GBhackers

Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware

The attack begins with a malicious Inno Setup installer that leverages Pascal scripting to execute a series of evasion techniques, including debugger and sandbox detection.

New Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS Attacks

NSFOCUS Fuying Lab’s Global Threat Hunting System has discovered a new botnet family called “hpingbot” that has been quickly expanding since June 2025, marking a significant shift in the cybersecurity scene.

ScriptCase Vulnerabilities Allow Remote Code Execution and Full Server Compromise

Two critical vulnerabilities have been discovered in ScriptCase, a popular low-code PHP web application generator, which puts thousands of servers at risk of remote code execution and complete compromise.

Researchers Defeat Content Security Policy Protections via HTML Injection

Security researchers have demonstrated a method to bypass nonce-based Content Security Policy (CSP) protections using HTML injection, CSS-based nonce leakage, and browser cache manipulation.

Wing FTP Server Vulnerability Allows Full Server Takeover by Attackers

A critical vulnerability identified as CVE-2025-47812 affects Wing FTP Server versions v7.4.3 and earlier. Wing FTP released a security update on May 14, 2025, to address this issue. Proof-of-concept exploit code is publicly available.

Cl0p Ransomware’s Exfiltration Process Exposes RCE Vulnerability

A newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The vulnerability is rated 8.9 (High) on the CVSS 4.0 scale.

ModSecurity WAF Vulnerability Enables DoS Using Empty XML Elements

A newly disclosed vulnerability in ModSecurity, a widely used open-source web application firewall (WAF), exposes servers to denial-of-service (DoS) attacks by exploiting a flaw in the way the software parses empty XML elements.

Hunt Electronic DVR Vulnerability Leaves Admin Credentials Unprotected

A critical vulnerability (CVE-2025-6561) in Hunt Electronics’ hybrid DVRs (models HBF-09KD and HBF-16NK) allows unauthenticated remote attackers to access configuration files containing plaintext administrator credentials.

MOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPs

A significant surge in scanning and exploitation activity has been observed targeting Progress Software’s MOVEit Transfer platform. Over 682 unique IP addresses have been identified in scanning operations.

Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization

A vulnerability in Kubernetes, tracked as CVE-2025-4563, allows compromised nodes to bypass authorization checks for dynamic resource allocation. It can lead to privilege escalation in clusters where specific configurations are enabled.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags