IBM has issued a critical security update for its QRadar SIEM platform after researchers uncovered multiple vulnerabilities, including a severe flaw that allows privileged users to execute arbitrary commands on affected systems. The vulnerabilities, disclosed in a security bulletin published…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
A staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Instagram, Telegram, GitHub, and even…
Tesla Wall Connector Hacked Through Charging Port in Just 18 Minutes
Security researchers from Synacktiv successfully hacked the Tesla Wall Connector through its charging port in just 18 minutes, exposing critical vulnerabilities in the device’s firmware and communication protocols. The Tesla Wall Connector and Its Architecture The Tesla Wall Connector is…
Malicious Support Tickets Let Hackers Exploit Atlassian’s Model Context Protocol
A new class of cyberattack is targeting organizations leveraging Atlassian’s Model Context Protocol (MCP), exposing a critical weakness in the boundary between external and internal users. Researchers have demonstrated that malicious support tickets can be weaponized to exploit AI-powered workflows…
North Korean Hackers Deploy Malware Using Weaponized Calendly and Google Meet Links
The North Korean state-sponsored threat actor group, identified as TA444 (also known as BlueNoroff, Sapphire Sleet, and others), has unleashed a sophisticated malware campaign targeting cryptocurrency foundations. This intricate attack, uncovered by Huntress, leverages weaponized Calendly links and deceptive Google…
Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine
The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed on over 100,000 WordPress websites. This vulnerability, classified as an Insufficient Authorization to Privilege Escalation via Model Context Protocol (MCP),…
Silver Fox APT Uses Weaponized Medical Software to Deploy Remote Access Tools and Disable AV
The China-based advanced persistent threat (APT) group Silver Fox, also known as Void Arachne or The Great Thief of Valley, has been identified as the orchestrator of a complex multi-stage campaign targeting healthcare delivery organizations (HDOs) and public sector entities.…
Gamers Targeted! Fake Minecraft Mods Enable Attackers to Take Control of Your System
Minecraft, the wildly popular sandbox game with over 200 million monthly active players, has become the latest hunting ground for cybercriminals. Check Point Research recently uncovered a sinister campaign targeting Minecraft users through the Stargazers Ghost Network, a Distribution as…
jQuery Migrate Library Compromised to Steal Logins via Parrot Traffic Direction System
Security researchers from the Trellix Advanced Research Centre have uncovered a sophisticated malware campaign exploiting the widely trusted jQuery Migrate library, a backward compatibility plugin used extensively in platforms like WordPress, Joomla, and Drupal. The attack, which began with a…
Hackers Deploy Amatera Stealer Using Advanced Web Injection and Anti-Analysis Techniques
Proofpoint has uncovered a rebranded and significantly enhanced information stealer named Amatera Stealer, derived from the previously known ACR Stealer. Identified in early 2025, this malware exhibits substantial code overlap with its predecessor but introduces advanced features and stealth mechanisms…