CISA issued thirteen Industrial Control Systems (ICS) advisories, highlighting current security issues and vulnerabilities in various systems. These advisories are crucial for maintaining the security and integrity of industrial operations. The affected products primarily include several Siemens systems, along with…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Microsoft 365 Attack Leverages OAuth Redirection for Credential Theft
Threat researchers at Proofpoint are currently tracking two sophisticated and highly targeted cyber-attack campaigns that are utilizing OAuth redirection mechanisms to compromise user credentials. These attacks combine advanced brand impersonation techniques with malware proliferation, focusing on Microsoft 365-themed credential phishing…
Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers
A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This achievement not only underscores the ingenuity of cybersecurity experts but also serves as a powerful message to those who rely…
New Cyber Attack Targets PyPI Users to Steal Cloud Tokens and Sensitive Data
A recent discovery by ReversingLabs researchers has unveiled a malicious cyber attack targeting the Python Package Index (PyPI) users, a popular platform for Python developers. This sophisticated campaign involves malicious packages masquerading as time-related utilities, but are designed to steal…
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting Colombian governmental, financial, and critical infrastructure organizations. Active since 2018, this Advanced Persistent Threat group has recently expanded its arsenal…
86,000+ Healthcare Staff Records Exposed Due to AWS S3 Misconfiguration
A non-password-protected database belonging to ESHYFT, a New Jersey-based HealthTech company, was recently discovered by cybersecurity researcher Jeremiah Fowler. The database contained over 86,000 records, amounting to 108.8 GB of sensitive information. This data breach, while not attributed to intentional…
Microsoft Finally Patches 2-Year-Old Windows Kernel Security Flaw
Microsoft has released a critical patch for a 2-year-old Windows kernel security vulnerability. This vulnerability, identified as CVE-2025-24983, allows attackers to exploit a weakness in the Windows Win32 Kernel Subsystem, leading to an elevation of privilege. The patch comes after…
North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed “KoSpy,” which appears to be the work of North Korean state-sponsored hackers. This newly discovered spyware has been active since March 2022, with the most recent…
Hackers Exploiting JSPSpy To Manage Malicious Webshell Networks
Cybersecurity researchers have recently identified a cluster of JSPSpy web shell servers featuring an unexpected addition, Filebroser, a rebranded version of the open-source File Browser file management tool. This discovery sheds light on how attackers continue to leverage web shells…
Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures
Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical root certificate expires on March 14, 2025. This certificate is used to verify signed content and add-ons across various Mozilla…