Carnival Corporation has disclosed a significant data breach impacting approximately 5.99 million individuals, raising serious concerns about data security within the global travel and hospitality sector. The incident, officially reported to the Maine Attorney General’s office, involved unauthorized access to…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Gogs 0-Day Flaw Enables Remote Code Execution on Servers
A new 0-day vulnerability in Gogs, a popular self-hosted Git service, allows authenticated users to run arbitrary commands on the server and potentially take full control of the system. The flaw was discovered by Rapid7 Labs and is rated Critical…
Malicious RVTools Installer Uses Sectigo Cert to Evade SmartScreen
A malicious fake RVTools installer is abusing a legitimately issued Sectigo code‑signing certificate to slip past Microsoft Defender SmartScreen and many endpoint controls, ultimately deploying a multi‑stage Python‑based RAT with deep AD reconnaissance and persistent C2 access. For VMware‑heavy environments,…
Hackers Pivot from marimo RCE to Internal Database Using LLM Agent
A newly observed intrusion demonstrates how attackers are replacing static playbooks with AI-driven agents that adapt in real time. The attack began on May 10, 2026, როდესაც threat actors exploited CVE-2026-39987, a remote code execution flaw in the marimo notebook…
Malicious Websites Exploit SSD Timing Signals to Monitor Visitor Activity
Malicious websites can now exploit subtle SSD timing signals in modern browsers to quietly track what users are doing on their devices, including which sites and apps they open, using a new side‑channel technique called FROST. Security researchers Hannesweissteiner have…
VaultJacking Attack Exposes Google Password Vaults via Single PIN
A newly disclosed phishing technique dubbed “VaultJacking” is raising serious concerns across the cybersecurity community after researchers demonstrated how a single captured Google Password Manager (GPM) PIN can expose an entire user credential vault. The attack shows that even passkeys…
AI-Generated npm Malware Leaks Hacker’s Private GitHub Token
A newly discovered malicious npm package is drawing attention across the cybersecurity community after inadvertently exposing its own operator’s private GitHub token. Identified by OX Security researchers, the package, named mouse5212-super-formatter, operates as an infostealer that silently exfiltrates sensitive files from…
Gitea Container Registry Vulnerability Could Lead to Private Image Exposure
A critical vulnerability, tracked as CVE-2026-27771, has been discovered in Gitea’s built-in container registry, allowing unauthenticated remote attackers to access private container images without credentials. This flaw poses a serious risk as it can expose sensitive application data, including source…
Top 10 Best Mobile Application Security Testing (MAST) Tools in 2026
As mobile usage continues to dominate the digital landscape, securing mobile applications has never been more critical. The year 2026 brings new challenges to the table: sophisticated AI-driven cyberattacks, complex vulnerabilities, and the rapid evolution of continuous integration workflows. For…
Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks
Notepad++ has released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could allow arbitrary code execution under specific conditions. The update, published on May 26, 2026, patches three vulnerabilities tracked as CVE-2026-48770, CVE-2026-48778, and CVE-2026-48800. These issues…
ClearFake Abuses BSC Testnet Contracts for Resilient C2 Operations
Threat actors behind the ClearFake campaign have adopted a novel and highly resilient command-and-control (C2) architecture by leveraging BNB Smart Chain (BSC) testnet smart contracts, creating an infrastructure that is effectively immune to traditional takedown efforts. Unlike conventional malware campaigns…
Roundcube Webmail Vulnerability Allows Hackers to Execute Malicious SQL Queries
Roundcube Webmail users are being urged to update their systems immediately after the disclosure of multiple security vulnerabilities, including a critical pre-authentication SQL injection flaw that allows attackers to execute malicious database queries without requiring login access. The vulnerabilities were…
Hackers Spread VIP Keylogger via Fake Business Emails
Hackers are actively deploying VIP Keylogger through phishing emails disguised as routine business documents, using multi‑layered loaders, steganography, and in‑memory execution to quietly steal credentials and other sensitive data from compromised systems. Recent VIP Keylogger campaigns rely heavily on social…
Microsoft Warns Against Public Release of Zero-Day Details Before Vendor Coordination
Microsoft has issued a strong warning to the cybersecurity community following a recent surge in publicly disclosed zero-day vulnerabilities without prior coordination. According to the Microsoft Security Response Center (MSRC), several vulnerabilities were disclosed without prior notification to Microsoft, leaving…
Motorola App Allegedly Hijacks Amazon App Activity to Insert Affiliate Referral Codes
Motorola is facing scrutiny after researchers and users discovered that its preinstalled Smart Feed app was silently hijacking launches of the Amazon Shopping app to inject affiliate referral codes into user traffic. The behavior, now disabled after public backlash, raises…
Threat Actors Launch FIFA Website Spoofing Campaign to Steal User Details
Threat actors are actively launching spoofing campaigns targeting FIFA-themed websites ahead of the 2026 FIFA World Cup, according to a Public Service Announcement (Alert I-052726-PSA) issued by the Federal Bureau of Investigation (FBI) on May 27, 2026. The campaign is…
Hackers Host JS Malware on GHOSTYNETWORKS and OMEGATECH
Hackers are abusing two bulletproof hosting providers, GHOSTYNETWORKS and OMEGATECH, to run a global JavaScript (JS) malware infrastructure that powers large‑scale malspam and business email compromise activity. In March 2026, multiple malspam waves delivered a JavaScript backdoor via ZIP or…
FortiClient Code Execution Flaw Exploited to Deploy EKZ Malware
Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑2026‑35616, allows unauthenticated attackers…
New PureLogs Variant Abuses MSBuild to Evade Detection
A new phishing-driven malware campaign distributing a stealthy PureLogs variant that leverages advanced evasion techniques, including process hollowing via MsBuild.exe. The campaign is designed to steal sensitive data from infected systems while avoiding traditional detection mechanisms through layered obfuscation and…
Silent Ransom Impersonates IT Support to Target Law Firms
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitive data and extort victims without deploying traditional ransomware. In its latest campaigns, SRG contacts…