The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding active exploitation of a critical Linux kernel vulnerability, tracked as CVE-2023-0386, which has now been added to the Known Exploited Vulnerabilities (KEV) Catalog. This flaw, rooted in the…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Google’s Gerrit Platform Flaw Exposes 18 Google Projects, Including ChromiumOS, to Hackers
A critical vulnerability, dubbed “GerriScary,” has been discovered in Google’s Gerrit code-collaboration platform, putting at least 18 major Google projects—including ChromiumOS, Chromium, Dart, and Bazel—at risk of unauthorized code submissions by hackers. This flaw, uncovered by Tenable Cloud Research, highlights…
Citrix NetScaler ADC & Gateway Flaws Expose Sensitive Data to Hackers
Two critical vulnerabilities have been discovered in Citrix NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), potentially exposing sensitive data to hackers and putting enterprise networks at significant risk. The flaws, identified as CVE-2025-5349 and CVE-2025-5777, have…
Veeam Vulnerabilities Expose Backup Servers to Remote Attacks
Veeam, a leading provider of data protection and backup solutions, disclosed three critical vulnerabilities affecting its widely deployed backup software. These flaws—assigned CVE-2025-23121, CVE-2025-24286, and CVE-2025-24287—could allow attackers to execute code remotely or escalate privileges, posing significant risks to organizations…
New Sorillus RAT Targets European Organizations Through Tunneling Services
An important development discovered in March 2025 by Orange Cyberdefense’s Managed Threat Detection teams in Belgium was that a European client was the subject of a malicious infection chain that used the Sorillus Remote Access Trojan (RAT). Further analysis by…
New KimJongRAT Stealer Uses Weaponized LNK File to Deploy PowerShell-Based Dropper
The two new variants of the KimJongRAT stealer have emerged, showcasing the persistent and evolving nature of this malicious tool first identified in 2013. Detailed research by Palo Alto Networks’ Unit 42 reveals that these variants, one employing a Portable…
New Chaos RAT Variants Targeting Windows and Linux Systems to Steal Sensitive Data
The Acronis Threat Research Unit has identified new variants of Chaos RAT, a remote administration tool (RAT) that has evolved from an open-source project first observed in 2022 into a formidable multi-platform malware. These latest iterations of Chaos RAT are…
New Sophisticated Multi-Stage Malware Campaign Uses VBS Files to Execute PowerShell Script
A recently uncovered malware campaign has revealed a highly sophisticated, multi-stage infection process utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy remote access trojans (RATs) such as Remcos, LimeRAT, DCRat, and AsyncRAT. Discovered across a cluster of 16…
Beware: Weaponized Research Papers Delivering Malware Through Password-Protected Documents
The AhnLab Security Intelligence Center (ASEC) recently made the concerning revelation that the infamous Kimsuky hacking organization was connected to a crafty phishing email campaign that targeted unwary people. Disguised as a seemingly legitimate request for a paper review from…
XDSpy Threat Actors Exploit Windows LNK Zero-Day Vulnerability to Target Windows System Users
The XDSpy threat actor has been identified as exploiting a Windows LNK zero-day vulnerability, dubbed ZDI-CAN-25373, to target governmental entities in Eastern Europe and Russia. This ongoing campaign, active since March 2025, employs an intricate multi-stage infection chain to deploy…