Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also come with a dark side. Cybercriminals are increasingly exploiting AI for malicious purposes, as evidenced by the emergence of uncensored chatbots like WormGPT, WolfGPT, and EscapeGPT.…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Unveils New Identity Secure Score Recommendations in General Availability
Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational security and providing actionable insights to mitigate risks. The Identity Secure Score recommendations are designed to act as a trusted…
Hackers Deliver Ransomware on Windows Via Microsoft Teams Voice Calls
Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat actor clusters exploiting Microsoft Office 365 to target organizations. Identified as STAC5143 and STAC5777, these clusters use advanced social engineering tactics, such as email bombing, fake…
SonicWall Arbitrary OS Commands Execution Vulnerability Exploited in Attacks
A critical vulnerability in SonicWall’s SMA1000 series tracked as CVE-2025-23006, has come under active exploitation by threat actors. SonicWall’s PSIRT (Product Security Incident Response Team) has issued an urgent advisory urging users to update their systems immediately to mitigate risks. Details…
AI Assistant Jailbreaked to Reveal its System Prompts
Anonymous tinkerer claims to have bypassed an AI assistant’s safeguards to uncover its highly confidential system prompt—the underlying instructions shaping its behavior. The breach, achieved through creative manipulation rather than brute force, has sparked conversations about the vulnerabilities and ethical…
Murdoc Botnet Exploiting AVTECH Cameras & Huawei Routers to Gain Complete Control
Researchers have identified an active malware campaign involving a Mirai botnet variant, dubbed Murdoc, which has been targeting AVTECH cameras and Huawei HG532 routers since at least July 2024. Mass Campaign Leveraging Two Key Vulnerabilities The campaign exploits two known…
Open-Source ClamAV Releases Security Update for Buffer Overflow Vulnerability – Patch Now
ClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128). The vulnerability, identified in the OLE2 file parser, posed a potential risk of denial-of-service (DoS) attacks. Users are urged to…
Rails Apps Arbitrary File Write Vulnerability Let Attackers Execute Code Remotely
A newly exposed vulnerability in Ruby on Rails applications allows attackers to achieve Remote Code Execution (RCE) through a flaw that permits arbitrary file writing. This vulnerability, which leverages the Rails library Bootsnap, underscores the critical importance of secure file handling…
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code…
New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies
A new attack technique known as the “cookie sandwich” has surfaced, raising significant concerns among cybersecurity professionals. This technique enables attackers to bypass the HttpOnly flag and access sensitive cookies, potentially exposing vulnerable applications to data theft and session hijacking.…