India’s largest public sector bank, State Bank of India (SBI), has issued a fresh cybersecurity alert warning customers about an ongoing phishing campaign targeting users of its YONO digital banking platform. The alert highlights a surge in fraudulent messages falsely…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
BadHost Vulnerability Exposes Sensitive AI Agent Server Endpoints to Attackers
A critical vulnerability, “BadHost” (CVE-2026-48710), has been identified in the Starlette web framework, exposing thousands of AI-powered applications and API services to potential attacks. The flaw, discovered by X41 D-Sec during an OSTIF-sponsored security audit, allows attackers to manipulate how…
CISA Warns LiteSpeed cPanel Plugin Vulnerability Is Being Exploited in Attacks
CISA has issued an urgent warning after adding a critical vulnerability in the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-48172, introduces a severe privilege escalation risk…
BTMOB Malware Allows Cybercriminals to Remotely Hijack Android Phones
A newly observed Android malware strain, known as BTMOB, is raising concerns among cybersecurity researchers due to its powerful remote access capabilities and ease of deployment. Initially identified in early 2025, BTMOB has evolved into a full-featured remote access trojan…
GitHub Enterprise Server 3.20.3 Addresses Critical Security Flaws
GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and extract sensitive data. The update, published on May 26, 2026, also introduces an important security…
Windows Kernel Vulnerability Lets Attackers Modify Kernel Memory Counters
A critical Windows kernel vulnerability, CVE-2026-40369, allows any unprivileged process, including a browser renderer sandbox, to increment arbitrary kernel memory and reliably escalate to SYSTEM on Windows 11 24H2–25H2. The bug sits in ntoskrnl.exe inside ExpGetProcessInformation, reachable via a single NtQuerySystemInformation call with information class…
New Zero-Click WhatsApp Account Takeover Attack Targets iOS 16 Users
A newly uncovered zero-click attack targets iPhone users running iOS 16, allowing threat actors to hijack WhatsApp accounts without any user interaction, visible prompts, or warnings about linked devices. The campaign was first documented by Italian digital forensics firm Forenser,…
Hackers Exploit Shared CDN Edge IPs to Evade Protective DNS Filtering
Hackers are exploiting shared CDN edge infrastructure to bypass DNS-based security controls, according to new research from ADAMnetworks, which details a stealthy evasion technique dubbed “Underminr.” The core issue lies in how content delivery networks (CDNs) route traffic across shared…
Anthropic Launches Free Claude Code Terminal Plugin to Detect Security Vulnerabilities
Anthropic has launched a free Claude Code terminal plugin, “security-guidance,” that continuously reviews AI‑generated code in-session to detect and remediate security vulnerabilities before they ever reach a pull request or CI pipeline. Designed as a lightweight yet powerful layer within…
Microsoft Defender Gains Auto-Isolation Feature to Block Ransomware Spread
Microsoft Defender XDR has introduced automatic attack disruption capabilities that autonomously contain ransomware and sophisticated cyberattacks in real-time by isolating compromised assets. This advanced feature correlates millions of security signals to identify active threat campaigns with high confidence. It automatically…
Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks
Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow attackers to execute arbitrary code remotely, raising significant concerns for enterprise environments that depend on on-premises collaboration platforms. The flaw, tracked as CVE-2026-45659, was initially published on…
CERT-In Mandates 12-Hour Patch Deadline for Internet-Facing Vulnerabilities
India’s national cyber security agency CERT-In has issued a new blueprint that tells organizations to fix critical vulnerabilities in internet‑facing and “crown‑jewel” systems within 12 hours of discovery, as AI‑driven attackers slash exploitation timelines. The guidance marks one of India’s…
EU Regulators Prepare Landmark Fine Against Google Under Digital Markets Act
The European Union is preparing to issue a landmark penalty against Google under its Digital Markets Act (DMA), marking a significant escalation in regulatory enforcement against major technology platforms. According to multiple reports, EU regulators have formally accused Alphabet’s Google…
Quasar RAT Hits Developers With Fileless Linux Attacks
Quasar Linux (QLNX) is a new, stealthy Linux Remote Access Trojan that quietly turns developer and DevOps workstations into high‑value beachheads for software supply‑chain attacks, using fileless execution, an eBPF rootkit, PAM backdoors, and a P2P C2 mesh to evade…
Angular Language Service Extension Flaws Allow Remote Code Execution
Multiple high-severity vulnerabilities have been discovered in the Angular Language Service VS Code extension (Angular.ng-template), exposing developers to remote code execution (RCE) attacks through malicious project files and dependencies. The issues, tracked under GitHub advisory GHSA-ccq4-xmxr-8hcq, affect all versions before…
Memcached SASL Flaw Exposes Usernames to Enumeration Attacks
A newly identified vulnerability in Memcached has raised concerns among security professionals after researchers confirmed a timing side-channel flaw that allows attackers to enumerate valid usernames. Tracked as CVE-2026-47783, the issue affects Memcached versions before 1.6.42 and specifically impacts SASL…
China-Linked Hackers Hit SEA Edge Routers With Custom Linux Implant
China-linked hackers are conducting a stealthy infrastructure-centric espionage campaign across Southeast Asia by compromising Linux-based edge routers with a custom ELF implant and pairing it with a cracked Cobalt Strike Beacon on Windows systems for unified command-and-control over entire networks.…
NightSpire Ransomware Abuses RDP for Stealthy Persistence
NightSpire has quickly emerged as a significant ransomware threat since its discovery in early 2025, combining classic double-extortion tactics with stealthy intrusion techniques. The malware not only encrypts victim data but also exfiltrates sensitive files, threatening to publish them on…
Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware
Hackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to compromise websites and distribute ClickFix malware through large-scale page-poisoning attacks. The vulnerability allows attackers to extract sensitive database contents without authentication, including the Ghost Admin API…
ConnectWise Automate Flaw Allows Hackers to Evade Security Controls
ConnectWise has released a security update to address a high-severity vulnerability in its ConnectWise Automate remote monitoring and management (RMM) platform, a widely used tool for managed service providers (MSPs). The flaw, tracked as CVE-2026-9089, carries a CVSS score of…