New ChatGPT o3-alpha model hints at coding upgrade
ChatGPT's o3 is OpenAI's best model to date because it features reasoning, and it might get even better in the next update. [...]
Aggregator
Google Sues the Operators Behind the BadBox 2.0 Botnet
9 months ago
Google is suing the operators behind BadBox 2.0, accusing multiple Chinese threat groups of playing different roles in the operation of the massive botnet that rolled up more than 10 million devices to run large-scale ad fraud and other malicious campaigns.
The post Google Sues the Operators Behind the BadBox 2.0 Botnet appeared first on Security Boulevard.
Jeffrey Burt
New Surge of Crypto-Jacking Hits Over 3,500 Websites
9 months ago
Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a startling return to crypto-jacking techniques reminiscent of the Coinhive heyday of 2017. This new wave, detected in late 2024, marks a departure from the resource-intensive miners of the past, which caused noticeable device slowdowns and […]
The post New Surge of Crypto-Jacking Hits Over 3,500 Websites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
China's Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
9 months ago
Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement authorities in China to gather information from seized mobile devices.
The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd., which was formerly known as Meiya Pico. It specializes in the
The Hacker News
Japanese police release decryptor for Phobos ransomware after February takedown
9 months ago
Victims of Phobos ransomware and its 8Base offshoot now have access to a decryptor released by Japanese law enforcement and backed by the FBI and European officials.
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
9 months ago
Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit 26165, pursues motivations encompassing financial gain, reputational sabotage, espionage, and political agendas. Their operations frequently […]
The post Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Interlock
9 months ago
You must login to view this content
cohenido
UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
9 months ago
Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber espionage campaign.
"This threat entity demonstrates a strong preference for using shortcut files (LNK), VBScript, and post-exploitation tools such as Cobalt Strike and Metasploit, while consistently deploying CV-themed
The Hacker News
Russian alcohol retailer WineLab closes stores after ransomware attack
9 months ago
WineLab, the retail store of the largest alcohol company in Russia, has closed its stores following a cyberattack that is impacting its operations and causing purchase problems to its customers. [...]
Bill Toulas
Китаю не нужен взлом — ему нужны кабели. США впервые ставят под сомнение физическую надёжность всего глобального интернета
9 months ago
Федеральная комиссия по связи готовит меры против саботажа и китайского влияния.
Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
9 months ago
Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances.
According to a report published by JPCERT/CC today, the threat actors behind the exploitation of CVE-2025-0282 and CVE-2025-22457 in intrusions observed between December 2024 and July
The Hacker News
Safepay
9 months ago
You must login to view this content
cohenido
Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
9 months ago
Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish businesses, especially those in the defense and aerospace sectors. The campaign distributes malicious emails masquerading as contractual documents, such as the file “TEKLİF İSTEĞİ – TUSAŞ TÜRK HAVACILIK UZAY SANAYİİ_xlsx.exe” with SHA256 hash 0cb819d32cb3a2f218c5a17c02bb8c06935e926ebacf1e40a746b01e960c68e4. This […]
The post Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Good Hardening Tor Browser Article on Dread
9 months ago
Good Hardening Tor Browser Article on Dread
Dark Web Informer - Cyber Threat Intelligence
CVE-2025-7824 | Jinher OA 1.1 XmlHttp.aspx xml external entity reference (EUVD-2025-21962)
9 months ago
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference.
The identification of this vulnerability is CVE-2025-7824. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7823 | Jinher OA 1.2 ProjectScheduleDelete.aspx xml external entity reference (EUVD-2025-21963)
9 months ago
A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference.
This vulnerability was named CVE-2025-7823. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #616842: Jinhe OA V1.1 XML External Entity Reference [Accepted]
9 months ago
Submit #616842 / VDB-316925
cc2024k
Submit #616841: Jinhe OA V1.2 XML External Entity Reference [Accepted]
9 months ago
Submit #616841 / VDB-316924
cc2024k
CVE-2025-7819 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /create-pass.php visname cross site scripting (EUVD-2025-21957)
9 months ago
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /create-pass.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-7819. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-7818 | PHPGurukul Apartment Visitors Management System 1.0 HTTP POST Request /category.php categoryname cross site scripting (EUVD-2025-21958)
9 months ago
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /category.php of the component HTTP POST Request Handler. The manipulation of the argument categoryname leads to cross site scripting.
This vulnerability is handled as CVE-2025-7818. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com