Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The 2025 spam and phishing landscape shows a sharp rise in AI-generated lures and QR code–based “quishing,” alongside complex malware campaigns abusing cracked games and software to deliver information stealers at scale. These trends highlight how social engineering and multi‑stage…

Read more →

A new wave of ClickFix attacks is targeting Windows users with fake Cloudflare-style CAPTCHA verification pages that trick victims into executing malicious PowerShell commands. This campaign delivers a multi-stage, fileless infection chain that ends with StealC, a powerful information stealer…

Read more →

Zimbra has officially released a critical security update, version 10.1.16, addressing multiple high-severity vulnerabilities that could compromise email infrastructure and user data. The company has classified this patch with a “High” security severity rating, urging administrators to prioritize the upgrade…

Read more →

Over 1,800 Windows IIS servers worldwide have been compromised in a large-scale search engine optimization (SEO) poisoning campaign driven by the BADIIS malware, a malicious IIS module used to hijack legitimate web traffic. The operation, tracked by Elastic Security Labs…

Read more →

BeyondTrust has urgently released security updates to address a critical remote code execution (RCE) vulnerability affecting its widely used Remote Support (RS) and Privileged Remote Access (PRA) products. Designated as CVE-2026-1731, this severe flaw carries a near-maximum CVSS v4 score…

Read more →

A new security investigation has uncovered 287 Chrome extensions that appear to secretly send users’ browsing data to remote servers, impacting an estimated 37.4 million installs. That is roughly 1%1% of the global Chrome user base, based on the researchers’ estimate. The researchers built…

Read more →

Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these…

Read more →

DragonForce is a ransomware group that has rapidly evolved into a cartel-style operation, extending its reach across the cybercrime ecosystem since late 2023. Operating under a Ransomware-as-a-Service (RaaS) model, the group now positions itself not just as a single gang,…

Read more →

A DShield honeypot sensor recently recorded a complete compromise sequence involving a self-replicating SSH worm that exploits weak passwords to spread across Linux systems. The incident highlights how poor SSH hygiene and the use of default credentials remain among the…

Read more →

A new hardware-based threat has emerged that disguises malicious code execution capabilities inside an ordinary computer mouse. Dubbed “EvilMouse,” this covert keystroke injector demonstrates how everyday peripherals can become powerful attack tools for just $44 in parts. EvilMouse operates similarly…

Read more →

Feiniu fnOS network-attached storage (NAS) devices have been pulled into a large Netdragon botnet after attackers exploited still-unpatched vulnerabilities, turning home and small‑business storage into infrastructure for DDoS attacks.​ The malware opens an HTTP backdoor on port 57132, letting attackers…

Read more →

The cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM and activity from the attack provide valuable insight into the operational playbook of this threat actor. This single VM acted as the attackers’ beachhead, revealing…

Read more →

HPE Aruba Networking has issued a critical security advisory addressing multiple vulnerabilities in its Private 5G Core Platform that could allow attackers to create unauthorized administrative accounts, disrupt services, and access sensitive system information. The flaws, tracked as CVE-2026-23595, CVE-2026-23596,…

Read more →

Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux systems, addressing 11 security vulnerabilities that could allow attackers to execute malicious code on affected systems. The update, announced on February 10, 2026, will roll out…

Read more →

Palo Alto Networks has disclosed a PAN-OS firewall vulnerability that can let remote attackers force repeated reboots, potentially pushing a device into a “reboot loop” that ends in maintenance mode. Tracked as CVE-2026-0229, the issue sits in the Advanced DNS…

Read more →

A critical vulnerability in the popular WPvivid Backup & Migration plugin is putting more than 800,000 WordPress websites at risk of complete takeover through remote code execution (RCE) attacks. Tracked as CVE-2026-1357 and rated 9.8 on the CVSS scale, the…

Read more →

A newly discovered malicious NPM package, dubbed duer-js , is being used to distribute an advanced information‑stealing malware that primarily targets Windows systems and Discord users. Published by the user “luizaearlyx”, the package contains a custom infostealer calling itself “bada stealer”, and…

Read more →

Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to cryptocurrency‑focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hide multi‑stage payloads behind seemingly legitimate coding tasks…

Read more →

A new fingerprinting technique called “Adbleed” reveals that VPN users aren’t as anonymous as they think. While VPNs hide your IP address and encrypt traffic, they can’t conceal which country-specific adblock filter lists are installed in your browser and that’s…

Read more →

Fake CAPTCHA attacks are now a key entry point for a new wave of LummaStealer infections, with CastleLoader loaders turning simple web clicks into full system compromise. Less than a year after a major law-enforcement takedown, the infostealer’s operators have…

Read more →