Google has released an urgent security update for its Chrome browser, addressing multiple vulnerabilities, including a zero-day flaw actively exploited in the wild. The update upgrades Chrome to version 149.0.7827.102/.103 on Windows and Mac, and to 149.0.7827.102 on Linux. The…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads
Android.MagicAd, a stealthy Android trojan family that circumvents operating-system safeguards to push intrusive ads from the background. The apps were short-lived in the catalogs appearing for weeks then removed yet any installed copies remained active on user devices, allowing attackers…
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks
Microsoft has introduced enhanced monitoring capabilities in Microsoft Defender for Endpoint to detect and disrupt cyberattacks that abuse the Remote Procedure Call (RPC) protocol, a core Windows communication mechanism that threat actors frequently exploit for lateral movement and credential access.…
New BitB Phishing Attack Targets Microsoft 365 Logins
A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass casual visual checks. The attack uses a draggable popup that mimics a real browser dialog.…
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers
A critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE-2026-42271 and chained to CVE-2026-48710, the issue allows attackers to bypass authentication controls and execute arbitrary system commands, posing a…
North Korea Hackers Weaponize GitHub to Target Developers
A sustained phishing campaign that leverages developer recruitment and code-review lures to deliver cross‑platform malware via attacker-controlled GitHub repositories. Tracked as UNK_DeadDrop and attributed with high confidence to a North Korea‑aligned actor, the operation targeted nearly 100 organizations across finance,…
Ghost-Sender Flaw Exposes Exchange Online Users to Sender Spoofing Attacks
A newly disclosed “Ghost-Sender” flaw is exposing Microsoft Exchange Online environments to large-scale email spoofing attacks, allowing threat actors to bypass standard email authentication controls and deliver forged messages directly to users’ inboxes. The issue, identified by security researchers Lucas…
Microsoft Entra Agent ID Logs Expose Suspicious Assistive Agent Activity
Microsoft Entra Agent ID logs have exposed a subtle but consequential threat vector: assistive agents using the OAuth On-Behalf-Of (OBO) flow to act with delegated user privileges and perform potentially risky actions, such as sending external emails. In the examined…
WhatsApp Blocks Pegasus Spyware Campaign Linked to NSO Group
WhatsApp has disrupted a new spyware campaign linked to the NSO Group, the controversial surveillance vendor behind Pegasus, while simultaneously seeking legal action against the company for allegedly violating a U.S. court injunction. The disclosure highlights NSO’s continued efforts to…
Top 10 Best Zero Trust Network Access (ZTNA) Solutions 2026
In 2026, the traditional network perimeter is obsolete. With the widespread adoption of remote and hybrid work models, multi-cloud environments, and a proliferation of IoT devices, the old “castle-and-moat” security model where everything inside the network is trusted by default…
Linux Kernel Flaw Allows Local Attackers to Gain Root Privileges
A newly disclosed Linux kernel vulnerability tracked as CVE-2026-23111 allows local attackers to escalate privileges to root by exploiting a use-after-free flaw in the nftables subsystem. The vulnerability, patched upstream on February 5, 2026, affects the netfilter framework, specifically nftables,…
Weedhack MaaS Targets Minecraft Players to Steal Credentials and Hijack Accounts
Weedhack, a Malware-as-a-Service (MaaS) operation specifically engineered to prey on Minecraft players, that has been active since at least January 2026. The service packages credential theft, cryptocurrency wallet extraction, account hijacking and full remote-access capabilities into a low-cost, subscription-based offering…
NFCShare Android Malware Spreads via Weaponized Banking Apps
A renewed and operationally refined wave of the NFCShare Android banking trojan that delivers NFC card-data theft by masquerading as legitimate banking applications. First documented in January 2026, NFCShare continues to rely on a social‑engineering phishing flow that coerces victims…
Top 10 Best Software Composition Analysis (SCA) Services 2026
In 2026, the foundation of nearly every modern application is built on open-source components. While this accelerates development and fosters innovation, it also introduces a significant attack surface. A single vulnerability in a widely-used open-source library can expose countless applications…
Hackers Exploit ChatGPT, Claude, DeepSeek Brands in Credential Phishing Attacks
Threat actors are increasingly weaponizing the global fascination with large language models and generative AI by impersonating major AI brands ChatGPT, Anthropic’s Claude, DeepSeek, and others to trick users into revealing credentials, payment information, and to install malware. These campaigns…
Shai-Hulud Malware Campaign Abuses 23 PyPI Packages in Developer-Focused Attack
A rapidly evolving supply chain campaign dubbed “Shai-Hulud” is targeting developers through malicious Python packages. Researchers have identified 23 newly weaponised PyPI artefacts, expanding the scope of the ongoing Mini Shai-Hulud, Miasma, and Hades malware operations. The latest findings highlight…
Check Point VPN Zero-Day Under Active Exploitation by Ransomware Operators
Check Point has disclosed active in-the-wild exploitation of a critical authentication bypass vulnerability, tracked as CVE-2026-50751, impacting Remote Access VPN and Mobile Access deployments configured with the deprecated IKEv1 key exchange protocol. The flaw, assigned a CVSS score of 9.3,…
Apache HTTP Server 2.4.68 Patches Multiple Security Vulnerabilities
Apache has released HTTP Server version 2.4.68, addressing multiple security vulnerabilities across core modules and widely deployed components, reinforcing the importance of timely patching in internet-facing infrastructure. The update resolves a mix of memory safety issues, privilege escalation flaws, denial-of-service…
Pink Hacking Group Targets Enterprises to Steal Cloud Passwords
A newly observed extortion brand called Pink (CL-CRI-1147) that is actively targeting enterprise users to harvest cloud storage credentials and bypass multi-factor authentication. The group’s leak site went live on May 31, 2026, and its operations combine social engineering with…
Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts
VMware has disclosed multiple high-severity stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation (VCF) Operations, potentially allowing attackers to inject malicious scripts and compromise administrative environments. The issues, tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, were published under advisory VMSA-2026-0004…