AMD has issued a security bulletin, AMD-SB-7029, highlighting several transient scheduler attacks that exploit speculative execution timing in its processors, potentially leading to loss of confidentiality. These vulnerabilities stem from investigations into a Microsoft report on microarchitectural leaks, revealing side-channel…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Critical D-Link Vulnerability Lets Remote Attackers Crash Servers Without Authentication
Security researchers have discovered a critical stack-based buffer overflow vulnerability in D-Link DIR-825 Rev.B 2.10 routers that allows remote attackers to crash servers without requiring authentication. The vulnerability, designated as CVE-2025-7206, affects the router’s httpd binary and can be exploited…
Severe WordPress Plugin Flaw Puts 200,000 Sites at Risk of Full Takeover
A critical arbitrary file deletion vulnerability has been discovered in the SureForms WordPress plugin, affecting over 200,000 active installations and potentially enabling unauthenticated attackers to achieve full site takeover. The flaw, tracked as CVE-2025-6691 with a CVSS score of 8.8…
Juniper Junos OS Flaw Allows Attackers to Cause Denial of Service
A critical vulnerability in Juniper Networks’ Junos OS and Junos OS Evolved has been disclosed that permits unauthenticated adjacent attackers to trigger a sustained denial of service by sending specially crafted BGP UPDATE packets. The issue, tracked as CVE-2025-52953, affects…
Laravel APP_KEY Flaw Exploited to Trigger Remote Code Execution on Hundreds of Apps
Security researchers have uncovered a critical vulnerability in Laravel applications where exposed APP_KEY credentials are being actively exploited to achieve remote code execution (RCE) on hundreds of production systems. This widespread security flaw stems from Laravel’s automatic deserialization of decrypted…
Windows 11 Users Encounter New Black Screen of Death Update
Microsoft has released Windows 11 Build 26100.4762 (KB5062660) to Insiders in the Release Preview Channel, introducing a redesigned restart interface that displays on a black background – a significant departure from traditional system recovery screens. This update brings substantial changes to user…
Palo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Access
Palo Alto Networks has disclosed a significant security vulnerability in its Autonomous Digital Experience Manager software that could allow attackers to gain root-level access on macOS systems. The vulnerability, tracked as CVE-2025-0139, affects versions 5.6.0 through 5.6.6 of the software…
Weaponized AI Extension Used by Hackers to Swipe $500,000 in Crypto
A Russian blockchain engineer lost over $500,000 in cryptocurrency holdings in June 2025 after being the victim of a carefully planned cyberattack, serving as a terrifying reminder of the perils that might exist in open-source ecosystems. The attack, investigated by…
Weaponized Termius App Delivers Latest ZuRu Malware to macOS Users
A sophisticated variant of the macOS.ZuRu malware, first identified by a Chinese blogger in July 2021, has resurfaced with a new method of attack targeting macOS users through a trojanized version of the popular cross-platform SSH client Termius. Initially spread…
Ducex Packer for Android Evades Detection with Heavy Obfuscation Techniques
The team at ANY.RUN recently reviewed a powerful Android packer called Ducex, which is linked to the infamous Triada malware, and criticized it for its sophisticated obfuscation methods. First identified within a fake Telegram app, Ducex serves as a protective…