Tracking an increased risk of wiper attacks related to the conflict with Iran, including multiple related incidents impacting organizations in Israel and the US. For the latest intelligence on cyberattacks. The campaign uses destructive “wiper” malware designed to erase systems…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
OpenSSH GSSAPI Flaw Can Be Exploited to Crash SSH Child Processes
A newly discovered vulnerability in the GSSAPI Key Exchange patch for OpenSSH is putting multiple Linux distributions at risk. Tracked as CVE-2026-3497, the flaw allows unauthenticated attackers to crash SSH child processes using a single crafted packet. This leads to…
Microsoft Copilot Email and Teams Summarization Flaw Opens Door to Phishing Attacks
Artificial intelligence assistants have transformed daily business operations, helping teams manage overflowing inboxes and summarize complex communications. Microsoft Copilot integrates directly into these workflows, pulling context from various Microsoft 365 applications to streamline tasks. However, this convenience introduces a new…
Fileless Remcos RAT Attack Uses JavaScript and PowerShell to Slip Past Detection
A recent Remcos RAT campaign showcases how commodity malware has fully embraced fileless, multi‑stage execution to bypass traditional defenses and remain stealthy on compromised Windows systems. Instead of dropping a static executable to disk, the operators rely on JavaScript, PowerShell,…
AI-Driven Phishing Attacks Bypass Email Filters, Land in Inboxes
AI-generated phishing is rapidly reshaping email risk, with more attacks slipping past filters and landing directly in users’ inboxes, even though AI-generated emails remain a minority of total phishing. The human element remains central: 68% of breaches involve people, and…
4,000+ Routers Compromised by KadNap Malware Exploiting Vulnerabilities
A newly uncovered malware campaign dubbed KadNap has silently conscripted more than 14,000 internet‑exposed routers and edge devices into a stealth proxy botnet, with Asus routers the primary victims. More than 60% of known victims are located in the United States, with…
Hackers Exploit Remote Management Tools to Gain Initial Access to Corporate Networks
Threat actors are increasingly exploiting legitimate Remote Monitoring and Management (RMM) tools to breach corporate networks and establish persistent access. This tactic allows attackers to bypass traditional security defenses by blending malicious activities with routine administrative tasks. The Surge of…
New ClickFix Attacks Target macOS Users with MacSync Infostealer
A new wave of ClickFix campaigns targeting macOS users and delivering the MacSync infostealer, signaling a growing shift in threat actor tactics against Apple devices. The attacks rely heavily on social engineering rather than software exploits, tricking users into manually…
Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials
A recent Microsoft 365 credential harvesting campaign shows how attackers are exploiting CloudFlare’s protective features to shield malicious phishing sites from security scanners and threat researchers. CloudFlare is widely used by organizations to improve website performance and protect against attacks…
Palo Alto Cortex XDR Broker Vulnerability Exposes Systems to Sensitive Information Theft and Modification
Palo Alto Networks has issued a security advisory regarding a newly discovered vulnerability in its Cortex XDR Broker Virtual Machine (VM). Tracked as CVE-2026-0231, this medium-severity flaw could allow a threat actor to access and modify sensitive system information. Because…
CastleRAT Attack Leverages Deno JavaScript Runtime to Bypass Enterprise Defenses
A sophisticated malware campaign that abuses the Deno JavaScript runtime to deliver CastleRAT, a powerful remote access trojan designed for espionage and data theft. The campaign demonstrates how attackers are increasingly combining social engineering, trusted development tools, and stealth techniques…
Ericsson US Hit by Cyber Attack, Hackers Steal Personal Data of Employees and Customers
Ericsson Inc., the United States subsidiary of the Swedish telecommunications giant, has confirmed a data breach affecting 15,661 of its employees and customers. The security incident did not breach Ericsson’s own networks but instead compromised a third-party service provider responsible…
Splunk RCE Vulnerability Exposes Systems to Arbitrary Shell Command Execution by Attackers
A high-severity Remote Command Execution (RCE) vulnerability has been discovered in Splunk Enterprise and Splunk Cloud Platform, exposing systems to severe security risks. Tracked officially as CVE-2026-20163 with a CVSS score of 8.0, this critical flaw allows malicious actors to…
Iran‑Linked Hackers Tap Criminal Ecosystem to Bolster State Cyber Ops
Iran-linked cyber actors are increasingly working with the broader cybercrime ecosystem, using criminal tools, infrastructure, and business models to support state-backed operations and hide their involvement. For years, Iranian intelligence services have relied on criminal intermediaries in the physical world…
Cisco IOS XR Vulnerability Exposes Systems to Root Command Execution by Attackers
Cisco has issued high-severity software updates to address two high-severity privilege escalation vulnerabilities in its IOS XR Software. Network administrators must take immediate action, as these security flaws could allow an authenticated, local attacker to execute arbitrary commands as the…
Stryker Faces Cyber Attack as Hackers Report System Breach and Device Destruction
On March 11, 2026, the global medical technology giant Stryker suffered a devastating cyberattack that brought its worldwide IT operations to a sudden halt. Iranian-linked threat actors breached the company’s network. They deployed highly destructive wiper malware designed to permanently…
Google Finalizes $32 Billion Deal to Acquire Wiz, Strengthening Cloud Security
Google Cloud has officially completed its acquisition of cloud security leader Wiz, marking a significant consolidation in the cybersecurity landscape. Operating under its retained brand within Google Cloud, Wiz will integrate its code-to-cloud security platform with Google’s existing enterprise security…
Meta Unveils New Anti-Scam Tools for WhatsApp, Facebook, and Messenger
Meta has rolled out a new wave of anti‑scam protections across WhatsApp, Facebook, and Messenger, combining AI‑driven detection, stricter advertiser controls, and public awareness campaigns to tackle fast‑evolving online fraud at scale. The new tools are designed to warn users…
Chrome Update Addresses 29 Vulnerabilities, Mitigating Remote Code Execution Threats
Google has officially rolled out a crucial update for its Chrome browser, promoting version 146 to the stable channel for Windows, Mac, and Linux users. Many of these flaws involve deep-seated memory corruption issues that, if left unpatched, could allow…
UNC6426 Hackers Exploit NPM Package to Gain AWS Admin Access in 72 Hours
UNC6426 hackers turned a routine NPM update into a direct path to full AWS administrator access in under 72 hours, highlighting how fragile CI/CD-to-cloud trust can become when roles are overly permissive. When a developer at the victim organization updated…