In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in social media, marketing, and related roles. The attackers impersonated Fortune 500 companies, including Meta, Coca-Cola, and PayPal, to lure victims into applying for fake job…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Unpatched Vulnerabilities Attract Cybercriminals as EDR Visibility Remains Limited
Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of legitimate businesses, according to the CrowdStrike 2025 Global Threat Report. The report highlights a significant shift in the cyber threat landscape during 2024, with attackers…
Squidoor: Multi-Vector Malware Exploiting Outlook API, DNS & ICMP Tunneling for C2
A newly identified malware, dubbed “Squidoor,” has emerged as a sophisticated threat targeting government, defense, telecommunications, education, and aviation sectors in Southeast Asia and South America. Attributed to a suspected Chinese threat actor under the activity cluster CL-STA-0049, Squidoor employs…
WordPress Admins Warned of Fake Plugins Injecting Malicious Links into Websites
A new wave of cyberattacks targeting WordPress websites has been uncovered, with attackers leveraging fake plugins to inject malicious links into site footers. These links, often promoting casino-related spam, compromise website integrity and can severely impact search engine optimization (SEO).…
New Anubis Ransomware Targets Windows, Linux, NAS, and ESXi x64/x32 Environments
A new ransomware group, dubbed Anubis, has emerged as a significant threat in the cybersecurity landscape. Active since late 2024, Anubis employs advanced techniques and operates across multiple platforms, including Windows, Linux, NAS, and ESXi environments. The group is leveraging…
VS Code Extension with 9 Million Installs Attacks Developers with Malicious Code
Microsoft has removed two widely-used Visual Studio Code (VS Code) extensions, “Material Theme Free” and “Material Theme Icons Free,” from its marketplace after cybersecurity researchers discovered malicious code embedded within them. These extensions, developed by Mattia Astorino (also known as…
Microsoft Defender Leverages Machine Learning to Block Malicious Command Executions
The modern cybersecurity landscape is witnessing an unprecedented surge in sophisticated attack techniques, with adversaries increasingly exploiting legitimate command-line tools to execute malicious actions. To address this evolving threat, Microsoft Defender for Endpoint has enhanced its capabilities to detect and…
RustDoor and Koi Stealer Malware Attack macOS to Steal Login Credentials
A new wave of sophisticated cyberattacks targeting macOS systems has been identified, involving two malware strains, RustDoor and Koi Stealer. These attacks, attributed to North Korea-linked Advanced Persistent Threat (APT) groups, primarily aim at stealing sensitive login credentials and cryptocurrency…
LARVA-208 Hackers Compromise 618 Organizations Stealing Logins and Deploying Ransomware
A newly identified cybercriminal group, LARVA-208, also known as EncryptHub, has successfully infiltrated 618 organizations globally since June 2024, leveraging advanced social engineering techniques to steal credentials and deploy ransomware. According to reports from cybersecurity firms CATALYST and Prodaft, the…
Google’s SafetyCore App Secretly Scans All Photos on Android Devices
Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s recent controversy over photo scanning. The app, silently installed on Android devices via system updates, enables on-device image analysis to detect sensitive content—a feature marketed…