Cloud Software Group has raced to address a severe security flaw in its widely used NetScaler management infrastructure that could enable authenticated attackers to execute malicious commands across enterprise networks. The vulnerability tracked as CVE-2024-12284 and scoring 8.8 on the…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Critical Microsoft Bing Vulnerability Enabled Remote Code Execution Attacks
A critical security flaw in Microsoft Bing tracked as CVE-2025-21355, allowed unauthorized attackers to execute arbitrary code remotely, posing severe risks to organizations and users globally. The vulnerability, rooted in a missing authentication mechanism for a critical Bing function, enabled…
Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware
The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated group is leveraging a ransomware strain named UxCryptor, which has gained notoriety…
Snake Keylogger Targets Chrome, Edge, and Firefox Users in New Attack Campaign
A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected targeting users of popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. FortiGuard Labs identified this threat using FortiSandbox v5.0 (FSAv5), a…
Hackers Converting Stolen Payment Card Data into Apple & Google Wallets
Cybercriminal groups, primarily based in China, are leveraging advanced phishing techniques and mobile wallet technologies to convert stolen payment card data into fraudulent Apple and Google Wallet accounts. This innovative approach has revitalized the underground carding industry, which had been…
Hackers Exploit Jarsigner Tool to Deploy XLoader Malware
Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a new campaign leveraging the legitimate JAR signing tool, jarsigner.exe, to distribute the XLoader malware. The attack employs a DLL side-loading technique, where malicious DLL files are placed alongside legitimate…
Russian Hackers Target Signal Messenger Users to Steal Sensitive Data
Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept…
Mozilla Addresses High-Severity Memory Safety Vulnerabilities in Firefox 135.0.1
Mozilla released Firefox 135.0.1 on February 18, 2025, as an emergency security update to patch multiple high-severity memory safety vulnerabilities. The update specifically addresses CVE-2025-1414, a critical flaw that could enable arbitrary code execution and compromise user systems. This marks the…
Raymond IT Systems Hit by Cyber Attack, Authorities Investigating
Textile and apparel conglomerate Raymond Limited confirmed a cybersecurity breach affecting portions of its IT infrastructure on Wednesday, February 19, 2025, according to regulatory filings submitted to the BSE and NSE stock exchanges. The Mumbai-based company, whose operations span fabric…
90,000 WordPress Sites Exposed to Local File Inclusion Attacks
A critical vulnerability (CVE-2025-0366) in the Jupiter X Core WordPress plugin, actively installed on over 90,000 websites, was disclosed on January 6, 2025. The flaw enables authenticated attackers with contributor-level privileges to execute remote code via chained Local File Inclusion…