25Articles
7Categories
2025-04-19Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
19 AprCritical Erlang/OTP SSH RCE bug now has public exploits, patch nowPublic exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. [...]BLEEPINGCOMPUTER.COM
19 AprASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update FirmwareASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10…THEHACKERNEWS.COM
19 AprChinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized AccessIn a sophisticated cyber-espionage operation, a group known as UNC5221, suspected to have China-nexus, has exploited a critical vulnerability in Ivanti Connect Secure VPN appliances. The exploit, identified as CVE-2025-22457, represents a stack-based buffer overflow affecting mul…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
19 AprGorilla Android Malware Intercepts SMS to Steal One-Time PasswordsIn a concerning development within the Android ecosystem, a new malware variant known as “Gorilla” has been identified, primarily targeting financial and personal information through SMS interception. Written in Kotlin, Gorilla appears to be in its developmental infan…GBHACKERS.COM
19 AprMicrosoft Warns of Ransomware Gangs Exploit Cloud Environments with New TechniquesIn a comprehensive analysis of the ransomware landscape in the first quarter of 2025, Microsoft Threat Intelligence has highlighted significant shifts in tactics by threat actors, marking a strategic evolution in their operations. The analysis reveals a growing trend where ransom…GBHACKERS.COM
19 AprHow To Hunt Web And Network-Based Threats From Packet Capture To PayloadModern cyberattacks increasingly exploit network protocols and web applications to bypass traditional security controls. To counter these threats, security teams must adopt advanced techniques for analyzing raw network traffic, from packet-level metadata to payload content. This …GBHACKERS.COM
19 AprHow SMBs Can Improve SOC Maturity With Limited ResourcesSmall and Medium-sized Businesses (SMBs) have become prime targets for cybercriminals, being three times more likely to be targeted by phishing attacks than larger organizations. These attacks often serve as entry points for ransomware infections that can devastate operations. As…GBHACKERS.COM
19 AprRust Is Eating C Code Alive 🦀💥Rust is officially making waves in the Linux Kernel, and cybersecurity pros are paying attention. In this powerful KubeConf keynote, Greg KH highlights how over 5,000 developers from 350+ companies are shaping the future of open-source. This short dives into why Rust’s integratio…YOUTUBE.COM
19 AprDoug’s Drink Choices Are a Data Breach Waiting to HappenDoug’s cocktail experiments might be more dangerous than a zero-day exploit 😅 In this hilarious moment from a cybersecurity chat, Doug suggests mixing chartreuse and heavy cream—aka a “Gold Cadillac”—while Josh, the voice of reason, warns him like a built-in firewall. From AI sar…YOUTUBE.COM
19 AprDeepfake Scams Are Getting Too Real!Deepfake scams are getting terrifyingly real! 😱 Cybercriminals are now using AI to create ultra-realistic fake videos and voices, making it harder than ever to tell what's real and what's a scam. With remote work on the rise and security systems struggling to keep up, bad actors …YOUTUBE.COM
📋 SECURITY BULLETINS 1[−]
19 Apr10 Best Patch Management Tools 2025In today’s digital landscape, maintaining secure and efficient IT systems is critical for organizations. Patch management tools play a vital role in achieving this by automating the process of identifying, testing, and deploying software updates and security patches across …GBHACKERS.COM
📢 SECURITY ADVISORIES 3[−]
19 AprWidespread Microsoft Entra lockouts tied to new security feature rolloutWindows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's "leaked credentials" detection app called MACE. [...]BLEEPINGCOMPUTER.COM
19 Apr10 Best Cloud Security Solutions 2025In today’s digital era, businesses are increasingly adopting cloud computing to store data, run applications, and manage infrastructure. However, as organizations shift to the cloud, they face new security challenges such as cyber threats, data breaches, and compliance risks. Thi…GBHACKERS.COM
19 AprThe Compliance Work You Hate? It’s Getting Replaced by AICompliance tasks are evolving—and fast. In this short, cybersecurity expert Adrian Sanabria highlights how the rise of APIs and AI is making outdated GRC processes obsolete. From risk questionnaires to vendor management, the old checkbox mentality is being replaced by real-time a…YOUTUBE.COM
🔥 INCIDENT REPORTING 4[−]
19 AprNew Android malware steals your credit cards for NFC relay attacksA new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. [...]BLEEPINGCOMPUTER.COM
19 AprRogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux SystemsCybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils (132 downloads) nod…THEHACKERNEWS.COM
19 AprDARPA’s Real-Life “Skynet” For WMDs 🧠⚠️ #CyberOpsDARPA isn’t just working on futuristic tech—it’s building real-life early warning systems to detect chemical, biological, radiological, and nuclear threats before they happen. In this short, cybersecurity experts reveal how a sigma network inspired by cyber defense is now being u…YOUTUBE.COM
19 AprMisalignment in Cybersecurity: The $10M Mistake82% of CISOs report to CEOs, but does that really mean cybersecurity is a business priority? 🤔 The data tells a different story! Despite what companies claim, there’s a major misalignment when it comes to treating cybersecurity as a strategic risk. This gap could cost businesses …YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 3[−]
19 AprNew Android SuperCard X Malware Uses NFC-Relay Technique for POS & ATM TransactionsA new malware strain known as SuperCard X has emerged, utilizing an innovative Near-Field Communication (NFC)-relay attack to execute unauthorized transactions at Point-of-Sale (POS) systems and Automated Teller Machines (ATMs). Detailed in a recent report by the Cleafy Threat In…GBHACKERS.COM
19 AprSheByte PaaS Launches $199 Subscription Service for CybercriminalsThe landscape of cyber threats targeting Canadian financial institutions saw significant shifts after LabHost, a prominent phishing-as-a-service (PhaaS) platform, was shut down. LabHost, known for its extensive Interac-branded phishing kits, was responsible for around three-fourt…GBHACKERS.COM
19 AprWhat are your methods to harden *nix servers?submitted by fishynoob to cybersecurity 4 points | 7 comments I have been looking at hardening *nix servers for my lab and maybe carry some of that over to work. CIS benchmarks are something I like doing but that’s barely scratching the surface. What do you do for your servers? I…INFOSEC.PUB
📡 INFOSEC NEWS 4[−]
19 AprGoogle Gemini AI is getting ChatGPT-like Scheduled Actions featureGoogle Gemini is testing a ChatGPT-like scheduled tasks feature called "Scheduled Actions," which will allow you to create tasks that Gemini will execute later. [...]BLEEPINGCOMPUTER.COM
19 AprOpt-In? More Like Trap-In – Windows Recall Warning!Microsoft just introduced a new Windows feature called Recall — and cybersecurity pros aren’t having it. In this short, Doug White breaks down why this so-called “opt-in” tool is raising red flags. From automatic desktop screenshots to questions about local storage privacy, it so…YOUTUBE.COM
19 AprWhat Happens When Horror Meets Hacking 💀When horror legends and hacker scams collide, the result is as wild as it is hilarious 😱💻 In this bizarre story, Doug White drops a darkly funny warning about crypto schemes, fake investments, and… Canadian organ harvesting?! 🤯 Would you trust Vincent Price with your kidneys? Thi…YOUTUBE.COM
19 AprWhy Jailbreak Papers Might Be Useless Now 🤯Cybersecurity expert Mike shares a mind-blowing insight from a recent Mindguard.ai article, questioning the industry's obsession with jailbreak and prompt injection testing. He argues that model testing alone isn’t enough—and that the real problem lies deeper in the app layer. Th…YOUTUBE.COM