APT36 Hackers Attacking Indian Government Entities to Steal Login Credentials

Threat Score:
50
Cybersecurity News
4 days ago

Overview

A sophisticated phishing campaign attributed to the Pakistan-linked APT36 group has emerged as a serious threat to Indian government infrastructure. First detected in early August 2025, this operation leverages typo-squatted domains designed to mimic official government login portals. When unsuspecting users enter their email IDs and passwords, they are redirected to counterfeit pages that replicate […]...

Related Articles

5 articles
2
Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data

Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data

GB Hackers 3 hours ago

Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data Microsoft security researchers have uncovered four critical vulnerabilities inWindows BitLockerthat could allow attackers with physical access to bypass the encryption system and extract sensitive data. The findings, revealed in research dubbed “BitUnlocker,” demonstrate sophisticated attack methods targeting the Windows Recovery Environment (WinRE) to circumvent Microsoft’s flagship data protection technology

Score
82
Read more
3

CastleBot MaaS Released Diverse Payloads in Coordinated Mass Ransomware Attacks

GB Hackers 6 hours ago

CastleBot MaaS Released Diverse Payloads in Coordinated Mass Ransomware Attacks IBM X-Force has uncovered CastleBot, a nascent malware framework operating as a Malware-as-a-Service (MaaS) platform, enabling cybercriminals to deploy a spectrum of payloads ranging from infostealers to sophisticated backdoors implicated in ransomware operations. First detected in early 2025 with heightened activity since May, CastleBot facilitates the delivery of threats likeNetSupportand WarmCookie, which have his

Score
79
Read more
4

Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability

GB Hackers 4 hours ago

Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability The cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on the public internet, vulnerable to a critical security flaw designatedCVE-2025-53786. This high-severity vulnerability, which carries a CVSS score of 8.0 out of 10, enables attackers with administrative access to on-premises Exchange servers to escalate privileges wi

Score
78
Read more
5

Critical Linux Kernel Vulnerability Allows Attackers Gain Full Kernel-Level Control From Chrome Sandbox

GB Hackers 4 hours ago

Critical Linux Kernel Vulnerability Allows Attackers Gain Full Kernel-Level Control From Chrome Sandbox August 9, 2025: A severe security vulnerability in the Linux kernel, dubbed CVE-2025-38236, has been uncovered by Google Project Zero researcher Jann Horn, exposing a pathway for attackers ranging from native code execution within the Chrome renderer sandbox to full kernel-level control on Linux systems. The flaw, tied to the obscure MSG_OOB feature in UNIX domain sockets, affects Linux kernel

Score
78
Read more