Aggregator

Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks

A recent study by researchers from the National University of Singapore and NCS Cyber Special Ops R&D explores how the MITRE ATT&CK framework can be enhanced to address the rapidly evolving landscape of cyber threats. The research synthesizes findings from 417 peer-reviewed publications to evaluate the framework’s applications across various cybersecurity domains, including threat intelligence, […]

The post New Research Aims to Strengthen MITRE ATT&CK for Evolving Cyber Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Think you're safe because you're compliant? Think again. Recent studies continue to highlight the concerning trend that compliance with major security frameworks does not necessarily prevent data breaches. Learn more from Pentera on how automated security validation bridges the security gaps. [...]

A significant vulnerability has been identified in large language models (LLMs) such as ChatGPT, raising concerns over their susceptibility to adversarial attacks. Researchers have highlighted how these models can be manipulated through techniques like prompt injection, which exploit their text-generation capabilities to produce harmful outputs or compromise sensitive information. Prompt Injection: A Growing Cybersecurity Challenge […]

The post New LLM Vulnerability Exposes AI Models Like ChatGPT to Exploitation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anonymous KSA Targeted the Website of Fattah Cyber Team

Ученые наконец разберут геном по кирпичикам и заполнят белые пятна.

BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum RAMP, and their aggressive recruiting of traffers (individuals that steer victims to harmful content/software), initial access brokers (IABs), and affiliates. What is BlackLock? BlackLock (aka El Dorado or Eldorado) cropped up in early 2024. It uses custom-built ransomware that can … More →

The post BlackLock ransomware onslaught: What to expect and how to fight it appeared first on Help Net Security.

A Threat Actor is Selling Thunderbird Mailer Cluster Edition

At Seceon’s 2025 Q1 Innovation and Certification Days, Seceon CEO Chandra Pandey and Joshua Skeens, CEO of Seceon’s partner Logically (www.logically.com) engaged in an insightful discussion about AI’s transformative role in cybersecurity. As cyber threats become increasingly AI-driven, organizations must evolve their security strategies to stay ahead of attackers. The Growing AI Threat Landscape Skeens

The post Leveraging AI to Stay Ahead in Cybersecurity: A Conversation with Chandra Pandey and Joshua Skeens, CEO of Logically  appeared first on Seceon Inc.

The post Leveraging AI to Stay Ahead in Cybersecurity: A Conversation with Chandra Pandey and Joshua Skeens, CEO of Logically  appeared first on Security Boulevard.

A sophisticated malware campaign leveraging the Lumma InfoStealer has been identified, targeting educational institutions to distribute malicious files disguised as PDF documents. This campaign employs compromised school infrastructure to deliver weaponized LNK (shortcut) files masquerading as legitimate PDFs, initiating a multi-stage infection process. The Lumma InfoStealer, a Malware-as-a-Service (MaaS) offering, is designed to exfiltrate sensitive […]

The post Weaponized PDFs Deliver Lumma InfoStealer Targeting Educational Institutions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a new MageCart malware campaign targeting e-commerce websites running on the Magento platform. This attack exploits <img> HTML tags to conceal malicious JavaScript skimmers, enabling cybercriminals to steal sensitive payment information while evading detection by security tools. MageCart, a term used to describe credit card skimming malware, has evolved with increasingly […]

The post Cybercriminals Embedded Credit Card Stealer Script Within <img> Tag appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered a new cyberespionage campaign, tracked as RevivalStone, carried out by the China-linked APT group Winnti in March 2024. Threat actors targeted Japanese companies in the manufacturing, […]

A Threat Actor is Selling Domain Admin Access to an Unidentified U.S.-Based Company

The rise of customized large language models (LLMs) has revolutionized artificial intelligence applications, enabling businesses and individuals to leverage advanced reasoning capabilities for complex tasks. However, this rapid adoption has also exposed critical vulnerabilities. A groundbreaking study by Zhen Guo and Reza Tourani introduces DarkMind, a novel backdoor attack targeting the reasoning processes of customized […]

The post DarkMind: A Novel Backdoor Attack Exploiting Customized LLMs’ Reasoning Capabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated cyber espionage campaign leveraging the EagerBee malware has been targeting government agencies and Internet Service Providers (ISPs) across the Middle East. This advanced backdoor malware, attributed to the Chinese-linked threat group CoughingDown, demonstrates cutting-edge stealth capabilities and persistence mechanisms, posing a significant threat to critical infrastructure in the region. Advanced Capabilities of EagerBee […]

The post EagerBee Malware Targets Government Agencies & ISPs with Stealthy Backdoor Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The identification of this vulnerability is CVE-2025-1448. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.