New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastruct...
GBHackers
20 articles
ClickFix Campaign Abuses macOS Script Editor to Deploy Atomic Stealer
A refreshed ClickFix campaign that swaps macOS Terminal for Script Editor to deliver an Atomic Stealer payload to unsuspecting Mac users quietly. By abusing ...
Technical Details Released for Critical Cisco SSM Command Execution Vulnerability
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tr...
STX RAT Hides Remote Desktop, Steals Data to Dodge Detection
A stealthy new remote access trojan, dubbed STX RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced ev...
Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks
Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) li...
Fake Security Tool Spreads LucidRook in Taiwan Cyberattacks
Hackers are using fake security tools and cleverly crafted phishing emails to secretly deploy a new malware family, LucidRook, against organizations in Taiwa...
China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft
A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes of highly classified informatio...
CISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (...
Linux Foundation Leader Impersonated in Slack Attack on Open Source Developers
A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren mailing list, a pu...
RoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past Defenses
A sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced evasion tech...
Critical Chrome Flaws Let Attackers Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version 147 to t...
Silver Fox Campaign Spreads ValleyRAT via Fake Chinese Telegram Language Pack
New analysis of a fake Telegram installer uploaded to MalwareBazaar shows Silver Fox expanding its ValleyRAT operations with a fresh delivery chain that hide...
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
SonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the...
Palo Alto Cortex XSOAR Flaw in Microsoft Teams Integration Lets Attackers Access Data
Palo Alto Networks has released a high-priority security update to address a serious vulnerability in its Cortex XSOAR and Cortex XSIAM platforms. Tracked as...
GitLab Addresses Multiple Vulnerabilities Linked to DoS and Code Injection
GitLab has rolled out a crucial security update to fix multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms. Orga...
Meta Business Alerts Abused for Phishing Campaigns
Hackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing tru...
Microsoft Confirms Windows 11 Update Breaks Start Menu Search
Microsoft recently addressed a disruptive server-side flaw that completely disabled Start Menu search functionality for some Windows 11 23H2 users. The tech ...
Anthropic Launches Claude Mythos Preview Focused on Zero-Day Vulnerability Discovery
Anthropic recently unveiled Claude Mythos Preview, a groundbreaking general-purpose language model demonstrating an unprecedented, emergent ability to autono...
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
Security researchers at EXPMON have uncovered a highly sophisticated, unpatched zero-day vulnerability actively targeting Adobe Reader users. The exploit, fi...
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that turns stolen Microsoft 365 tokens and AI into an end‑to‑end factory for Business Email Compro...