Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens, login credentials, cryptocurrency wallet information, personally identifiable information (PII), multifactor authentication (MFA) artifacts, and pretty much any data stored in…
New Surge of Crypto-Jacking Hits Over 3,500 Websites
Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a startling return to crypto-jacking techniques reminiscent of the Coinhive heyday of 2017. This new wave, detected in late 2024, marks…
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit…
Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish businesses, especially those in the defense and aerospace sectors. The campaign distributes malicious emails masquerading as contractual documents, such as…
Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands
A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. The vulnerability, designated as CVE-2025-27212, affects multiple UniFi Access products and carries a maximum…
Grafana Flaws Allow User Redirection and Code Execution in Dashboards
Grafana Labs has released critical security patches addressing two significant vulnerabilities that could enable attackers to redirect users to malicious websites and execute arbitrary code within dashboard environments. The security update addresses CVE-2025-6023, a high-severity cross-site scripting (XSS) vulnerability, and…
Google Sues BadBox 2.0 Botnet Operators Behind 10 Million+ Infected Devices
Google has initiated legal proceedings against the operators of BadBox 2.0, identified as the largest botnet comprising internet-connected televisions and other devices. This botnet, uncovered through a collaborative effort with cybersecurity firms HUMAN Security and Trend Micro, has infected over…
Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution
Sophos has disclosed three critical security vulnerabilities in its Intercept X for Windows endpoint security solution that could allow attackers to execute arbitrary code and gain system-level privileges on affected systems. The vulnerabilities, designated CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, all carry…
New QR Code Attacks Through PDFs Bypass Detection and Steal Credentials
Researchers at Cyble Research and Intelligence Labs (CRIL) have uncovered an ongoing quishing campaign dubbed “Scanception,” which exploits QR code-based delivery mechanisms to distribute credential-harvesting URLs. This advanced phishing operation begins with targeted emails containing PDF lures that mimic legitimate…