-
Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to tackle a common practice called review bombing, where online users intentionally post negative user reviews in an
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon has disclosed a significant security vulnerability in its WorkSpaces client for Linux that could allow unauthorized users to extract valid authentication tokens and gain unauthorized access to other users’ WorkSpaces.
The vulnerability, tracked as CVE-2025-12779, affects multiple client versions and poses a direct threat to organizations relying on Amazon’s desktop-as-a-service platform for remote work infrastructure.
The improper handling of authentication tokens in the Amazon WorkSpaces client for Linux versions 2023.0 through 2024.8 creates a window of opportunity for attackers with local machine access.
Improper Token Handling Creates Security Risk
Under specific conditions, an unintended user on the same client machine can extract valid DCV-based Workspace authentication tokens.
This vulnerability bypasses the authentication layer that separates individual Workspace sessions, potentially exposing sensitive business data and confidential user information to lateral movement attacks.
The token extraction vulnerability represents a critical oversight in credential protection mechanisms.
While WorkSpaces employs multiple security layers for cloud access, the client-side token handling failed to maintain proper isolation between local users.
This means that any user with command-line access or system-level permissions on a shared client machine could retrieve the authentication credentials of other users running on the same hardware.
The vulnerability targets explicitly organizations utilizing DCV-based WorkSpaces with the affected Linux client versions.
Attribute Details CVE ID CVE-2025-12779 Component Amazon WorkSpaces Client for Linux Vulnerability Type Improper Authentication Token Handling Affected Versions 2023.0 through 2024.8 This encompasses enterprises that have deployed WorkSpaces across Linux-based infrastructure or hybrid environments where Linux clients are primary access points.
The exposure window covers approximately two years of client releases, affecting a substantial user base that may not have actively updated their installations.
Scope and Impact Assessment
Amazon has proactively engaged with customers affected by this vulnerability, notifying them of the end-of-support timeline for impacted versions.
This communication strategy demonstrates AWS’s commitment to addressing the security gap. However, organizations with legacy client deployments may face challenges in rapid remediation across their user base.
Amazon resolved CVE-2025-12779 in the Amazon WorkSpaces client for Linux version 2025.0 and later releases. Organizations running any version between 2023.0 and 2024.8 should prioritize upgrading immediately.
The updated client is available through the Amazon WorkSpaces Client Download page, where IT teams can retrieve the latest version for enterprise deployment.
Security teams should conduct immediate inventory assessments to identify all Linux WorkSpaces clients currently deployed in their environment.
Organizations with multiple client installations across distributed teams should develop a phased upgrade strategy to minimize disruption while ensuring timely remediation.
This vulnerability underscores the importance of keeping software up to date and establishing regular patch management cycles for remote access infrastructure.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Amazon WorkSpaces For Linux Vulnerability Let Attackers Extract Valid Authentication Token appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OPNsense project has released version 25.7.7, delivering critical security improvements and performance enhancements to strengthen enterprise firewall deployments. This update represents a significant step forward in addressing infrastructure vulnerabilities while introducing user-requested operational enhancements that directly benefit network administrators managing complex security environments. Security Vulnerabilities Eliminated The most notable advancement in this release is […]
The post OPNsense Firewall Update Addresses Multiple Security Issues and Enhances Features appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits compromised hotel booking accounts to defraud travellers worldwide. The campaign, which has been active since at least April 2025, leverages stolen credentials from hotel administrators to impersonate legitimate Booking.com communications and direct unsuspecting customers toward fraudulent billing pages. Security analysts from Sekoia.io, in partnership with […]
The post New Phishing Campaign Targets Travelers via Compromised Hotel Booking.com Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OPNsense has released an update focused on eliminating security vulnerabilities and improving firewall performance.
The latest version includes third-party security updates, firewall improvements, and fixes that make the system more reliable for network administrators and security professionals.
The development team has made eliminating unsafe shell usage a primary focus. This is important because shell execution has historically been the source of multiple security problems in the project.
These changes strengthen the firewall’s overall security posture. By removing unsafe shell commands from the backend, OPNsense reduces the risk of attackers exploiting these vulnerabilities.
Addressing Security Concerns Through Code Improvements
A security researcher at Pellera Technologies, working with the Trend Zero Day Initiative, reported an issue that helped guide these improvements.
The update also includes securing execution commands in recovery scripts and implementing safer file handling through the file_safe() function across various system components.
Based on user feedback from the previous 25.7.6 release, the team has significantly improved the firewall live log feature.
These improvements include faster data rendering, optimized view buffering, and fixed data ordering issues.
The system now prevents unnecessary repeated host lookups, speeding up the display of logged network traffic for administrators monitoring it in real time.
Additional performance enhancements include improved grid responsiveness in the user interface and better keyboard shortcuts for advanced settings and help sections.
The OPNsense team continues prioritizing security and stability for network protection. The release includes updated versions of essential security tools.
Suricata has been upgraded to version 8.0.2 for improved intrusion detection capabilities, while Unbound reaches version 1.24.1 for enhanced DNS security.
PHP, SQLite, and StrongSwan have also received security updates to maintain system integrity.
The team is working on several exciting features coming to version 25.7.x, including a neighbor watch daemon for network monitoring, a new NDP proxy plugin for IPv6 networks, and a community-created theme option.
A hotfix release was also issued to address a high-availability synchronization issue in specific edge cases, ensuring smoother deployments for users running multiple firewalls in failover configurations.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post FreeBSD-based OPNsense Firewall Released for Security Issues and Improvements appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese cyber-espionage groups have once again demonstrated their determination and technical prowess in targeting U.S. organizations with ties to international policy-making, highlighting the persistent and evolving threat posed by state-linked cyber actors. Evidence indicates that the attackers sought to establish a stealthy, persistent presence within their target’s network. The initial breach was preceded by a […]
The post Influence of Chinese Hacker Organizations on U.S. Foreign Policy appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Hybrid Analysis have uncovered a sophisticated two-stage malware campaign targeting cryptocurrency wallet users and browser data. The newly identified malware duo, dubbed LeakyInjector and LeakyStealer, represents a significant threat to digital asset security through its advanced evasion techniques and comprehensive data theft capabilities. Advanced Injection Techniques Evade Detection LeakyInjector serves as the […]
The post Attackers Deploy LeakyInjector and LeakyStealer to Hijack Crypto Wallets and Browser Info appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the extension “susvsex,” said it does not attempt to hide its malicious functionality. The extension was uploaded on
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The institution suspected a network compromise after discovering spam emails originating from one of their corporate email addresses. What began as a routine investigation quickly escalated into the discovery of a sophisticated targeted attack orchestrated by […]
The post Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russia-aligned threat actor Sandworm has intensified its destructive cyber operations against Ukrainian organizations, deploying data wiper malware to cripple critical infrastructure and weaken the nation’s economy. Unlike other Russia-aligned advanced persistent threat groups that primarily engage in cyberespionage activities, Sandworm’s operations are characterized by their explicitly destructive intent. According to the latest ESET APT Activity […]
The post Sandworm Hackers Target Ukrainian Organizations With Data-Wiping Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
