GB Hacker
-
Top 7 REST API Security Strategies to Secure Your Endpoints
In today’s REST API-driven landscape, most APIs are REST-based and widely utilized by web applications. These APIs are like versatile tools for...
-
Hackers are Abusing Dropbox to Steal Microsoft SharePoint Credentials
A growing cyber threat involving Dropbox has emerged, and it’s raising concerns across the cybersecurity landscape. In the initial two weeks of...
-
Looney Tunables: Linux Vulnerability Lets Attackers Gain Root Privileges
A buffer overflow issue has been disclosed in the GNU C Library’s dynamic loader ld.so, which might allow local attackers to acquire root...
-
ShellTorch Flaw Exposes Thousands of AI Servers to RCE Attacks
ShellTorch Serve is an open-source model-serving library developed by PyTorch that simplifies the deployment of machine learning models for...
-
Hackers Steal User’s Database From European Telecommunications Standards Institute
The European Telecommunications Standards Institute (ETSI) has uncovered a data breach in which threat actors obtained a database holding a list...
-
Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code
A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to...
-
LightSpy APT Attacking WeChat Users to Steal Payment Data
LightSpy malware, responsible for a watering hole attack conducted against iOS users in Hong Kong, has been discovered to be embedded with Android...
-
Lazarus Tricking Employees with Trojanized Coding Challenges
Lazarus group has been recently discovered to have targeted an Aerospace company in Spain, which involved deploying several tools, including an...
-
Hackers Bypass Cloudflare Firewall and DDoS Protections using Cloudflare
Cloudflare, a prominent cybersecurity vendor renowned for its web protection services, faces a security challenge that could expose its customers...
-
Cisco IOS Software Zero-day Exploited in Attacks
Cisco has issued fixes to address a vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. A remote...
-
Progress Software Warns of Critical Vulnerability in WS_FTP Server
Multiple vulnerabilities have been discovered in Progress’s WS_FTP, which include .NET deserialization, directory traversal, reflected cross-site...
-
Hackers Inject Malicious Ads into GPT-4 Powered Bing Chat
In February 2023, Microsoft unveiled its revolutionary AI-assisted search engine, Bing Chat, driven by OpenAI’s cutting-edge GPT-4 technology....