The Hacker News
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures April 25, 2025North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
- New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework April 25, 2025Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this […]
- Why NHIs Are Security's Most Dangerous Blind Spot April 25, 2025When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs). At the top of mind when NHIs are mentioned, most […]
- Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers April 25, 2025Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below - CVE-2025-27610 (CVSS score: 7.5) - A path […]
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks April 25, 2025Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
- How to Develop a Strong Security Culture – Advice for CISOs and CSOs April 26, 2025Developing a strong security culture is one of the most critical responsibilities for today’s CISOs (Chief Information Security Officers) and CSOs (Chief Security Officers). As cyber threats become more sophisticated and pervasive, technical defenses alone are insufficient. A resilient security posture results from embedding security awareness, responsibility, and proactive behavior into every organizational layer. This […]
- DragonForce and Anubis Ransomware Gangs Launch New Affiliate Programs April 25, 2025Secureworks Counter Threat Unit (CTU) researchers have uncovered innovative strategies deployed by the DragonForce and Anubis ransomware operators in 2025. These groups are adapting to law enforcement pressures with novel affiliate models designed to maximize profits and expand their reach, showcasing the resilience and ingenuity of modern cybercriminals in underground forums. DragonForce Pioneers a Distributed […]
- “Power Parasites” Phishing Campaign Targets Energy Firms and Major Brands April 25, 2025Silent Push Threat Analysts have uncovered a widespread phishing and scam operation dubbed “Power Parasites,” targeting prominent energy companies and major global brands across multiple sectors in 2024. This campaign, active primarily in Asian countries such as Bangladesh, Nepal, and India, leverages a sophisticated network of deceptive websites, social media platforms, and Telegram channels to […]
- Threat Actors Register Over 26,000 Domains Imitating Brands to Deceive Users April 25, 2025Researchers from Unit 42 have uncovered a massive wave of SMS phishing, or “smishing,” activity targeting unsuspecting users. Since the FBI’s initial warning in April 2024, over 91,500 root domains associated with smishing have been identified and blocked. However, the momentum of this malicious activity has intensified in 2025, with a staggering peak of 26,328 […]
- Russian Hackers Attempt to Sabotage Digital Control Systems of Dutch Public Service April 25, 2025The Dutch Defense Ministry has revealed that critical infrastructure, democratic processes, and North Sea installations in the Netherlands have become focal points for Russian cyber operations. These attacks, identified as part of a coordinated strategy to destabilize social cohesion and compromise national security across Europe, underscore a growing digital threat landscape. A specific incident in […]
