The Cybersecurity and Infrastructure Security Agency (CISA) has released nine advisories targeting security vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities pose significant risks, including denial of service (DoS), information disclosure, and even remote code execution. Organizations using ICS technologies…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Exploiting a Six-year-old IIS Vulnerability to Gain Remote Access
In a concerning revelation, cybersecurity firm eSentire’s Threat Response Unit (TRU) has detected active exploitation of a six-year-old vulnerability, CVE-2019-18935, in Progress Telerik UI for ASP.NET AJAX. This flaw, which affects Internet Information Services (IIS) servers, enables malicious actors to…
Veeam Backup Vulnerability Allows Attackers to Execute Arbitrary Code
A critical vulnerability, CVE-2025-23114, has been discovered within the Veeam Updater component that poses a serious risk to organizations utilizing Veeam’s backup solutions. The flaw allows attackers to leverage a Man-in-the-Middle (MitM) attack to inject and execute arbitrary code with…
CISA Releases New Guidelines to Secure Firewalls, Routers, and Internet-Facing Servers
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new set of guidelines to fortify firewalls, routers, internet-facing servers, and other edge devices against cyber threats. This collaborative guidance, supported by leading international cybersecurity organizations, aims to address vulnerabilities…
Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access
On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been…
1- Click RCE Vulnerability in Voyager PHP Allow Attackers Execute Arbitrary Code
A recently disclosed security vulnerability in the Voyager PHP package, a popular tool for managing Laravel applications, has raised significant concerns regarding the potential for remote code execution (RCE) on affected servers. This vulnerability, identified through ongoing security scans using…
Apache Cassandra Vulnerability Allows Attackers to Gain Access Data Centers
In a recent security advisory, a moderate-severity vulnerability has been identified in Apache Cassandra, potentially allowing unauthorized users to access restricted data centers or IP/CIDR groups. This flaw, designated CVE-2025-24860, affects multiple versions of the database management system, specifically those…
ANY.RUN Enhances Malware Detection and Performance to Combat 2025 Cyber Threats
As cyber threats grow more sophisticated, ANY.RUN has unveiled a series of updates aimed at improving malware detection, analysis, and overall performance of its platform. These updates, implemented in January 2025, focus on optimizing the platform’s core functionality, enhancing detection…
SpyCloud Leads the Way in Comprehensive Identity Threat Protection
SpyCloud, a leading identity threat protection company, has unveiled key innovations in its portfolio, driving a shift towards holistic identity security. By leveraging its vast collection of darknet data and automated identity analytics, SpyCloud correlates malware, phishing, and breach exposures…
Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics…