Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Threat actors are increasingly hiding malware inside seemingly harmless files, and a new campaign shows just how effective this tactic has become. The attack begins with a phishing email carrying a TXZ archive attachment. Disguised as an urgent invoice, the…

Read more →

A newly analyzed malware strain, OtterCookie, is emerging as a serious threat to developers, quietly harvesting sensitive data from active workstations in real time. Unlike earlier assumptions, OtterCookie is not a variant of BeaverTail but a separate Node. js-based remote…

Read more →

A set of critical vulnerabilities in the popular workflow automation platform n8n has raised serious security concerns, with researchers warning that attackers could chain multiple flaws to achieve full remote code execution (RCE) on affected systems. The issues, disclosed in…

Read more →

A newly analyzed cyber-espionage framework called Fast16 has revealed one of the most precise and covert sabotage operations ever uncovered targeting nuclear weapons simulations by silently manipulating critical test data. Researchers confirm that the malware didn’t just infiltrate systems it…

Read more →

A critical security vulnerability in the Funnel Builder plugin by FunnelKit is actively being exploited, putting more than 40,000 WooCommerce websites at risk of payment data theft. The vulnerability affects all Funnel Builder versions prior to 3.15.0.3 and allows unauthenticated…

Read more →

A widely used WordPress plugin powering over one million websites has been found vulnerable to two serious security flaws that could expose sensitive data and server files. Security researchers warn that the issues in the Avada Builder plugin could allow…

Read more →

Linux kernel creator Linus Torvald has warned that a flood of low‑value, AI‑generated bug reports is overwhelming the private Linux security mailing list and actively disrupting real security work. The new kernel documentation for Linux 7.1 now explicitly tells AI…

Read more →

PHP, one of the most widely used web programming languages, is rarely viewed as a direct attack surface at its core level. Security focus typically shifts toward frameworks and third-party libraries. However, new research shows that PHP’s built-in functionality specifically…

Read more →

A new supply chain attack campaign targeting developers has surfaced in the npm ecosystem, with four malicious packages discovered stealing sensitive data, including SSH keys, cloud credentials, and cryptocurrency wallets. The campaign, identified by OX Security within the past 24…

Read more →

Security researchers have unveiled the first publicly known macOS kernel memory corruption exploit targeting Apple’s latest M5 silicon, marking a significant moment for both offensive security and Apple’s next-generation defenses. The exploit, developed in collaboration with Mythos Preview, reportedly bypasses…

Read more →

Grafana Labs has confirmed a security incident involving unauthorized access to its internal GitHub environment, after a threat actor obtained a compromised access token and downloaded portions of the company’s codebase. The disclosure, made via an official statement on May…

Read more →

A recently disclosed flaw in Claude Code allowed attackers to execute arbitrary system commands using a single crafted deeplink URL, turning a convenience feature into a remote code execution (RCE) vector. The issue, documented by security researcher Joernchen, has been…

Read more →

A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, replacing legitimate installers with trojanized versions targeting both Windows and Linux users. The incident, confirmed by JDownloader developers, occurred between May…

Read more →

A newly disclosed Linux kernel vulnerability, dubbed “ssh-keysign-pwn” by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed passwords stored in /etc/shadow. Tracked as CVE-2026-46333 and GHSA-pm8f-4p6p-6×53, the flaw has existed undetected for approximately six years and was…

Read more →

Gunra ransomware is rapidly evolving into a more structured and dangerous cybercrime operation after shifting from a Conti-based locker to its own Ransomware-as-a-Service (RaaS) model. First discovered in April 2025, the group initially targeted a small number of victims, but…

Read more →

Shai-Hulud is a major cybersecurity threat targeting the open-source software supply chain. Security researchers are raising alarms over “Shai-Hulud,” a self-propagating npm worm designed to steal sensitive developer credentials from GitHub, AWS, Kubernetes, and local environments. The campaign, tracked by…

Read more →

A newly disclosed vulnerability in VMware Fusion has raised serious security concerns after researchers confirmed it could allow attackers to escalate privileges to root on affected systems. The flaw, tracked as CVE-2026-41702, has been rated high severity with a CVSS…

Read more →

Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the threat landscape. The spike in activity is closely tied to the public release of criminal toolkits and phishing-as-a-service (PhaaS) platforms,…

Read more →

A powerful zero-click exploit chain for the Pixel 10 that can take an attacker from a remote Dolby decoding bug to full kernel control through a single vulnerable video processing driver. The work shows both how quickly Google can now…

Read more →

A high-severity vulnerability in PraisonAI is drawing urgent attention after security researchers observed exploitation attempts within hours of public disclosure. The flaw, tracked as CVE-2026-44338 and documented in the GitHub advisory GHSA-6rmh-7xcm-cpxj, exposes a critical authentication bypass in the platform’s…

Read more →