Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell surveillance malware as their own product. Buyers can subscribe to the service, customize branding, and launch…

Read more →

The developers of the Exim mail server have officially rolled out version 4.99.2 to address four newly discovered security vulnerabilities. This critical update patches multiple software flaws that could allow attackers to crash server connections, corrupt memory heaps, or potentially…

Read more →

Attackers are increasingly combining QR codes, fake CAPTCHA gates, and ClickFix-style tricks to steal credentials at scale, even as major phishing-as-a-service (PhaaS) platforms face disruption. These tactics shift risk from traditional malware attachments to highly convincing, hosted phishing flows that…

Read more →

A new DDoS botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like Counter‑Strike and Team Fortress 2. The campaign shows how a single misconfigured CI server can be…

Read more →

Ransomware attacks surged dramatically in 2025, with global victims reaching 7,831. The sharp rise highlights how cybercrime has evolved into a highly organized, AI-driven ecosystem in which attackers operate at speed, with automation and scale. This surge is largely fueled…

Read more →

The Wireshark Foundation has released version 4.6.5 of its widely used network protocol analyzer, addressing a massive wave of security vulnerabilities. This urgent update patches over 40 distinct security flaws, driven by a recent surge in AI-assisted vulnerability reports. The…

Read more →

The FBI issued a public service announcement warning the transportation and logistics sectors about a massive increase in cyber-enabled strategic cargo theft. Threat actors are increasingly using sophisticated tactics to impersonate legitimate businesses, hijack freight, and steal high-value shipments. The…

Read more →

Deep#Door is a stealthy Python-based Remote Access Trojan (RAT) that uses an obfuscated batch loader to deploy a persistent surveillance and credential-stealing implant on Windows systems. It aggressively turns off security controls, hides its traffic behind the bore.]pub tunneling service,…

Read more →

China-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian governments, critical infrastructure, and one NATO member state. The group primarily targets government entities and…

Read more →

A sophisticated software supply chain attack originating from the GitHub account BufferZoneCorp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated legitimate developer tools, which were…

Read more →

A newly uncovered cyber fraud campaign is abusing fake CAPTCHA pages to trick mobile users into sending large volumes of international SMS messages, resulting in unexpected phone bills and illicit profits for attackers. Unlike traditional malware campaigns, this operation does…

Read more →

The April 2026 security update for Windows 11, designated as KB5083769, is causing severe disruptions for users relying on third-party backup solutions. Deployed for Windows 11 versions 24H2 and 25H2, this patch introduces a critical flaw that breaks the Microsoft…

Read more →

Anthropic has officially launched the public beta of Claude Security, an advanced vulnerability detection and remediation tool now available to Claude Enterprise customers. Powered by the highly capable Claude Opus 4.7 model, this platform shifts application security testing from basic…

Read more →

OpenAI has released a comprehensive cyber defense roadmap titled “Cybersecurity in the Intelligence Age” to responsibly equip defenders with AI-powered security tools faster than malicious actors can adapt. Spearheaded by Sasha Baker in April 2026, the action plan outlines five…

Read more →

A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN Client feature. Carrying a CVSS v4.0 score of 9.4, this OS command injection vulnerability allows…

Read more →

A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them full administrative control over servers. The…

Read more →

A long-dormant backdoor has been uncovered in the “Quick Page/Post Redirect Plugin,” a popular WordPress add-on with over 70,000 active installations. The tampered plugin, specifically version 5.2.3, contained two distinct malicious features. First, it featured a passive content injection mechanism.…

Read more →

The Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and stored cross-site scripting (XSS) vulnerabilities that could allow threat actors to execute arbitrary code or hijack…

Read more →

Hackers are actively exploiting two severe authentication bypass vulnerabilities in Qinglong, a popular open-source task scheduling platform. These flaws allow attackers to execute arbitrary code and deploy resource-draining cryptomining malware on vulnerable servers. Qinglong is a self-hosted task management platform…

Read more →

Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP npm packages in a new campaign named Mini Shai Hulud. The operation relies on injecting…

Read more →