A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control (C2) communication channel through the Microsoft Graph API. This sophisticated malware was uncovered by Elastic Security Labs during an investigation targeting a foreign ministry. The…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Threat Actors Exploiting DeepSeek’s Popularity to Deploy Malware
The meteoric rise of DeepSeek, a Chinese AI startup, has not only disrupted the AI sector but also attracted the attention of cybercriminals. Following the release of its open-source model, DeepSeek-R1, on January 20, 2025, the platform experienced exponential growth,…
Winnti Hackers Attacking Japanese Organisations with New Malware
The China-based Advanced Persistent Threat (APT) group known as the Winnti Group, also referred to as APT41, has launched a new cyberattack campaign targeting Japanese organizations in the manufacturing, materials, and energy sectors. Dubbed “RevivalStone,” this campaign employs a novel…
Critical Vulnerability in Crowdstrike Falcon Sensor for Linux Enables TLS MiTM Exploits
CrowdStrike has disclosed a critical vulnerability (CVE-2025-1146) in its Falcon Sensor for Linux, its Falcon Kubernetes Admission Controller, and its Falcon Container Sensor. This flaw stems from a validation logic error in the handling of TLS (Transport Layer Security) connections,…
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems
In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows systems. This operation, active since…
APT43 Hackers Targeting Academic Institutions Using Exposed Credentials
APT43, also known by aliases such as Black Banshee, Emerald Sleet, and Kimsuky, is a North Korean state-sponsored cyber threat actor linked to the Reconnaissance General Bureau (RGB). This group is primarily motivated by espionage and has recently expanded its…
Amazon Machine Image Vulnerability Allows Hackers to Publish Fake Resources
A new security vulnerability targeting Amazon Machine Images (AMIs) has emerged, exposing organizations and users to potential exploitation. Dubbed the “whoAMI name confusion attack,” this flaw allows attackers to publish malicious virtual machine images under misleading names, tricking unsuspecting users…
Critical Chrome Flaw Allows Attackers to Remotely Execute Code
Google has released an urgent update for its Chrome browser to address a critical security vulnerability that could allow attackers to remotely execute malicious code on vulnerable systems. The flaw, identified as CVE-2025-0995, is categorized as a “Use-After-Free” vulnerability in…
Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide
A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials, device information, and user details, raising global concerns over IoT (Internet of Things) security. Cybersecurity researcher Jeremiah Fowler uncovered this unprotected database, linked to Mars Hydro,…
Palo Alto PAN-OS Zero-Day Flaw Allows Attackers to Bypass Web Interface Authentication
Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS software (CVE-2025-0108), allowing attackers to bypass authentication on the management web interface. With a CVSS score of 7.8 (HIGH), the flaw has been flagged as a significant security issue…