GBhackers

Hackers Use Gh0st RAT to Hijack Internet Café Systems for Crypto Mining

A sophisticated malware campaign has been targeting South Korean Internet cafés since mid-2024, exploiting management software to deploy Gh0st RAT and T-Rex CoinMiner for unauthorized cryptocurrency mining.

Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data

A moderate-severity vulnerability, CVE-2025-27522, has been identified in Apache InLong versions 1.13.0 through 2.1.0. It allows deserialization of untrusted data during JDBC verification, enabling attackers to bypass security mechanisms.

Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘Rent-a-Bank-Account’ Scam

A new cyber-enabled financial fraud scheme, known as the "rent-a-bank-account" scam, is turning unsuspecting individuals into money mules. This scam is rapidly proliferating and poses a significant threat to financial systems and national security.

XenServer Windows VM Tools Flaw Enables Attackers to Run Arbitrary Code

Citrix has disclosed three high-severity vulnerabilities (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in XenServer VM Tools for Windows, enabling attackers to escalate privileges within guest Windows VMs.

Threat Actors Weaponizing DCOM to harvest credentials on Windows systems

A new stealthy attack technique is leveraging Distributed Component Object Model (DCOM) objects on Windows systems to harvest credentials without deploying payloads or triggering traditional security alerts.

CISA Publishes ICS Advisories Highlighting New Vulnerabilities and Exploits

On May 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued ICS advisory ICSA-25-146-01, disclosing a high-severity vulnerability (CVE-2025-26383) in the Johnson Controls iSTAR Configuration Utility (ICU) Tool.

Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs

A new cyber-espionage campaign attributed to the North Korean APT group Velvet Chollima has been identified, targeting South Korean government officials and organizations across North America, South America, Europe, and East Asia.

Arm Mali GPU Vulnerability Enables Bypass of MTE and Arbitrary Kernel Code Execution

A critical vulnerability, CVE-2025-0072, has been identified in the Arm Mali GPU driver, affecting devices using the Command Stream Frontend (CSF) architecture, including Google Pixel 7, 8, and 9 series.

Critical GitHub MCP Server Vulnerability Allows Unauthorized Access to Private Repositories

A critical vulnerability in the GitHub MCP integration has been discovered, exposing private repository data through prompt injection attacks. This flaw affects users leveraging coding agents and IDEs integrated with GitHub MCP.

Hackers Exploit HTTP/2 Flaw to Launch Arbitrary Cross-Site Scripting Attacks

Researchers have uncovered critical vulnerabilities in HTTP/2 server push and Signed HTTP Exchange (SXG) that allow attackers to bypass the Same-Origin Policy (SOP). These flaws enable off-path attacks.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags