GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

A critical local privilege escalation vulnerability has been discovered in RaspAP, an open-source project designed to transform Raspberry Pi devices into wireless access points or routers. Identified as CVE-2024-41637, this flaw has been rated with a severity score of 9.9 (Critical) on the CVSS scale. The vulnerability affected RaspAP versions before 3.1.5 and was disclosed […]

The post RaspAP Flaw Let Hackers Escalate Privileges with Raspberry Pi Devices appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Hackers continuously exploit malicious Python packages to attack developer environments and inject harmful code that enables them to steal sensitive information, install malware, or create backdoors. The method takes advantage of the widely-used repositories for packaging consequently creating a widespread impact with minimum effort from the attackers. Cybersecurity researchers at CheckMarx recently identified that threat […]

The post Malicious Python Package Attacking macOS Developers To Steal Google Cloud Logins appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Hackers often attack secure boot during the boot process to execute unauthorized code, which gives them the ability to bypass a system’s security measures. By compromising Secure Boot, they can install rootkits and malware at a low level, gaining persistent control over the system and evading traditional security defenses. The Binarly Research Team discovered a […]

The post PKfail, Critical Firmware Supply-Chain Issue Let Attackers Bypass Secure Boot appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A malicious campaign emerged on June 21, 2024, distributing a JavaScript file hosted on grupotefex.com, which executes an MSI installer, subsequently dropping a Brute Ratel Badger DLL into the user’s AppData.  The command-and-control framework Brute Ratel then downloads and inserts the stealthy Latrodectus backdoor, which gives threat actors remote control, the ability to steal data, […]

The post Hackers Attacking Users Searching For W2 Form appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Onyx Sleet, a cyber espionage group also known as SILENT CHOLLIMA, Andariel, DarkSeoul, Stonefly, and TDrop2, mainly targets the military, defense sector, and technology in the United States, South Korea, and India. The group historically used spear-phishing, but they have now started using N-day vulnerabilities, such as in their October 2023 attack on TeamCity. To […]

The post North Korean Onyx Sleet Using Group Of Malware And Exploits to Gain Intelligence appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Cisco has issued patches for multiple products affected by a critical vulnerability in the RADIUS protocol. The vulnerability, identified as CVE-2024-3596, was disclosed by security researchers on July 7, 2024. This flaw allows an on-path attacker to forge responses using a chosen prefix collision attack against the MD5 Response Authenticator signature. Cisco has been actively […]

The post Cisco Patches the Products Impacted by RADIUS Protocol Vulnerability appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The French government has investigated a malware attack that compromised approximately 3,000 machines within the country. The attack, part of a more extensive botnet operation affecting millions globally, has raised serious concerns about cybersecurity as France prepares to host the upcoming Olympic Games. Discovery and Initial Response The investigation began following a report from Sekoia, […]

The post French Govt Investigating Recent Malware Attack that Compromised 3,000 Machines appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.