A major international law enforcement campaign has hit the DDoS-for-hire ecosystem, warning more than 75,000 suspected users and disrupting the infrastructure that helped power online attacks around the world. Backed by Europol, Operation PowerOFF brought together authorities from 21 countries…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Acknowledges Reboot Loop Issue on Windows Servers Following April Patches
Microsoft has confirmed a critical known issue affecting Windows Server 2025 domain controllers after deploying the April 2026 cumulative update KB5082063 (OS Build 26100.32690), released on April 14, 2026. Affected domain controllers are entering repeated restart loops, and a separate…
OpenAI Extends GPT-5.4-Cyber Access to Trusted Organizations Worldwide
OpenAI has announced the expansion of its “Trusted Access for Cyber” program, granting worldwide security organizations access to its advanced GPT-5.4-Cyber model. The initiative operates on a foundational premise: cutting-edge cyber capabilities must reach network defenders on a broad scale…
Fake Zoom SDK Update Spreads Sapphire Sleet Malware in New macOS Attack Chain
A sophisticated macOS-focused cyber campaign orchestrated by the North Korean threat actor Sapphire Sleet, revealing a shift toward social engineering over traditional software exploitation. Instead of relying on vulnerabilities, the attackers trick users into executing malicious files disguised as legitimate…
Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters
OX Security researchers have uncovered a critical, systemic vulnerability built directly into the architecture of Anthropic’s Model Context Protocol (MCP). As the industry standard for AI agent communication, this foundational flaw exposes systems to Arbitrary Command Execution (RCE). Attackers who…
PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution
A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with the highest level of…
Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face
Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high‑value infection points. The campaign combines pre-auth RCE, credential theft, lateral movement…
Hackers Deploy ATHR for Scalable AI-Driven Vishing and Credential Theft
Hackers are increasingly turning to telephone-oriented attack delivery (TOAD) to bypass traditional email security, and a new cybercrime platform called ATHR is accelerating this trend with AI-driven automation and integrated phishing capabilities. TOAD attacks rely on a simple but effective…
Payouts King Emerges: New Ransomware Operation Tied to Ex-BlackBasta Members
Payouts King is emerging as a technically sophisticated ransomware operation believed to be run by former BlackBasta affiliates, reusing their social‑engineering playbook while introducing hardened obfuscation and encryption routines. The group focuses on high‑value data theft and selective encryption, leveraging…
Anthropic Introduces Claude Opus 4.7 for Advanced Problem-Solving
Anthropic has officially launched Claude Opus 4.7, a major upgrade designed to tackle complex software engineering while introducing rigorous new cybersecurity safeguards. Released on April 16, 2026, this model brings enhanced problem-solving capabilities to developers and actively addresses the dual-use…
Google Deploys Gemini AI to Stop Threat Actors, Blocking 8.3 Billion Ads
Google has significantly escalated its fight against cybercriminals, deploying its advanced Gemini AI to neutralize malicious advertising campaigns. By leveraging generative AI, the tech giant intercepted more than 99% of these harmful advertisements before they ever reached end users. This…
ZionSiphon Malware Hits Israeli Desalination Plants
Hackers are experimenting with new malware designed to sabotage Israeli desalination and water treatment plants using a tool dubbed “ZionSiphon,”. However, the current sample appears to be a faulty or developmental build rather than a fully operational weapon. The code…
Censys Warns 6 Million Public-Facing FTP Servers Are Still Exposed in 2026
A new security brief from internet intelligence firm Censys reveals that the 55 year old File Transfer Protocol continues to run on nearly 6 million internet facing hosts. As of April 2026, the dominant story of FTP exposure is not…
EU Age Verification App Breached in Just 2 Minutes, Researchers Claim
A highly anticipated European Union Age Verification application has come under heavy scrutiny after a security researcher demonstrated how to bypass its core protections in less than two minutes. The application, recently praised by EU officials for its robust privacy…
Cargo Hackers Hit Trucking Firms to Steal Physical Shipments
Hackers are increasingly breaking into trucking and freight companies to quietly hijack real-world cargo shipments, turning digital access into physical theft at scale. Researchers say organized crime rings are teaming up with cybercriminals to exploit the systems carriers and freight…
UAC-0247 Hits Hospitals, Governments With Browser and WhatsApp Data Theft
A surge of targeted cyberattacks was detected against local governments and municipal healthcare institutions particularly clinical and ambulance hospitals. The campaign has been attributed to threat cluster UAC-0247, known for advanced data theft, persistence, and lateral movement methods. The attack chain…
Fake ProtonVPN, game mod sites spread NWHStealer in new Windows malware campaign
Multiple ongoing malware campaigns are distributing a powerful information-stealing trojan, tracked as NWHStealer, through fake VPN installers, gaming mods, and system tools. Unlike typical phishing campaigns, these attacks exploit users’ trust in popular software. Threat actors are disguising malicious payloads as…
Two U.S. Nationals Sentenced in $5 Million DPRK Remote Worker Laptop Farm Scheme
The U.S. Justice Department has sentenced two New Jersey residents, Kejia Wang and Zhenxing Wang, for enabling a massive fraudulent employment operation that generated over $5 million for the Democratic People’s Republic of Korea (DPRK). Kejia Wang received a 108-month…
Hackers Exploit n8n Webhooks to Spread Malware
A new abuse campaign targeting AI-driven workflow automation platforms particularly n8n that turns legitimate automation tools into powerful malware delivery systems. Between October 2025 and March 2026, security analysts observed a sharp surge in phishing emails that weaponized n8n-generated webhooks to deliver malicious…
New PoC Exploit Published for Microsoft Defender 0-Day Flaw
A security researcher operating under the alias “Chaotic Eclipse” has publicly released a proof-of-concept (PoC) exploit for a vulnerability in Microsoft Defender. Published on April 15, 2026, the exploit targets a flaw in CVE-2026-33825, a recently patched vulnerability. The uncoordinated…