24Articles
7Categories
2025-12-13Date
🚨 CISA KEV 1[−]
13 Dec KEVCISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE AttacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. CVE-2018-4063 (CVSS sc…THEHACKERNEWS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
13 Dec KEVApple Issues Security Updates After Two WebKit Flaws Found Exploited in the WildApple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. …THEHACKERNEWS.COM
13 Dec KEVApple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone UsersApple has issued critical security patches addressing two actively exploited zero-day vulnerabilities affecting iPhone and iPad devices. The tech giant confirmed that both flaws were leveraged in extremely sophisticated attacks targeting specific individuals before iOS 26 was rel…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
13 DecLeaked Home Depot credential exposed internal systems for a yearHome Depot exposed access to internal systems for a year, TechCrunch reports . According to security researcher Ben Zimmermann , a Home Depot employee published a private GitHub access token sometime in early 2024, likely by mistake. Zimmerman told TechCrunch that when he tested …CSOONLINE.COM
13 DecMicrosoft flips security script: ‘In scope by default’ makes all vulnerabilities fair game for bug bountiesToday’s AI-enabled attackers are agnostic: They’re not limiting themselves to specific companies, products, or services — they’re going where the vulnerabilities are. To meet them on this ground, Microsoft is pivoting its cybersecurity strategy to what it calls ‘In Scope by Defau…CSOONLINE.COM
13 DecThe Hidden Danger of Storing Secrets Online | Interview with Jake Knott from WatchtowerIn this episode of Cybersecurity Today, host Jim Love discusses the shocking discovery of over 80,000 leaked credentials and secrets in online code formatting tools with Jake Knott, a principal security researcher from Watchtower. They delve into the vulnerabilities exposed by th…CYBERSECURITYTODAY.LIBSYN.COM
13 DecEmpire 6.3.0 Released as Updated Post-Exploitation Framework for Red TeamsResearcher has officially released Empire 6.3.0, a significant update to the widely used post-exploitation and adversary emulation framework designed for Red Teams and Penetration Testers. This latest version reinforces the tool’s modular architecture, offering operator flexibili…GBHACKERS.COM
🔥 INCIDENT REPORTING 2[−]
13 DecResearchers and Developers Targeted in AI-Driven GitHub Supply Chain AttackA sophisticated AI-generated supply chain attack is targeting researchers, developers, and security professionals through compromised GitHub repositories, according to findings from Morphisec Threat Labs. The campaign leverages dormant GitHub accounts and polished, AI-crafted rep…GBHACKERS.COM
13 DecCyberVolk’s ransomware debut stumbles on cryptography weaknessThe pro-Russia hacktivist group CyberVolk launched a ransomware-as-a-service (RaaS) called VolkLocker that suffered from serious implementation flaws, allowing victims to potentially decrypt files for free. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 4[−]
13 DecHackers Target Windows Systems Using Phantom Stealer Hidden in ISO FilesSeqrite Labs has uncovered an active Russian phishing campaign that delivers Phantom information-stealing malware through malicious ISO files embedded in fake payment confirmation emails. The sophisticated attack primarily targets finance and accounting professionals in Russia, u…GBHACKERS.COM
13 DecChina's Tech Lead: A 25-Year ShiftChina is dominating the tech world, leading in 90% of crucial technologies like nuclear energy and quantum computing! 🚀🔍 In just 25 years, they've flipped the script, leaving others in the dust. What does this mean for global cybersecurity and innovation? Subscribe to our podcast…YOUTUBE.COM
13 DecKali Linux 2025.4 Released Featuring 3 New Hacking Tools and Wifipumpkin3The release of Kali Linux 2025.4 marks a significant milestone for the ethical hacking distribution, bringing major architectural changes and a suite of fresh tools. This update focuses on stripping away “fluff” to prioritize performance, essential utilities, and impr…GBHACKERS.COM
13 DecHackers Launch Rust-Based Luca Stealer Targeting Linux and WindowsCybercriminals are increasingly abandoning traditional programming languages like C and C++ in favor of modern alternatives such as Rust, Golang, and Nim. This strategic shift enables threat actors to write malicious code once and compile it for both Windows and Linux with minima…GBHACKERS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
13 DecFake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware PayloadsCybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities …THEHACKERNEWS.COM
📡 INFOSEC NEWS 1[−]