Apache Fineract SQL Injection Vulnerability Allows Malicious Data Injection
GBHackers on Security
by Divya
20m ago
The Apache Software Foundation has disclosed a critical SQL injection vulnerability in its widely utilized financial platform, Apache Fineract. The flaw, tracked as CVE-2024-32838, affects multiple API endpoints and poses a significant risk to applications built on this platform. This vulnerability allows authenticated attackers to inject malicious SQL data, potentially compromising sensitive information and the overall […] The post Apache Fineract SQL Injection Vulnerability Allows Malicious Data Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Pla ..read more
Visit website
AMD Ryzen Flaw Enables Code Execution Through DLL Hijacking
GBHackers on Security
by Divya
20m ago
A security vulnerability has been identified in the AMD Ryzen™ Master Utility, a performance-tuning tool for AMD Ryzen™ processors. This flaw, discovered by a security researcher, allows for privilege escalation and arbitrary code execution via DLL hijacking. AMD has confirmed the issue and issued a patch to mitigate the risk. The Vulnerability The AMD Ryzen™ Master Utility provides users with a streamlined interface for overclocking, monitoring system performance, […] The post AMD Ryzen Flaw Enables Code Execution Through DLL Hi ..read more
Visit website
Hackers Exploiting Newly Discovered PAN-OS Authentication Bypass Vulnerability
GBHackers on Security
by Divya
2h ago
Threat actors actively exploit a new high-severity vulnerability, CVE-2025-0108, in Palo Alto Networks’ PAN-OS. This exploit allows attackers to bypass authentication, execute certain PHP scripts, and potentially gain unauthorized access to affected systems. With the widespread use of PAN-OS in enterprise environments, the vulnerability poses a significant security risk to organizations globally. Active Exploitation in […] The post Hackers Exploiting Newly Discovered PAN-OS Authentication Bypass Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platfo ..read more
Visit website
WinZip Vulnerability Allows Remote Attackers to Execute Arbitrary Code
GBHackers on Security
by Divya
2h ago
A newly discovered vulnerability in WinZip, a popular file compression and archiving utility, has raised alarms among cybersecurity experts. Identified as CVE-2025-1240, this critical flaw allows remote attackers to execute arbitrary code on a victim’s system under specific conditions. Users are strongly advised to update their software to mitigate the risk. Key Details of the […] The post WinZip Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform ..read more
Visit website
New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild
GBHackers on Security
by Balaji
10h ago
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat (APT) group Mustang Panda. The vulnerability, which affects the Windows Explorer graphical user interface (GUI), has been classified as low-severity by Microsoft but poses significant risks due to its exploitation in […] The post New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform ..read more
Visit website
Burp Suite Professional / Community 2025.2 Released With New Built-in AI Integration
GBHackers on Security
by Balaji
12h ago
PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API, enhancing the capabilities for building smarter, AI-powered extensions. Bug Fixes and Browser Updates: A notable bug fix corrects the display of source IP addresses for DNS requests over IPv6 in the […] The post Burp Suite Professional / Community 2025.2 Released With New Built-in AI Integration appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform ..read more
Visit website
Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website
GBHackers on Security
by Aman Mishra
17h ago
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot. This multi-year initiative has targeted critical infrastructure worldwide, expanding the group’s reach beyond its traditional focus on Ukraine and Eastern Europe to include North America, Europe, and Asia-Pacific regions. Exploiting Vulnerabilities […] The post Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website appeared first on GBHackers Security | #1 Globally Trusted Cyber Security Ne ..read more
Visit website
BadPilot Attacking Network Devices to Expand Russian Seashell Blizzard’s Attacks
GBHackers on Security
by Aman Mishra
17h ago
A newly uncovered cyber campaign, dubbed “BadPilot,” has been linked to a subgroup of the Russian state-sponsored hacking collective Seashell Blizzard, also known as Sandworm. This operation, active since at least 2021, represents a significant expansion in Russia’s cyber activities, targeting critical infrastructure globally. According to Microsoft Threat Intelligence, the campaign focuses on compromising internet-facing […] The post BadPilot Attacking Network Devices to Expand Russian Seashell Blizzard’s Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News P ..read more
Visit website
Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications
GBHackers on Security
by Aman Mishra
18h ago
Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its ability to evade detection by endpoint security tools. The tool, first released on GitHub in […] The post Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform ..read more
Visit website
Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S
GBHackers on Security
by Aman Mishra
18h ago
Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States. These campaigns, once primarily focused on national-level politics, have increasingly targeted state and local governments, community groups, and individuals. Leveraging advanced technologies such as generative artificial intelligence (AI), these actors aim to […] The post Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S appeared first on GBHackers Security | #1 Globally Trusted Cyber Secur ..read more
Visit website

Follow GBHackers on Security on FeedSpot

Continue with Google
Continue with Apple
OR