Cybercrimes have always existed as a result of internet usage in our society. Traversing the wide web, hackers are trying to exploit any nooks and crannies in the system. While many new types of crimes are arising on the internet,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
PoC Exploit Released for Critical OpenSSH Vulnerability (CVE-2024-6387)
An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept (PoC) exploit targeting the critical vulnerability identified as CVE-2024-6387. This vulnerability, discovered by researchers at Qualys, allows remote unauthenticated attackers to execute arbitrary code on…
Malicious EditThisCookie Extension Attacking Chrome Users to Steal Data
The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers. However, after significant scrutiny, the legitimate version has been…
WordPress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks
A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million WordPress websites. This security flaw allows unauthenticated attackers to exploit a PHP Object Injection vulnerability through deserialization of untrusted input.…
iPhone Sharing the Photos by Default to Apple
A recent blog post by developer Jeff Johnson has brought to light a new feature in Apple’s Photos app within the recently launched iOS 18. Titled “Enhanced Visual Search,” this toggle permits iPhones to transmit photo data to Apple by…
Stealthy Steganography Backdoor Attacks Target Android Apps
BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on mobile devices. Existing backdoor attacks often suffer from limitations such as altering the model structure or relying on easily detectable, sample-agnostic triggers. By utilizing DNN-based steganography…
Windows 11 BitLocker Bypassed to Extract Encryption Keys
An attacker with physical access can abruptly restart the device and dump RAM, as analysis of this memory may reveal FVEK keys from recently running Windows instances, compromising data encryption. The effectiveness of this attack is, however, limited because the…
Weaponized Python Scripts Deliver New SwaetRAT Malware
The Python script leverages low-level interactions with the Windows operating system, which imports crucial libraries like `System.Reflection`, `ctypes`, and `wintypes`, enabling it to directly invoke Windows APIs. It allows the script to manipulate system behavior at a fundamental level, potentially…
The Defender vs. The Attacker Game
The researcher proposes a game-theoretic approach to analyze the interaction between the model defender and attacker in trigger-based black-box model watermarking. They design payoff functions for both players and determine the optimal strategies for each player, which provides a theoretical…
Garak – An Open Source LLM Vulnerability Scanner for AI Red-Teaming
Garak is a free, open-source tool specifically designed to test the robustness and reliability of Large Language Models (LLMs). Inspired by utilities like Nmap or Metasploit, Garak identifies potential weak points in LLMs by probing for issues such as hallucinations,…