Attackers have exploited a critical vulnerability in Meta’s AI-powered Instagram support chatbot to hijack user accounts without needing passwords, phishing, or malware. Instead of bypassing security through technical exploits, hackers simply manipulated the chatbot via natural-language requests. Meta’s AI Bot…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
RaccoonLine Publishes a Breakdown of 7 Structural Differences Between dVPNs and Traditional VPNs
Rome, Italy, June 1st, 2026, CyberNewswire With VPN providers facing increasing legal pressure from governments across multiple jurisdictions in 2026, RaccoonLine today published a technical breakdown of the seven structural differences between decentralized and centralized VPN architecture, focusing specifically on…
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability in a widely used Magento extension is exposing thousands of online stores to remote code execution (RCE) attacks. The vulnerability, tracked as CVE-2026-45247 and rated 9.8 on the CVSS scale, allows attackers to execute arbitrary code…
Attackers Exploit Docker, Kubernetes Misconfigs to Breach Hosts
Attackers are increasingly targeting Docker and Kubernetes environments by exploiting misconfigurations, weak isolation boundaries, and insecure APIs to compromise host systems and entire clusters. As containerization becomes the backbone of modern cloud infrastructure, threat actors are shifting focus from traditional…
Critical Plesk Vulnerability Lets Users Execute Server Commands
A newly disclosed critical vulnerability in Plesk is raising serious security concerns after researchers confirmed that low-privileged users can execute arbitrary commands on affected servers. Tracked as CVE-2026-44962, the vulnerability affects Plesk for Linux and is linked to improper input…
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Iran-linked hackers have upgraded their tradecraft by using AppDomainManager hijacking in .NET applications to turn off security telemetry before malicious code fully starts, making endpoint detection and response tools much harder to spot the attack. The campaign, attributed to the…
Microsoft: No Lawsuits Against Researchers in Nightmare-Eclipse Row
Microsoft has issued a clarifying statement, assuring the global cybersecurity community that it has no intention of pursuing legal action against security researchers conducting or publishing legitimate security research. A significant walkback amid the firestorm sparked by its earlier confrontation with a…
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Iran-linked hackers have launched a destructive cyber campaign that wipes IT, backup, and recovery systems at multiple organizations in the Middle East and beyond, severely undermining victims’ ability to restore operations after an attack. Evidence ties the operation to the…
Meta AI Vulnerability Allegedly Enables Instagram Password Resets
Instagram is facing scrutiny after a critical vulnerability in its Meta AI-powered support system allegedly allowed attackers to take over user accounts by abusing the password recovery process. The tool, designed to help users regain access to locked accounts, could…
Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures
Microsoft has released cumulative update KB5089573 for Windows 11 versions 24H2 and 25H2, aimed at improving stability and resolving installation issues reported during recent Patch Tuesday deployments. The update is part of Microsoft’s ongoing effort to streamline update reliability while…
Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation
Microsoft’s May 2026 Patch Tuesday release has taken a critical turn after security researchers confirmed that a high-risk Windows Netlogon vulnerability is now being actively exploited in the wild. Tracked as CVE-2026-41089, the vulnerability allows unauthenticated attackers to execute remote…
Hackers Target Signal Users to Steal Backups in New Attack Wave
Hackers are abusing Signal’s in‑app messaging to trick users into giving up their backup recovery keys, allowing attackers to unlock years of supposedly private conversations in a new phishing wave. The campaign uses messages that appear to come from “Signal…
Google Chrome’s DBSC Now Generally Available to Prevent Account Takeovers
Google has officially made Device Bound Session Credentials (DBSC) generally available for the Chrome browser on Windows. This architectural upgrade delivers a robust defense mechanism against one of the most pervasive threats in the modern cybersecurity landscape: session cookie theft…
Palo Alto PAN-OS Authentication Bypass Vulnerability Actively Exploited in the Wild
A critical authentication-bypass vulnerability affecting Palo Alto Networks PAN-OS and Prisma Access is being actively exploited by malicious actors. In response to mounting attacks, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-0257 to its Known Exploited Vulnerabilities (KEV) catalog…
SideCopy Deploys Persistent XenoRAT Against Afghanistan Finance Ministry
Pakistan-linked threat actor SideCopy has launched a highly targeted spear-phishing campaign against Afghanistan’s Ministry of Finance (MoF). The operation surgically targets all 34 provincial revenue directorates, operating under the broader Transparent Tribe (APT36) umbrella. According to threat intelligence reports from…
Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges
A newly analyzed ransomware strain, “The Gentlemen,” is raising concern among security researchers due to its ability to combine strong encryption with aggressive lateral movement. What makes this threat particularly dangerous is its use of SYSTEM-level scheduled tasks to encrypt…
JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware
A newly identified threat actor tracked as JINX-0164 is targeting cryptocurrency organizations through sophisticated LinkedIn-based social engineering campaigns. The financially motivated group has been active since at least mid-2025. It is leveraging custom macOS malware, credential theft, and CI/CD pipeline…
GREYVIBE Threat Actors Use ChatGPT and Google Gemini to Scale Cyberattack Operations
Threat actors are increasingly turning to generative AI tools such as ChatGPT and Google Gemini to accelerate cyberattack operations, lowering technical barriers and reshaping modern threat landscapes. A recent report by WithSecure highlights a Russia-linked threat group, tracked as GREYVIBE,…
Malicious NuGet Package Disguised as Sicoob SDK Exfiltrates Banking Passwords
A newly discovered malicious NuGet package disguised as a legitimate Sicoob software development kit (SDK) has been caught exfiltrating sensitive banking credentials, highlighting a dangerous evolution in software supply chain attacks. Security researchers from Socket revealed that the package, published…
Trusted Dev Tools Abused to Steal Code and Secrets
Attackers are increasingly weaponizing trusted developer tools to infiltrate software supply chains, with CISA warning of multiple ongoing campaigns targeting CI/CD ecosystems and developer workflows. Recent incidents, including a compromised Visual Studio Code extension and a large-scale operation dubbed “Megalodon,”…