GBHackers On Security

A new wave of cyberattacks is targeting WordPress websites through malicious SEO plugins that can lead to complete site takeover. Security analysts have uncovered sophisticated malware campaigns where attackers disguise their plugins to blend seamlessly with legitimate site components, making detection extremely challenging for administrators. One particularly insidious tactic involves naming the malicious plugin after The post Malicious SEO Plugins on WordPress Can Lead to Site Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed vulnerability, CVE-2025-46647, has been identified in the openid-connect plugin of Apache APISIX, a widely used open-source API gateway. This flaw, rated as important, could allow attackers to gain unauthorized access across different identity issuers under specific misconfigurations. The vulnerability was reported by JunXu Chen to the Apache APISIX development mailing list on July 2, The post Apache APISIX Vulnerability Enables Cross-Issuer Access Under Misconfigurations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Instagram has begun rotating its TLS certificates on a daily basis, with each certificate valid for just over a week. This approach, which goes far beyond current industry standards, was discovered during routine network debugging and has since been confirmed through systematic monitoring and analysis. Setup and Discovery The anomaly was first noticed when a The post Instagram Now Rotating TLS Certificates Daily with 1-Week Validity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s research reveals that Browser AI Agents are more likely tofall prey to cyberattacks than employees, making them the new weakest link that enterprisesecurity teams need to look out for. Browser AI Agents are software applications The post SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially motivated cybercriminal group since at least May 2022. Initially known for targeting telecommunications and tech firms with phishing and SIM-swapping campaigns, the group has significantly evolved, orchestrating full-spectrum, multi-stage intrusions across both cloud and on-premises The post Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability, tracked as CVE-2025-49826, has been discovered and addressed in the popular React-based web framework, Next.js. The flaw, present in versions >=15.1.0 and <15.1.8, allowed attackers to exploit a cache poisoning bug, potentially leading to a Denial of Service (DoS) condition for affected applications, as per a report by Vercel. CVE ID Affected Versions Severity The post Next.js Vulnerability Allows Attackers to Trigger DoS via Cache Poisoning appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles for malicious payloads. Originally designed to simplify software deployment on Windows, Inno Setup has become a favored tool among threat actors due to its trusted appearance and powerful Pascal scripting capabilities. This sophisticated abuse allows The post Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A security researcher has uncovered a significant vulnerability affecting Lenovo computers: a writable file within the Windows directory that can be exploited to bypass AppLocker restrictions. The file in question, C:\Windows\MFGSTAT.zip, is present on many Lenovo machines that ship with the manufacturer’s default Windows image. This issue, initially thought to affect only a handful of The post Writable File in Lenovo Path Lets Attackers Evade AppLocker Restrictions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have discovered novel ways to identify and take advantage of Microsoft Azure Arc in business settings, which is a major advancement in cybersecurity and may reveal weaknesses in this hybrid management system. Introduced in 2019, Azure Arc extends Azure’s native management capabilities to non-Azure resources, including on-premises servers and Kubernetes clusters, through the The post Researchers Discover New Method to Identify Azure Arc in Enterprise Environments and Maintain Persistence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed vulnerability, tracked as CVE-2025-34067, has been identified in HIKVISION’s widely deployed security management platform, applyCT (also known as HikCentral).  This critical flaw allows unauthenticated remote code execution (RCE), putting countless surveillance and security infrastructures at risk across government, commercial, and industrial sectors. Its advanced analytics and scalable architecture make it a popular choice The post Critical HIKVISION applyCT Flaw Allows Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.