Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks

Notepad++ has released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could allow arbitrary code execution under specific conditions. The update, published on May 26, 2026, patches three vulnerabilities tracked as CVE-2026-48770, CVE-2026-48778, and CVE-2026-48800. These issues…

ClearFake Abuses BSC Testnet Contracts for Resilient C2 Operations

Threat actors behind the ClearFake campaign have adopted a novel and highly resilient command-and-control (C2) architecture by leveraging BNB Smart Chain (BSC) testnet smart contracts, creating an infrastructure that is effectively immune to traditional takedown efforts. Unlike conventional malware campaigns…

Hackers Spread VIP Keylogger via Fake Business Emails

Hackers are actively deploying VIP Keylogger through phishing emails disguised as routine business documents, using multi‑layered loaders, steganography, and in‑memory execution to quietly steal credentials and other sensitive data from compromised systems. Recent VIP Keylogger campaigns rely heavily on social…

Hackers Host JS Malware on GHOSTYNETWORKS and OMEGATECH

Hackers are abusing two bulletproof hosting providers, GHOSTYNETWORKS and OMEGATECH, to run a global JavaScript (JS) malware infrastructure that powers large‑scale malspam and business email compromise activity. In March 2026, multiple malspam waves delivered a JavaScript backdoor via ZIP or…

FortiClient Code Execution Flaw Exploited to Deploy EKZ Malware

Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑2026‑35616, allows unauthenticated attackers…

New PureLogs Variant Abuses MSBuild to Evade Detection

A new phishing-driven malware campaign distributing a stealthy PureLogs variant that leverages advanced evasion techniques, including process hollowing via MsBuild.exe. The campaign is designed to steal sensitive data from infected systems while avoiding traditional detection mechanisms through layered obfuscation and…

Silent Ransom Impersonates IT Support to Target Law Firms

The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitive data and extort victims without deploying traditional ransomware. In its latest campaigns, SRG contacts…

SBI Warns Fake YONO Deactivation Message Scam

India’s largest public sector bank, State Bank of India (SBI), has issued a fresh cybersecurity alert warning customers about an ongoing phishing campaign targeting users of its YONO digital banking platform. The alert highlights a surge in fraudulent messages falsely…

GitHub Enterprise Server 3.20.3 Addresses Critical Security Flaws

GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and extract sensitive data. The update, published on May 26, 2026, also introduces an important security…

Windows Kernel Vulnerability Lets Attackers Modify Kernel Memory Counters

A critical Windows kernel vulnerability, CVE-2026-40369, allows any unprivileged process, including a browser renderer sandbox, to increment arbitrary kernel memory and reliably escalate to SYSTEM on Windows 11 24H2–25H2. The bug sits in ntoskrnl.exe inside ExpGetProcessInformation, reachable via a single NtQuerySystemInformation call with information class…