Security researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with a sophisticated credit card skimmer. To evade security scanners and steal shopper payment data seamlessly, attackers concealed the malicious payload…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google Drive login page…
STX RAT Hides Remote Desktop, Steals Data to Dodge Detection
A stealthy new remote access trojan, dubbed STX RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced evasion and encryption techniques to stay under the radar of security tools. The operators rely on opportunistic initial access, including…
Technical Details Released for Critical Cisco SSM Command Execution Vulnerability
Security researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tracked as CVE-2026-20160, this flaw carries a near-maximum CVSS score of 9.8. It allows remote, unauthenticated attackers to execute commands…
ClickFix Campaign Abuses macOS Script Editor to Deploy Atomic Stealer
A refreshed ClickFix campaign that swaps macOS Terminal for Script Editor to deliver an Atomic Stealer payload to unsuspecting Mac users quietly. By abusing the applescript:// URL scheme, attackers sidestep Apple’s new paste-protection in Terminal on macOS Tahoe 26.4 while preserving the same underlying…
Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks
Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain controllers and web servers. By leveraging the new Microsoft Security Exposure Management tool, the system now uses context-aware intelligence to…
Fake Security Tool Spreads LucidRook in Taiwan Cyberattacks
Hackers are using fake security tools and cleverly crafted phishing emails to secretly deploy a new malware family, LucidRook, against organizations in Taiwan. The campaign, tracked as UAT-10362, focuses on Taiwanese NGOs and likely universities and shows a high level of…
China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft
A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes of highly classified information from the National Supercomputing Center (NSCC) in Tianjin. The stolen dataset reportedly includes sensitive defense documents,…
CISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added the vulnerability, identified as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after…
Linux Foundation Leader Impersonated in Slack Attack on Open Source Developers
A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren mailing list, a public threat intelligence platform designed to alert developers and security teams about active threats after initial disclosure.…
Critical Chrome Flaws Let Attackers Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version 147 to the stable channel for Windows, Mac, and Linux users on April 7, 2026. This major release patches flaws…
RoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past Defenses
A sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced evasion techniques such as DLL side-loading and code injection to bypass traditional security defenses. Active since at least 2022, DragonBreath…
Palo Alto Cortex XSOAR Flaw in Microsoft Teams Integration Lets Attackers Access Data
Palo Alto Networks has released a high-priority security update to address a serious vulnerability in its Cortex XSOAR and Cortex XSIAM platforms. Tracked as CVE-2026-0234, this security flaw exists within the Microsoft Teams integration. If successfully exploited, it allows an…
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
SonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the door for attackers to escalate their system privileges, guess user credentials, and bypass essential multi-factor authentication protocols. Administrators must…
Silver Fox Campaign Spreads ValleyRAT via Fake Chinese Telegram Language Pack
New analysis of a fake Telegram installer uploaded to MalwareBazaar shows Silver Fox expanding its ValleyRAT operations with a fresh delivery chain that hides behind a Chinese-language pack-decoy and an uncommon ZPAQ-based packer. The MSI is a WiX-built installer (IssueAccentRequest,…
GitLab Addresses Multiple Vulnerabilities Linked to DoS and Code Injection
GitLab has rolled out a crucial security update to fix multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms. Organizations utilizing self-managed GitLab instances are strongly advised by GitLab security experts to apply these updates immediately to…
Microsoft Confirms Windows 11 Update Breaks Start Menu Search
Microsoft recently addressed a disruptive server-side flaw that completely disabled Start Menu search functionality for some Windows 11 23H2 users. The tech giant quickly acknowledged the incident and deployed an automatic fix behind the scenes. Because the repair happens directly…
Meta Business Alerts Abused for Phishing Campaigns
Hackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing trusted Meta infrastructure, attackers make their messages appear authentic while quietly funneling victims to credential‑stealing pages. Because Meta systems…
Anthropic Launches Claude Mythos Preview Focused on Zero-Day Vulnerability Discovery
Anthropic recently unveiled Claude Mythos Preview, a groundbreaking general-purpose language model demonstrating an unprecedented, emergent ability to autonomously discover and exploit zero-day vulnerabilities. In response to these powerful capabilities, the company introduced Project Glasswing, a coordinated defensive initiative aimed at…
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that turns stolen Microsoft 365 tokens and AI into an end‑to‑end factory for Business Email Compromise (BEC) at scale. By combining device-code phishing, custom tooling, and large language models, it enables low- to…