A sophisticated cryptomining campaign has been uncovered, targeting developers through malicious Visual Studio Code (VS Code) extensions. These extensions, masquerading as legitimate tools, have collectively accumulated over one million installations, exposing the scale of the attack. Researchers at ExtensionTotal detected…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Over 26,000 Dark Web Discussions Focused on Hacking Financial Organizations
Radware’s comprehensive research into the cybersecurity landscape has uncovered significant trends shaping the financial services industry’s vulnerabilities in 2024. The analysis, conducted across 46 deep-web hacker forums, identified over 26,000 threat actors’ discussions that revealed increasingly sophisticated cyberattack methods. The…
NIST Declares Pre-2018 CVEs Will Be Labeled as ‘Deferred’
The National Institute of Standards and Technology (NIST) has announced that all Common Vulnerabilities and Exposures (CVEs) with a publication date before January 1, 2018, will now be marked with a “Deferred” status within the National Vulnerability Database (NVD). This…
Google to Patch 23-Year-Old Chrome Bug That Leaked Browsing History
Google has announced a groundbreaking update to its Chrome browser that addresses a vulnerability in the web browser’s code, which has been leaking users’ browsing history for over two decades. This long-standing issue stems from the CSS :visited selector—a web design feature…
SAP April 2025 Update Fixes Critical Code Injection Vulnerabilities
SAP Security Patch Day has introduced a critical update to address vulnerabilities in SAP products, including high-severity code injection weaknesses. A total of 18 new Security Notes, along with 2 updates to existing notes, were released to tackle serious risks such as unauthorized…
Oracle Confirms Breach: Hackers Stole Client Login Credentials
Oracle Corporation has officially confirmed a cybersecurity breach in which hackers infiltrated its systems and stole client login credentials. This marks the second security incident disclosed by the software giant in less than a month, raising alarm among customers and…
Linux 6.15-rc1 Released: Better Drivers, Faster Performance
The Linux kernel community has witnessed another milestone with the release of Linux 6.15-rc1, the first release candidate for the forthcoming Linux 6.15 stable release. Announced by Linus Torvalds on April 6, 2025, in Phoronix blog, this marks the conclusion…
Hackers Abuse Windows .RDP Files to Launch Unauthorized Remote Desktop Sessions
The Google Threat Intelligence Group (GTIG) has unearthed a novel phishing campaign leveraging Windows Remote Desktop Protocol (.RDP) files to facilitate unauthorized remote access. Dubbed “Rogue RDP,” this campaign specifically targeted European government and military organizations in late 2024. The…
Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages
Originally discovered in 2020 as a Phishing-as-a-Service (PhaaS) platform, Morphing Meerkat has since evolved into a sophisticated cybercriminal tool. Initially capable of mimicking login pages for only five email services, the platform has expanded its capabilities, now encompassing over 100…
Threat Actor Leaks Data from Major Bulletproof Hosting Provider Medialand
A threat actor disclosed internal data from Medialand, a prominent bulletproof hosting (BPH) provider long associated with Yalishanda, a cybercriminal organization tracked as LARVA-34. The breach has exposed the backend systems and operational infrastructure of Medialand, which has historically facilitated…