A recent physical penetration test conducted by cybersecurity firm Hackmosphere, revealed critical security flaws in a furniture company’s retail store. The test, which simulated real-world attack scenarios, exposed four major vulnerabilities that could potentially lead to unauthorized access to sensitive…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Cybercriminals Exploit YouTubers to Spread SilentCryptoMiner on Windows Systems
A sophisticated malware campaign has been uncovered, exploiting the growing popularity of Windows Packet Divert drivers for bypassing internet restrictions. Cybercriminals are distributing the SilentCryptoMiner malware disguised as legitimate tools, affecting over 2,000 victims in Russia alone. The attack vector…
7 Malicious Go Packages Target Linux & macOS to Deploy Stealthy Malware Loader
Security researchers at Socket have uncovered a sophisticated malware campaign targeting the Go ecosystem. The threat actor has published at least seven malicious packages on the Go Module Mirror, impersonating widely-used Go libraries to install hidden loader malware on Linux…
Black Basta’s Notorious Tactics and Techniques Exposed in Leaked Intel
A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations, capabilities, and motivations. The leak, released on February 11, 2024, by a Telegram user named ExploitWhispers, contained…
New Malware ‘Desert Dexter’ Hits Over 900 Victims Worldwide
A newly discovered malicious campaign dubbed “Desert Dexter” has infected approximately 900 victims across multiple countries, primarily in the Middle East and North Africa. The Positive Technologies Expert Security Center (PT ESC) uncovered the operation, which has been active since…
LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL
A significant security vulnerability in LibreOffice, designated as CVE-2025-1080, has been patched in versions 24.8.5 and 25.2.1, released on March 4, 2025. The flaw, which allowed attackers to execute arbitrary scripts through manipulated macro URLs, posed a severe risk to…
Critical IDOR Vulnerabilities in ZITADEL Let Hackers Modify Key Settings
Security researchers have disclosed critical Insecure Direct Object Reference (IDOR) vulnerabilities in ZITADEL’s administration interface that expose organizations to account takeover risks and unauthorized configuration changes. Tracked as CVE-2025-27507 with a CVSS v3.1 score of 9.1/10, these flaws allow authenticated users without proper permissions…
SecP0 Ransomware Gang Threatens to Expose Critical Vulnerabilities
A new ransomware collective dubbed SecP0 has emerged with a disruptive strategy that diverges sharply from conventional cybercriminal playbooks. Unlike traditional ransomware groups that focus on encrypting data or threatening to leak stolen information, SecP0 is now demanding ransoms in exchange for withholding…
Malicious Android App on Google Play Compromises 220,000+ Devices
Security researchers at ThreatLabz recently uncovered a sophisticated malware campaign operating through the Google Play Store, leveraging a seemingly benign application to distribute the Anatsa banking trojan (also known as TeaBot). The malicious app, disguised as a file manager and…
Technical Analysis Released on Bybit Hot Wallet Exploit
Cryptocurrency exchange Bybit suffered a sophisticated smart contract exploit on February 21, 2025, resulting in the theft of 401,346.76 ETH (approximately $1.2 billion at the time of the incident). The attack vector leveraged advanced proxy contract manipulation through malicious delegatecall…