Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled Easy Real Estate plugin are exposed to critical security vulnerabilities. These vulnerabilities allow unauthenticated attackers to escalate privileges, take over…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Cisco Warns of Meeting Management API Privilege Escalation Vulnerability
Cisco has issued a critical advisory regarding a privilege escalation vulnerability in its Meeting Management REST API. The flaw tracked as CVE-2025-20156, allows a remote, authenticated attacker with low privileges to elevate their access to administrator-level control on affected devices, posing…
The Growing Role of AI-Powered SAST in the Developer Toolkit
In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the need for fast and secure development practices has never been greater. Static Application Security Testing (SAST) plays a big role…
Ex-CIA Analyst Pleaded Guilty For Leaking Top Secret National Defense Information
A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining and transmitting Top Secret National Defense Information to unauthorized recipients. This alarming breach of national security came to light after classified information was publicly posted on…
Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet
The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October 29, 2024, peaking at an astonishing 5.6 terabits per second (Tbps). This mega surge of malicious traffic targeted a Cloudflare customer, an Internet Service Provider (ISP)…
Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations
The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights into vulnerabilities impacting Traffic Alert and Collision Avoidance Systems (TCAS) II, Siemens SIMATIC S7-1200 CPUs, and ZF Roll Stability Support…
IBM i Access Client Solutions Might Be Leaking Your Passwords
A potential security flaw in IBM i Access Client Solutions (ACS) has raised serious concerns about password leakage, leaving users vulnerable to exploitation. Research published yesterday by a vulnerability assessment team revealed that the *WINLOGON authentication feature in IBM ACS…
Security Researchers Discover Critical RCE Vulnerability, Earn $40,000 Bounty
Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution (RCE). Their discovery earned a massive $40,000 bounty from the targeted organization’s bug bounty program. The team documented their step-by-step…
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies from Google Chrome. This incident marks a significant escalation in the tactics employed by malicious…
PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router, specifically affecting hardware versions 3 and 4 with all firmware up to the latest version. This vulnerability, which has been…