Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

P2PInfect Botnet Targets Kubernetes via Exposed Redis

A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud misconfiguration can enable long-term compromise. In several investigated environments, attackers maintained access for up to six months, with consistent botnet…

WantToCry Ransomware Exploits SMB to Encrypt Remote Files

A new ransomware campaign named “WantToCry” that leverages exposed Server Message Block (SMB) services to gain access and encrypt victim data without deploying traditional malware on compromised systems. This approach significantly reduces the detection surface, making it harder for conventional…

Claude Code Sandbox Flaw May Compromise User Secrets

A newly disclosed security flaw in Anthropic’s Claude Code platform has exposed a critical weakness in its network sandbox, potentially allowing attackers to bypass restrictions and exfiltrate sensitive data. The issue, identified by security researcher Aonan Guan, marks the second…

Gremlin Stealer Hides C2 and Exfiltration Paths in Encrypted Resources

A newly identified variant of the Gremlin stealer malware is leveraging advanced obfuscation techniques to conceal its command-and-control (C2) infrastructure and data exfiltration logic within encrypted .NET resource sections. This evolution highlights a significant shift toward stealth, modularity, and anti-analysis…

Old Breaches Resold as New Corporate Data Leaks

Dark web data brokers are increasingly recycling old breach data and marketing it as fresh corporate leaks. The activity, largely observed in Chinese-language cybercrime forums and Telegram channels, is creating confusion among organizations and diverting security resources toward investigating claims…

Microsoft DurableTask Python Client Targeted in TeamPCP Cyberattack

The ongoing TeamPCP software supply chain campaign has compromised the official Microsoft DurableTask Python client, a widely used package for orchestrating workflows in Python applications. Three versions of the durabletask package on PyPI, 1.4.1, 1.4.2, and 1.4.3, were identified as malicious and…

Fake Tax Assessment Pages Spread Windows Malware

Hackers are actively targeting Windows users with fake Indian Income Tax assessment pages in a campaign tracked as TAX#TRIDENT. The campaign begins with fraudulent tax assessment or penalty pages designed to create urgency. Victims are prompted to download what appears…

Pardus Linux Vulnerability Lets Local Attackers Gain Silent Root Access

A critical privilege escalation vulnerability chain, tracked as CVE-2026-5140, has been discovered in the Pardus Linux update mechanism, allowing local users to gain full root access without authentication. The issue, rated CVSS 9.3 (Critical), affects the pardus-update package and stems from a combination of…

Void Botnet Leverages Ethereum for Resilient C2

A newly identified botnet, named Void, is leveraging Ethereum smart contracts to build a resilient, hard-to-disrupt command-and-control (C2) infrastructure, marking a continued evolution in blockchain-enabled cybercrime. Discovered in March 2026 and advertised on a Russian-language cybercrime forum, Void Botnet follows…

Trapdoor Android Ad Fraud Ring Abuses 455 Apps for Fake Clicks

A large-scale Android ad fraud campaign named “Trapdoor,” exposing a sophisticated ecosystem built on 455 malicious apps and 183 command-and-control (C2) domains. The operation combines malvertising, automated click fraud, and advanced evasion techniques to create a self-sustaining revenue loop that…