The Hacker News
- Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices April 1, 2025Apple has been hit with a fine of €150 million ($162 million) by France's competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it's imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS […]
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp March 31, 2025The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. "The threat actor deploys payloads primarily […]
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images March 31, 2025Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. mu-plugins, short for must-use plugins, refers to plugins in a special directory ("wp-content/mu-plugins") that are automatically executed by WordPress without the need to enable them explicitly […]
- ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More March 31, 2025Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches […]
- 5 Impactful AWS Vulnerabilities You're Responsible For March 31, 2025If you're using AWS, it's easy to assume your cloud security is handled - but that's a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains the customer’s responsibility. Think of AWS security like protecting a building: AWS provides strong walls and a solid roof, but it's up to the […]
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
- Check Point Confirms Data Breach, Says Leaked Information is ‘Old’ April 1, 2025Cybersecurity giant Check Point has confirmed that a recent post on a notorious dark web forum, BreachForums, attempting to sell allegedly hacked data from the company, relates to an “old, known, and pinpointed event.” The incident, according to Check Point, occurred in December 2024 and was thoroughly addressed at the time, with no ongoing security […]
- CrushFTP Security Vulnerability Under Attack After PoC Release April 1, 2025A recently disclosed security vulnerability in CrushFTP, identified as CVE-2025-2825, has become the target of active exploitation attempts following the release of publicly available proof-of-concept (PoC) exploit code. Shadowserver Foundation, a reputable cybersecurity monitoring organization, disclosed the alarming surge in attacks based on the PoC via their official announcement on X. According to their analysis, […]
- CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks April 1, 2025The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning organizations about a critical vulnerability in Cisco’s Smart Licensing Utility (SLU) software that has reportedly been exploited in cyberattacks. The vulnerability, assigned CVE-2024-20439, stems from a static credential issue that could leave affected systems open to remote exploitation with potentially devastating consequences. […]
- Hackers Deploy 24,000 IPs to Breach Palo Alto Networks GlobalProtect April 1, 2025A wave of malicious activity targeting Palo Alto Networks PAN-OS GlobalProtect portals has been observed, with nearly 24,000 unique IPs attempting unauthorized access over the past 30 days. This coordinated effort, flagged by cybersecurity firm GreyNoise, highlights the growing sophistication of attackers probing network defenses as a precursor to potential exploitation. GreyNoise detected the surge […]
- Linux Lite 7.4 Final Released: Enhanced GUI and Bug Fixes April 1, 2025Linux Lite, a popular lightweight Linux distribution aimed at making Linux accessible to beginners, has officially released its Linux Lite 7.4 Final version. This release comes with several incremental updates that improve functionality, address bugs, and refine the user interface, ensuring a smoother experience for users. Although Linux Lite 7.4 is categorized as a minor release, it […]