A recent investigation by cybersecurity experts has unveiled a series of advanced cyberattacks orchestrated by the notorious Advanced Persistent Threat (APT) group known as “Space Pirates.” Leveraging their customized malware arsenal, including the LuckyStrike Agent backdoor, the group has been…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Paragon Partition Manager Vulnerabilities Allow Attackers to Escalate Privileges and Trigger DoS Attacks
Security researchers have uncovered five significant vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver, affecting versions prior to 2.0.0. These flaws, identified as CVE-2025-0285, CVE-2025-0286, CVE-2025-0287, CVE-2025-0288, and CVE-2025-0289, pose serious security risks, enabling attackers to escalate privileges to SYSTEM level…
North Korean IT Workers Hide Their IPs Using Astrill VPN
Security researchers have uncovered new evidence that North Korean threat actors, particularly the Lazarus Group, are actively using Astrill VPN to conceal their true IP addresses during cyberattacks and fraudulent IT worker schemes. Silent Push, a cybersecurity firm, recently acquired…
Njrat Exploits Microsoft Dev Tunnels for C2 Communication
A new campaign involving the notorious remote access trojan (RAT) Njrat has been uncovered, leveraging Microsoft’s Dev Tunnels service for command-and-control (C2) communication. This service, intended to help developers securely expose local services to the internet for testing and debugging,…
Hackers Abused Google and PayPal’s Infrastructure to Steal Users Personal Data
Cybersecurity researchers have uncovered a sophisticated phishing campaign leveraging Google Ads and PayPal’s infrastructure to deceive users and steal sensitive personal data. The attackers exploited vulnerabilities in Google’s ad policies and PayPal’s “no-code checkout” feature to create fraudulent payment links…
Substack Custom Domain Vulnerability Exposes Thousands to Potential Hijacking
A newly disclosed vulnerability in Substack’s custom domain setup could allow malicious actors to hijack inactive subdomains, putting thousands of blogs at risk of serving unauthorized content. The flaw, discovered by an independent security researcher, exploits misconfigured DNS records to…
US Military Personnel Arrested for Hacking 15 Telecom Providers
Federal prosecutors have filed a detention memorandum urging the court to indefinitely detain Cameron John Wagenius, a 21-year-old active-duty U.S. Army soldier stationed at Fort Cavazos, Texas, following his alleged involvement in a multi-state cybercrime campaign targeting at least 15…
PoC Released for Windows Hyper-V SYSTEM Privilege Exploit
Security researchers have publicly disclosed a proof-of-concept (PoC) exploit for CVE-2025-21333, a critical elevation-of-privilege vulnerability in Microsoft’s Hyper-V virtualization framework. The vulnerability resides in the vkrnlintvsp.sys driver and enables local attackers to gain SYSTEM privileges through a sophisticated heap manipulation technique. Microsoft rated this flaw…
Trigon: Latest iOS Kernel Exploit Uncovered
A sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. Dubbed Trigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections…
Hackers can Crack Into Car Cameras Within Minutes Exploiting Vulnerabilities
At the upcoming Black Hat Asia 2025 conference, cybersecurity experts will unveil a groundbreaking vulnerability in modern dashcam technology, exposing how hackers can exploit these devices to breach privacy and steal sensitive data. The session, titled DriveThru Car Hacking: Fast…