Security researchers have linked the notorious RedGolf hacking group to a wave of exploits targeting Fortinet firewall zero-days and the deployment of custom cyber attack tools. The exposure of a misconfigured server tied to the KeyPlug malware—a hallmark of RedGolf…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Claim to Sell ‘Baldwin Killer’ Malware That Evades AV and EDR
A notorious threat actor has allegedly begun selling “Baldwin Killer,” a sophisticated malware toolkit designed to bypass leading antivirus (AV) and endpoint detection and response (EDR) systems. The tool, advertised on dark web forums, claims to circumvent security solutions such…
Hackers Bypassed Windows Defender Policies Using WinDbg Preview via Microsoft Store
A newly documented technique reveals how attackers can exploit the WinDbg Preview debugger to bypass even the strictest Windows Defender Application Control (WDAC) policies, raising concerns about a significant gap in enterprise security controls. The exploit, dubbed the “WinDbg Preview…
Chinese Hackers Leverage Reverse SSH Tool in New Wave of Attacks on Organizations
The Chinese hacker group known as Billbug, or Lotus Blossom, targeted high-profile organizations across Southeast Asia. The attackers, who were previously documented by Symantec and later Cisco Talos, employed a variety of new custom tools, alongside novel techniques like DLL…
New Obfuscation Trick Lets Attackers Evade Antivirus and EDR Tools
Researchers have unveiled a sophisticated new technique that allows attackers to bypass traditional Antivirus (AV) and Endpoint Detection and Response (EDR) solutions. By exploiting how these defensive tools analyze command-line arguments—a core method of detecting suspicious activity—malicious actors can now…
RDP and MS Office Vulnerabilities Abused by Kimusky in Targeted Intrusions
The AhnLab SEcurity intelligence Center (ASEC) has released a detailed analysis of a sophisticated cyber campaign dubbed “Larva-24005,” linked to the notorious North Korean hacking group Kimsuky. This operation has been targeting critical sectors in South Korea, including software, energy,…
Linux 6.15-rc3 Released With Key Kernel Bug Fixes
Linus Torvalds announced the release of Linux 6.15-rc3, delivering a fresh batch of bug fixes and minor adjustments to the ever-evolving Linux kernel. As is customary, the release candidate comes right on schedule, arriving just after the weekend—this time, coinciding…
Hackers Abuse Zoom’s Remote Control to Access Users’ Computers
A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s remote control feature, allowing attackers to take over victims’ computers with a single click. The sophisticated operation, attributed to a threat group known as ELUSIVE…
Speedify VPN Vulnerability on macOS Exposes Users to System Takeover
A major security flaw in the Speedify VPN application for macOS, tracked as CVE-2025-25364, has exposed millions of users to the risk of complete system compromise. Researchers at SecureLayer7 discovered the vulnerability in Speedify’s privileged helper tool. It could potentially allow…
ASUS Router Flaw Allows Hackers to Remotely Execute Malicious Code
ASUS has acknowledged multiple critical vulnerabilities affecting its routers that could allow hackers to remotely execute malicious code, thereby compromising network security and user privacy. These flaws highlight the continuous challenges in securing IoT and networking devices against increasingly sophisticated…