GBHackers On Security

In a recent discovery by the CYFIRMA research team, a sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting macOS users through a deceptive method known as Clickfix tactics. This campaign leverages typosquatted domains malicious websites mimicking legitimate ones like the macOS App Store, finance platforms, or cryptocurrency news portals to trick users into The post Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A comprehensive follow-up analysis to the FortiGuard Incident Response Team’s (FGIR) investigation titled “Intrusion into Middle East Critical National Infrastructure” has revealed a protracted cyberattack that targeted critical national infrastructure (CNI) in the Middle East. This is a startling revelation. The report, part of the 2025 Global Threat Landscape Report, exposes how threat actors exploited The post Threat Actors Leverage Windows Task Scheduler to Embed Malware and Maintain Persistence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign targeting over 70 organizations, predominantly in the US, has been uncovered by Varonis’ Managed Data Detection and Response (MDDR) Forensics team. This campaign, active since May 2025, exploits a lesser-known feature of Microsoft 365 called Direct Send, which allows devices and applications within a tenant to send emails without authentication. Designed The post Exploitation of Microsoft 365 Direct Send to Deliver Phishing Emails as Internal Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft Teams is set to introduce a new feature that will automatically detect and set users’ work locations when they connect to their organization’s Wi-Fi network, marking a significant step forward in streamlining the hybrid workplace experience. The feature, scheduled for general availability in early September 2025, will be available for both Windows and Mac The post Microsoft Teams to Auto-Detect Work Location Using Company Wi-Fi appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Leeds, UK, June 27th, 2025, CyberNewsWire – Leeds United FC, a globally recognized football club, and Reflectiz, a leading provider ofproactive web security, today announced an upcoming webinar titled “Beyond the Breach:How Leeds United Achieved Proactive Web Security After a Magecart Attack.” Thisessential webinar will delve into the critical topic of client-side security, offering invaluablelessons The post Leeds United And Reflectiz Partner To Share Insights On Proactive Web Security After Cyber Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Let’s Encrypt, the world-renowned free Certificate Authority (CA), is on the verge of a significant milestone: issuing SSL/TLS certificates for IP addresses, a long-awaited feature that promises to enhance security for a broader range of internet-connected devices and services. In a recent update, Let’s Encrypt staff member JamesLE announced that the organization is preparing to The post Let’s Encrypt Launches 6-Day Certificates for IP-Based SSL Encryption appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hawaiian Airlines is responding to a significant cybersecurity incident that has disrupted parts of its information technology infrastructure, the company confirmed Thursday. While the full extent and nature of the attack remain undisclosed, the airline emphasized that flight operations continue safely and on schedule, and that the safety and security of guests and employees remain The post Hawaiian Airlines Targeted in Cyberattack, Systems Compromised appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed critical vulnerability in Hunt Electronics’ hybrid DVRs has left thousands of surveillance systems dangerously exposed, with administrator credentials accessible in plaintext to anyone on the internet. Security researchers have assigned this flaw the identifier CVE-2025-6561, and it carries a maximum CVSS severity score of 9.8, underscoring the urgent need for immediate action The post Hunt Electronic DVR Vulnerability Leaves Admin Credentials Unprotected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A novel social engineering technique dubbed “ClickFix” has surged by an alarming 517% between the second half of 2024 and the first half of 2025, as reported by ESET telemetry data. This manipulative attack vector, now the second most prevalent after phishing, exploits user trust in familiar online verification processes like reCAPTCHA challenges. ClickFix deceives The post ClickFix Attacks Soar by 500%: Hackers Intensify Use of This Manipulative Technique to Deceive Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cyber threat group APT-C-36, widely known as Blind Eagle, has been orchestrating sophisticated cyberattacks targeting a range of sectors across Latin America, with a pronounced focus on Colombian organizations. This group has consistently zeroed in on government institutions, financial organizations, and critical infrastructure, exploiting vulnerabilities with a blend of technical prowess and social engineering. The post APT-C-36 Hackers Launching Cyberattacks on Government Entities, Financial Sectors, and Critical Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.