This alarming trend has escalated concerns over the…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix Incident Response Team as the culprits behind a recent credit card data theft operation on an e-commerce platform. This latest assault on consumer data showcases the group’s evolving tactics to…