Google Threat Intelligence Group (GTIG), in collaboration with external partners, has uncovered a sophisticated phishing campaign orchestrated by a Russia state-sponsored cyber threat actor, tracked as UNC6293. Active from at least April through early June 2025, this campaign specifically targeted…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
ClamAV 1.4.3 and 1.0.9 Released with Fixes for Critical Remote Code Execution Vulnerability
The ClamAV development team has rolled out two crucial security patch releases, versions 1.4.3 and 1.0.9, aimed at resolving significant vulnerabilities that could compromise system integrity. Alongside these patches, the team has introduced Linux aarch64 (ARM64) RPM and DEB installer…
Hackers Exploit Cloudflare Tunnels to Infect Windows Systems With Python Malware
A sophisticated malware campaign dubbed SERPENTINE#CLOUD has emerged, leveraging Cloudflare Tunnel infrastructure to deliver Python-based malware to Windows systems across Western nations, including the United States, United Kingdom, and Germany. This ongoing operation, characterized by its use of obfuscated scripts…
Microsoft Entra ID Adds Passkey (FIDO2) Support in Public Preview
Microsoft has announced a significant update to its identity platform, Microsoft Entra ID, with the introduction of expanded passkey (FIDO2) support in public preview. Set to roll out globally from mid-October to mid-November 2025, this enhancement marks a major step…
Jitter-Trap: New Method Uncovers Stealthy Beacon Communications
A groundbreaking detection technique called Jitter-Trap has been unveiled by Varonis Threat Labs, promising to revolutionize how organizations identify one of the most elusive stages in the cyberattack lifecycle: post-exploitation and command-and-control (C2) communication. This method leverages the very randomness that threat…
LogMeIn Remote Access Abused in Targeted System Compromise
A sophisticated cyberattack campaign has been uncovered, leveraging LogMeIn Resolve remote access software to gain unauthorized control over user systems. Security researchers report that the attack begins with a convincingly crafted invoice-themed spam email, designed to trick recipients into opening…
Cisco AnyConnect VPN Flaw Allows Attackers to Launch DoS Attacks
A newly disclosed vulnerability in Cisco’s AnyConnect VPN implementation for Meraki MX and Z Series devices poses a significant risk to enterprise networks, enabling unauthenticated attackers to disrupt remote access by triggering denial-of-service (DoS) conditions. The flaw, tracked as CVE-2025-20271,…
Ransomware Gang Busted by Authorities; Devices and Evidence Seized
Thai authorities have dismantled a sophisticated criminal enterprise operating from the eight-storey Antai Holiday Hotel in Pattaya, unearthing both a high-stakes gambling den and a cybercrime ring specializing in ransomware attacks. The raid, conducted at 11:30 p.m. on June 16,…
Apache Traffic Server Vulnerability Allows DoS Attacks Through Memory Exhaustion
A newly disclosed vulnerability in Apache Traffic Server (ATS) has raised serious concerns among enterprise users and cloud providers, as attackers can exploit a flaw in the Edge Side Includes (ESI) plugin to trigger denial-of-service (DoS) attacks by exhausting server…
Password Reset Link Poisoning Leads to Full Account Takeover
A critical vulnerability known as Password Reset Link Poisoning has recently come under the spotlight, exposing web users and organizations to the risk of full account takeover. This flaw, which leverages Host Header Injection, enables attackers to manipulate the domain in password…