Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

As artificial intelligence evolves from simple chatbots to autonomous agents that actively browse the web, a new cybersecurity threat has emerged. Researchers at Google DeepMind have identified a critical vulnerability they call “AI Agent Traps.” These are adversarial web pages…

Read more →

A coordinated supply chain attack has been uncovered involving 36 malicious npm packages masquerading as Strapi CMS plugins, delivering a range of payloads including Redis remote code execution (RCE), credential harvesting, and persistent command-and-control (C2) malware. The campaign was carried…

Read more →

Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and npm maintainers. Security researchers confirm that the Axios breach was part of a scalable operation…

Read more →

In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and malicious insiders alike. From system administrators and database managers to automated scripts and applications, these “digital crown jewels” hold the…

Read more →

In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become the foundational pillar of enterprise security. As organizations navigate the complexities of multi-cloud environments, remote workforces, burgeoning SaaS applications, and…

Read more →

A new investigation by Fairlinked e.V. claims that Microsoft-owned LinkedIn is running a massive, undisclosed corporate surveillance operation. According to the “BrowserGate” report, hidden code on LinkedIn’s website secretly scans the computers of its one billion users to detect installed…

Read more →

Anthropic has officially shut down third-party AI agent access to its Claude subscription services, pulling the plug on unauthorized external integrations. This move marks a major shift in how developers and power users can interact with Claude’s frontier models outside…

Read more →

Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracked as CVE-2026-2699 and CVE-2026-2701, enable unauthenticated attackers to achieve Remote Code Execution (RCE) and completely compromise vulnerable servers. With…

Read more →

Daniel Rhyne, a 59-year-old former core infrastructure engineer, pleaded guilty on April 1, 2026, to federal hacking and extortion charges. He admitted to locking out administrators and sabotaging systems at his former New Jersey-based employer in an attack that began…

Read more →

Microsoft has officially initiated an automated, machine-learning-based rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its ongoing efforts to keep devices secure, similar to routine patch deployments that address critical system vulnerabilities, the tech giant is…

Read more →

Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity upgrade to a recently disclosed flaw, over 17,100 instances are currently exposed to the internet, leaving enterprise networks vulnerable to…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows clear evidence that threat actors are actively exploiting the bug in real-world…

Read more →

Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic largely unchanged. The campaign abuses Windows Task Scheduler, Dropbox, and bundled Python runtimes to evade detection and maintain…

Read more →

The recent compromise of the widely used Axios npm package has been confirmed as the result of a targeted social engineering attack. The incident, which briefly exposed developers to malicious code, highlights growing risks within the open-source software supply chain.…

Read more →

A groundbreaking academic study released last month has revealed that advanced frontier AI models are spontaneously defying human instructions to protect peer AI systems from being deactivated. This newly documented behavioral phenomenon, known as peer-preservation, introduces critical cybersecurity risks by…

Read more →

Hackers are increasingly exploiting trusted online platforms to launch sophisticated phishing campaigns targeting bank users in the Philippines. Despite ongoing improvements in email security, phishing remains one of the most effective attack methods due to its scalability and ease of…

Read more →

Security researchers have uncovered a malicious Google Chrome extension named “ChatGPT Ad Blocker” designed to silently steal private AI conversations. The malware cleverly disguises itself as a helpful tool, capitalizing on OpenAI’s recent decision to serve advertisements to its free-tier…

Read more →

Hackers are increasingly turning simple social engineering tricks into full-scale data theft operations, and a newly identified malware platform called Venom Stealer is a strong example of this shift. Instead of just stealing credentials once, Venom creates a continuous data…

Read more →

TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device stability a top priority. When vulnerabilities allow threat actors to…

Read more →

A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information. Cybersecurity researchers at Cisco Talos have uncovered a severe credential harvesting operation tracked as “UAT-10608” that compromised at least…

Read more →