Author: Declan Murphy

Tor Challenge has launched Tor Browser 14.5.2, a major replace addressing safety vulnerabilities, refining cross-platform performance, and enhancing construct system reliability. This launch integrates crucial Firefox safety patches, resolves longstanding privacy-related bugs, and implements infrastructural enhancements to streamline future growth. Tor Browser 14.5.2 prioritizes safety by rebasing its underlying engine on Firefox 128.10.1esr, Mozilla’s Prolonged […] The publish Tor Browser 14.5.2 Launched: Bug Fixes and Enhanced Options appeared first on GBHackers Safety | #1 Globally Trusted Cyber Safety Information Platform.

Safety researchers showcased 28 zero-day vulnerabilities in the course of the Pwn2Own contest held in the course of the OffensiveCon convention in Berlin that ended on Saturday. The issues allowed moral hackers to compromise software program merchandise used throughout most enterprises together with Microsoft Home windows 11, Crimson Hat Linux for Workstations, Mozilla Firefox, VMware ESXi, VMware Workstation, Oracle VirtualBox, Microsoft SharePoint, Docker, Redis, Chroma, NVIDIA Triton Inference Server and NVIDIA Container Toolkit. The Pwn2Own contest has been working yearly at safety conferences for the previous 18 years. It’s organized by Pattern Micro’s Zero Day Initiative (ZDI), a bug bounty…

On the 4th of Might 2025, TeleMessage, an Israeli firm offering modified variations of encrypted messaging apps like Sign, suffered a significant knowledge breach. The breach uncovered archived messages, contact data of presidency officers, and backend login credentials. The hacker, whose identification remains to be unknown, exploited a vulnerability within the firm’s system, accessing a publicly uncovered Java heap dump file that contained delicate data. This incident raised severe considerations in regards to the safety of communications on the highest ranges of the USA authorities, particularly since former Nationwide Safety Advisor Mike Waltz was seen utilizing TeleMessage’s TM SGNL app…

A number of ransomware actors are utilizing a malware known as Skitnet as a part of their post-exploitation efforts to steal delicate information and set up distant management over compromised hosts. “Skitnet has been offered on underground boards like RAMP since April 2024,” Swiss cybersecurity firm PRODAFT informed The Hacker Information. “Nevertheless, since early 2025, we have now noticed a number of ransomware operators utilizing it

A newly recognized phishing marketing campaign is focusing on unsuspecting customers by masquerading as pressing Zoom assembly invites from colleagues. This misleading tactic leverages the familiarity and belief related to office communications to lure victims right into a lure designed to steal their login credentials. Cybersecurity researchers have flagged this assault for its reasonable strategy, which features a pretend assembly web page full with a video of supposed “individuals” to create a false sense of legitimacy. – Commercial – The urgency implied within the electronic mail topic traces and content material pressures recipients into clicking malicious hyperlinks and not using…

This wasn’t a simple feat as Home windows has checks to make sure the antivirus is actual, involving registry names and signed binaries. The researcher used instruments like dnSpy, Course of Monitor, and handbook inspection to see how reputable antivirus instruments behaved when registering with WSC. “From my final 12 months’s courtesy, I knew that WSC was by some means validating the method that calls these APIs, my guess was that they’re validating the signatures, which was certainly an accurate guess,” es3n1n added. es3n1n’s earlier mission, no-defender, was faraway from GitHub following a DMCA takedown request by the software program…

A misconfigured database at enterprise IT supplier Serviceaide has uncovered delicate well being and private data belonging to roughly 500,000 (483,126) sufferers linked to Catholic Well being, a non-profit healthcare system primarily based in New York. Serviceaide confirmed the info leak in a discover posted on its web site, stating the incident originated from an Elasticsearch database that was inadvertently made publicly accessible. The publicity occurred between September 19 and November 5, 2024. The leak was found on November 15, 2024, and a full assessment was solely not too long ago accomplished. Though there’s no confirmed proof that the info…

The official website for RVTools has been hacked to serve a compromised installer for the favored VMware setting reporting utility. “Robware.internet and RVTools.com are at present offline. We’re working expeditiously to revive service and admire your persistence,” the corporate stated in a press release posted on its web site. “Robware.internet and RVTools.com are the one licensed and supported web sites for

Cybersecurity researchers have unearthed a complicated assault leveraging AutoIT, a long-standing scripting language identified for its deep integration with Home windows working methods. Usually in comparison with .NET for its persistence in malicious campaigns, AutoIT’s simplicity and talent to work together with Home windows elements make it a popular device amongst cybercriminals. This weekend, a very intricate malware supply mechanism was recognized, that includes a double-layered AutoIT script designed to deploy a doubtlessly devastating payload.- Commercial – Multi-Layered AutoIT Malware Marketing campaign The assault begins with an executable named “1. Challenge & Revenue.exe” (SHA256: b5fbae9376db12a3fcbc99e83ccad97c87fb9e23370152d1452768a3676f5aeb), a compiled AutoIT script that…

Durch falsch konfigurierte Speicher-Buckets bei mehreren großen Cloud-Anbietern sind 200 Milliarden Dateien öffentlich einsehbar.pixadot.studio – shutterstock.com Forscher der Cybersicherheitsfirma Cyble warnen vor einem massiven Datenleck in Cloud-Speichern. Bei einer Schwachstellenanalyse identifizierten sie insgesamt mehr als 660.000 ungeschützte Buckets, die auf sieben große Cloud-Plattformen verteilt sind. Darunter sollen sich mehr als 200 Milliarden gefährdete Dateien befinden. Smart Informationen offengelegt Besonders brisant: Nach Angaben der Analysten umfassen die Dateien auch vertrauliche Dokumente, Zugangsdaten, Quellcode und interne Backups. Bei der Suche nach Quellcode in der Programmiersprache Go fand Cyble 5,6 Millionen Treffer. Die Analyse nach Umgebungsvariablen mit Anmeldeinformationen („env credentials“) ergab rund 110.000…