A high-severity vulnerability in the Laravel framework could allow attackers to manipulate outbound email processing, potentially leading to unauthorized message delivery, data exposure, or the abuse of mail relays. The issue, tracked as CVE-2026-48019, stems from improper neutralization of CRLF…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
50+ Malicious Chrome Extensions Hit 30K Users
50+ malicious Chrome extensions posing as “live wallpaper” utilities have been caught running an adware operation that hijacks browser behavior and quietly pushes remote HTML content to around 30,000 users. These extensions were distributed through at least three publisher accounts…
1-Click GitHub Vulnerability Enables OAuth Token Theft
A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, giving them read and write access to private repositories. The flaw exploits how Visual Studio Code (VSCode) webviews handle…
Hackers Spread WeedHack Malware via YouTube and SEO Poisoning
Hackers are increasingly abusing trusted platforms like YouTube and search engines to distribute malware, and a newly uncovered campaign targeting Minecraft players highlights how effective this tactic has become. Minecraft, originally released in 2011 by Mojang Studios, remains the best-selling…
Red Hat Confirms Supply Chain Breach Impacting @redhat-cloud-services npm Packages
Red Hat has confirmed a supply chain security breach impacting multiple npm packages under the @redhat-cloud-services namespace, as detailed in security bulletin RHSB-2026-006 released on June 2, 2026. The incident was publicly disclosed a day earlier and stems from a…
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, is targeting high-value organizations in the financial and cryptocurrency sectors. The operation focuses on venture capital firms, Web3…
Project Glasswing Grows as Anthropic Extends Claude Mythos Preview Program
Anthropic has expanded its Project Glasswing initiative, significantly scaling access to its Claude Mythos Preview model as part of a broader effort to strengthen global software security. The program, first launched in April 2026 with around 50 organizations, has now…
Microsoft MSRC Allegedly Declines Action on Dependency Confusion Vulnerability
Microsoft is facing scrutiny after reportedly declining to treat a critical dependency confusion vulnerability affecting Azure Portal assets as a security issue, despite a proof-of-concept exploit demonstrating remote code execution (RCE). Security researcher Wahid Fayad identified the issue while analyzing…
Stolen Gemini API Keys Fuel Automated Telegram Influence Campaign
A long-running Telegram influence and fraud campaign where a solo threat actor leveraged stolen Google Gemini API keys and jailbroken AI to automate content generation, credential theft, and infrastructure operations at scale. Tracked as “bandcampro,” the Russian-speaking operator maintained a…
Claude Code GitHub Actions Flaw Exposes Repositories to Full Compromise
A critical supply chain vulnerability in Anthropic’s Claude Code GitHub Actions workflow has been disclosed, exposing thousands of repositories to potential full compromise through a single malicious GitHub issue. Security researcher Ryota K from GMO Flat Security identified multiple flaws…
Mustang Panda Uses LNK, PowerShell Chain to Deploy PlugX RAT
Mustang Panda is using a fake “Browser Updater” and a multi‑stage LNK–PowerShell loader to sideload PlugX through a legitimate G DATA antivirus binary, ultimately beaconing over HTTPS to a hard‑coded C2 while hiding configuration and strings behind layered encryption and…
Foreign Spyware Found on Phones of Top Russian Officials
Russian authorities have disclosed a suspected large-scale cyber espionage operation targeting the mobile devices of senior government officials, raising fresh concerns over advanced spyware campaigns and mobile surveillance threats. The Federal Security Service (FSB) announced on Tuesday that it had…
Critical KMW CCTV Flaw Allows Unauthorised Access to Surveillance Feeds
A critical security vulnerability in KMW CCTV security cameras could allow attackers to gain full, unauthorised access to live surveillance feeds and device settings, raising serious concerns for organisations that rely on these systems in sensitive environments. The issue, tracked…
CISA Warns of Active Exploitation of Palo Alto Networks PAN-OS Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning that threat actors are actively exploiting a critical vulnerability in Palo Alto Networks PAN-OS, tracked as CVE-2026-0257. The flaw, categorized as an authentication bypass issue, allows…
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Hackers are actively abusing open-source ecosystems to steal sensitive developer data through a large-scale supply chain attack dubbed “TrapDoor,”. The campaign spans npm, PyPI, and Crates.io, leveraging 34 malicious packages and 384 versions to target developers working in cryptocurrency, DeFi,…
Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
Google has disclosed a critical Android zero-day vulnerability that is reportedly being actively exploited in targeted attacks, raising serious concerns about the risk of large-scale device compromise. The issue, tracked as CVE-2025-48595, was highlighted in the Android Security Bulletin for…
CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle WebLogic Server vulnerability, tracked as CVE-2024-21182, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively exploited in the wild. The alert, published on…
Critical StrongDM Flaw Exposes Users to Authentication Token Theft and Reuse
A critical security vulnerability tracked as CVE-2026-4387 has been disclosed in StrongDM, allowing attackers to steal and reuse authentication tokens to gain unauthorized access to infrastructure. The issue, discovered by SpecterOps researcher Hope Walker, affects StrongDM desktop and CLI environments…
Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
Hackers are actively deploying a sophisticated malware framework dubbed AZUREVEIL, an Adaptix-based command-and-control (C2) agent, through a targeted spearphishing campaign aimed at government and enterprise sectors in the Czech Republic and Taiwan. The attack begins with a malicious ZIP archive delivered…
SolyxImmortal Malware Steals Passwords, Cookies, Files, and Keystrokes
A newly analyzed Python-based information stealer named SolyxImmortal is actively targeting sensitive user data, including browser credentials, cookies, documents, screenshots, and keystrokes. The malware uses common Python libraries and multi-threading techniques to run multiple surveillance and data theft operations simultaneously,…