Google has issued critical security updates to address a recently discovered zero-day vulnerability actively exploited in Android devices. The Android Security Bulletin for April 2025 highlights the details of multiple security vulnerabilities, including high-profile issues such as CVE-2024-53150 and CVE-2024-53197, which have reportedly…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Kellogg’s Servers Breached, Hackers Steal Sensitive Data
WK Kellogg Co., one of the world’s leading cereal and snack manufacturers, has fallen victim to a significant data breach, exposing the sensitive information of an undisclosed number of individuals. The breach, which occurred on December 7, 2024, was only…
Xanthorox AI: New Automated Hacking Tool Surfaces on Hacker Forums
A new malicious AI tool, Xanthorox AI, has emerged on underground hacker forums. Dubbed the “Killer of WormGPT and all EvilGPT variants,” Xanthorox AI is poised to outpace previous AI-powered cyber tools in its versatility, stealth, and offensive capabilities, making it…
Apollo Router Vulnerability Enables Resource Exhaustion via Optimization Bypass
A critical vulnerability (CVE-2025-32032) has been identified in Apollo Router, a widely used GraphQL federation tool, allowing attackers to trigger resource exhaustion and denial-of-service (DoS) conditions. Rated 7.5 (High) on the CVSS v3.1 scale, the flaw impacts users running unpatched versions of…
WhatsApp for Windows Flaw Allowed Remote Code Execution via File Attachments
A critical vulnerability identified as CVE-2025-30401 was recently disclosed, highlighting a major security flaw in WhatsApp for Windows. This issue, which primarily affects desktop application versions prior to 2.2450.6, allowed attackers to exploit mismatched file metadata to execute arbitrary code on unsuspecting…
PoC Exploit Reveals SSH Key Exposure via Yelp Vulnerability on Ubuntu
Security researchers have uncovered a critical vulnerability (CVE-2025-3155) in Ubuntu’s default help browser Yelp that could expose sensitive system files including SSH private keys. The flaw impacts Ubuntu desktop installations and stems from improper handling of XML content in GNOME’s…
Everest Ransomware Gang’s Leak Site Hacked and Defaced
TechCrunch has uncovered a concerning development in consumer-grade spyware: a stealthy Android monitoring app that employs password-protected uninstallation to prevent removal. This app, which abuses built-in Android features like overlay permissions and device admin access, exemplifies the escalating technical sophistication…
Threat Actors Exploit Toll Payment Services in Widespread Hacking Campaign
In a sophisticated cybercrime operation, the Smishing Triad, a China-based group, has been identified as the orchestrator behind a surge in smishing campaigns targeting consumers in the US and UK. These campaigns exploit toll payment services like FasTrak, E-ZPass, and…
Auto-Color Linux Backdoor: TTPs and Internal Architecture Exposed
A newly identified Linux backdoor named “Auto-Color,” first observed between November and December 2024, has been targeting government organizations and universities across North America and Asia. This malware, initially disguised as a benign color-enhancement tool, employs sophisticated tactics, techniques, and…
Threat Actors Use VPS Hosting Providers to Deliver Malware and Evade Detection
Cybercriminals are intensifying phishing campaigns to spread the Grandoreiro banking trojan, targeting users primarily in Mexico, Argentina, and Spain. A detailed analysis by Forcepoint X-Labs reveals the sophisticated techniques employed by these attackers to evade detection and deliver malware. Phishing…