The Hacker News
- FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites April 2, 2025The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them remote access to compromised Windows systems. "This malware allows attackers to execute remote shell commands and other system operations, giving them […]
- New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth April 2, 2025Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. "Hijack Loader released a new module that implements call stack spoofing to hide the origin of function calls (e.g., API and system calls)," Zscaler ThreatLabz researcher Muhammed Irfan […]
- Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign April 1, 2025Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign […]
- Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform April 1, 2025On the 21st birthday of Gmail, Google has announced a major update that allows enterprise users to send end-to-end encrypted (E2EE) to any user in any email inbox in a few clicks. The feature is rolling out starting today in beta, allowing users to send E2EE emails to Gmail users within an organization, with plans […]
- Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing April 1, 2025A new sophisticated phishing-as-a-service (PhaaS) platform called Lucid has targeted 169 entities in 88 countries using smishing messages propagated via Apple iMessage and Rich Communication Services (RCS) for Android. Lucid's unique selling point lies in its weaponizing of legitimate communication platforms to sidestep traditional SMS-based detection mechanisms. "Its scalable,
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
- New Outlaw Linux Malware Using SSH brute-forcing To Maintain Botnet Activities for long Time April 2, 2025A persistent Linux malware known as “Outlaw” has been identified leveraging unsophisticated yet effective techniques to maintain a long-running botnet. Despite its lack of advanced evasion mechanisms, Outlaw continues to propagate and monetize its activities by employing SSH brute-forcing, cron-based persistence, and modified cryptocurrency miners. Its modular design and worm-like propagation allow it to infect […]
- Hackers Exploit JavaScript & CSS Tricks to Steal Browsing History April 2, 2025The web browsing history feature, designed to enhance user convenience by styling visited links differently, has inadvertently created a privacy vulnerability. Hackers have exploited this feature, using JavaScript and CSS techniques to deduce users’ online habits, revealing a concerning loophole in digital privacy. Browsers use the :visited CSS pseudo-class to style visited links differently from unvisited ones, […]
- Python Introduces New Standard Lock File Format for Enhanced Security April 2, 2025The Python Software Foundation (PSF) has officially announced the adoption of a new standardized lock file format, outlined in PEP 751. This development is a major milestone for the Python packaging ecosystem, aiming to make dependency management more secure, reproducible, and universally compatible across tools. The new file format, named pylock.toml, introduces a structured way to record […]
- Hackers Exploit Microsoft Teams Messages to Deliver Malware April 2, 2025Cybersecurity experts have uncovered a new malware campaign targeting Microsoft Teams users to infiltrate corporate systems. By exploiting the platform’s communication vulnerabilities and leveraging malicious PowerShell scripts, attackers bypassed traditional defenses, delivering malware capable of stealing credentials and establishing persistent backdoors. The attack demonstrates an alarming evolution in malware delivery tactics through trusted collaboration platforms. […]
- Hackers Exploiting Vulnerabilities in SonicWall, Zoho, F5 & Ivanti Systems April 2, 2025A surge in cyber activity targeting critical edge technologies and management tools, including SonicWall, Zoho, F5, Ivanti, and other systems, has been flagged by cybersecurity intelligence firm GreyNoise. The sudden spike in probing and exploitation attempts highlights an alarming trend: Hackers are increasingly targeting vulnerabilities in widely used systems, potentially exposing businesses to significant threats. […]
