As mobile usage continues to dominate the digital landscape, securing mobile applications has never been more critical. The year 2026 brings new challenges to the table: sophisticated AI-driven cyberattacks, complex vulnerabilities, and the rapid evolution of continuous integration workflows. For…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks
Notepad++ has released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could allow arbitrary code execution under specific conditions. The update, published on May 26, 2026, patches three vulnerabilities tracked as CVE-2026-48770, CVE-2026-48778, and CVE-2026-48800. These issues…
ClearFake Abuses BSC Testnet Contracts for Resilient C2 Operations
Threat actors behind the ClearFake campaign have adopted a novel and highly resilient command-and-control (C2) architecture by leveraging BNB Smart Chain (BSC) testnet smart contracts, creating an infrastructure that is effectively immune to traditional takedown efforts. Unlike conventional malware campaigns…
Roundcube Webmail Vulnerability Allows Hackers to Execute Malicious SQL Queries
Roundcube Webmail users are being urged to update their systems immediately after the disclosure of multiple security vulnerabilities, including a critical pre-authentication SQL injection flaw that allows attackers to execute malicious database queries without requiring login access. The vulnerabilities were…
Hackers Spread VIP Keylogger via Fake Business Emails
Hackers are actively deploying VIP Keylogger through phishing emails disguised as routine business documents, using multi‑layered loaders, steganography, and in‑memory execution to quietly steal credentials and other sensitive data from compromised systems. Recent VIP Keylogger campaigns rely heavily on social…
Microsoft Warns Against Public Release of Zero-Day Details Before Vendor Coordination
Microsoft has issued a strong warning to the cybersecurity community following a recent surge in publicly disclosed zero-day vulnerabilities without prior coordination. According to the Microsoft Security Response Center (MSRC), several vulnerabilities were disclosed without prior notification to Microsoft, leaving…
Motorola App Allegedly Hijacks Amazon App Activity to Insert Affiliate Referral Codes
Motorola is facing scrutiny after researchers and users discovered that its preinstalled Smart Feed app was silently hijacking launches of the Amazon Shopping app to inject affiliate referral codes into user traffic. The behavior, now disabled after public backlash, raises…
Threat Actors Launch FIFA Website Spoofing Campaign to Steal User Details
Threat actors are actively launching spoofing campaigns targeting FIFA-themed websites ahead of the 2026 FIFA World Cup, according to a Public Service Announcement (Alert I-052726-PSA) issued by the Federal Bureau of Investigation (FBI) on May 27, 2026. The campaign is…
Hackers Host JS Malware on GHOSTYNETWORKS and OMEGATECH
Hackers are abusing two bulletproof hosting providers, GHOSTYNETWORKS and OMEGATECH, to run a global JavaScript (JS) malware infrastructure that powers large‑scale malspam and business email compromise activity. In March 2026, multiple malspam waves delivered a JavaScript backdoor via ZIP or…
FortiClient Code Execution Flaw Exploited to Deploy EKZ Malware
Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑2026‑35616, allows unauthenticated attackers…
New PureLogs Variant Abuses MSBuild to Evade Detection
A new phishing-driven malware campaign distributing a stealthy PureLogs variant that leverages advanced evasion techniques, including process hollowing via MsBuild.exe. The campaign is designed to steal sensitive data from infected systems while avoiding traditional detection mechanisms through layered obfuscation and…
Silent Ransom Impersonates IT Support to Target Law Firms
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitive data and extort victims without deploying traditional ransomware. In its latest campaigns, SRG contacts…
SBI Warns Fake YONO Deactivation Message Scam
India’s largest public sector bank, State Bank of India (SBI), has issued a fresh cybersecurity alert warning customers about an ongoing phishing campaign targeting users of its YONO digital banking platform. The alert highlights a surge in fraudulent messages falsely…
BadHost Vulnerability Exposes Sensitive AI Agent Server Endpoints to Attackers
A critical vulnerability, “BadHost” (CVE-2026-48710), has been identified in the Starlette web framework, exposing thousands of AI-powered applications and API services to potential attacks. The flaw, discovered by X41 D-Sec during an OSTIF-sponsored security audit, allows attackers to manipulate how…
CISA Warns LiteSpeed cPanel Plugin Vulnerability Is Being Exploited in Attacks
CISA has issued an urgent warning after adding a critical vulnerability in the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-48172, introduces a severe privilege escalation risk…
BTMOB Malware Allows Cybercriminals to Remotely Hijack Android Phones
A newly observed Android malware strain, known as BTMOB, is raising concerns among cybersecurity researchers due to its powerful remote access capabilities and ease of deployment. Initially identified in early 2025, BTMOB has evolved into a full-featured remote access trojan…
GitHub Enterprise Server 3.20.3 Addresses Critical Security Flaws
GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and extract sensitive data. The update, published on May 26, 2026, also introduces an important security…
Windows Kernel Vulnerability Lets Attackers Modify Kernel Memory Counters
A critical Windows kernel vulnerability, CVE-2026-40369, allows any unprivileged process, including a browser renderer sandbox, to increment arbitrary kernel memory and reliably escalate to SYSTEM on Windows 11 24H2–25H2. The bug sits in ntoskrnl.exe inside ExpGetProcessInformation, reachable via a single NtQuerySystemInformation call with information class…
New Zero-Click WhatsApp Account Takeover Attack Targets iOS 16 Users
A newly uncovered zero-click attack targets iPhone users running iOS 16, allowing threat actors to hijack WhatsApp accounts without any user interaction, visible prompts, or warnings about linked devices. The campaign was first documented by Italian digital forensics firm Forenser,…
Hackers Exploit Shared CDN Edge IPs to Evade Protective DNS Filtering
Hackers are exploiting shared CDN edge infrastructure to bypass DNS-based security controls, according to new research from ADAMnetworks, which details a stealthy evasion technique dubbed “Underminr.” The core issue lies in how content delivery networks (CDNs) route traffic across shared…