Security Researchers have detected active exploitation targeting unpatched Quest KACE Systems Management Appliance (SMA) instances. Starting the week of March 9, 2026, threat actors began leveraging a critical authentication bypass vulnerability, identified as CVE-2025-32975, to infiltrate corporate networks, harvest sensitive…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
MioLab MacOS Stealer Expands With ClickFix, Wallet Theft, Team APIs
As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) show that Macs are no longer a niche target but a priority for cybercrime ecosystems. Marketed as a premium Malware‑as‑a‑Service (MaaS) on Russian‑language…
511,000+ End-of-Life IIS Instances Found Online, Raising Security Risks
Security researchers at The Shadowserver Foundation have identified a massive internet-facing attack surface, discovering more than 511,000 End-of-Life Microsoft Internet Information Services (IIS) instances currently active online. This widespread deployment of outdated web servers presents a significant security risk to…
CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-32432, this code injection flaw is currently being exploited in active attacks across the wild.…
Oblivion RAT Masquerades as Play Store Update to Spy on Android Users
A newly discovered Android remote access trojan (RAT) called Oblivion RAT is raising concerns across the mobile threat landscape. Marketed as a malware-as-a-service (MaaS) platform, it is sold on cybercrime forums with subscription plans starting at $300 per month. Unlike…
Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems
QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network video surveillance solution. Disclosed on March 21, 2026, under the security advisory identifier QSA-26-07, this severe security flaw could allow…
Trivy Supply Chain Attack Spreads via Compromised Docker Hub Images
The ongoing supply chain attack targeting Aqua Security’s Trivy ecosystem has escalated, with new compromised Docker images discovered on Docker Hub. According to Socket’s analysis, two new Docker image tags, 0.69.5 and 0.69.6, were published on March 22 without corresponding…
$30 IP-KVM Flaws Could Enable BIOS-Level Enterprise Network Attacks
Recent threat research reveals a severe security crisis affecting low-cost IP-KVM devices. Security experts discovered nine vulnerabilities across four popular vendors, transforming these cheap management tools into powerful attack platforms. Compromising a single KVM device grants an attacker complete physical-level…
CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple ecosystem. Officially added to the Known Exploited Vulnerabilities (KEV) catalog on March 20, 2026, these bugs are actively being abused…
CanisterWorm Hijacks npm Publisher Accounts, Steals Tokens
A highly automated npm supply chain campaign, dubbed “CanisterWorm,” in which threat actors steal npm access tokens and weaponize legitimate publisher accounts at scale. The group, tracked as “TeamPCP,” has compromised trusted namespaces including @emilgroup and @teale.io, pushing new SDK…
VoidStealer Steals Chrome Secrets Without Injection or Privilege Escalation
A new variant of the MaaS infostealer VoidStealer has become the first malware observed in the wild to weaponize a debugger‑based bypass for Google Chrome’s Application‑Bound Encryption (ABE), using hardware breakpoints to steal Chrome’s v20_master_key directly from browser memory. Unlike…
Crunchyroll Data Breach Allegedly Exposes 100 GB of User Data
A major data breach has reportedly compromised Crunchyroll, the popular Sony-owned anime streaming service. Threat actors claim to have successfully stolen 100 GB of personally identifiable information (PII) from the platform. The breach allegedly took place on March 12, 2026,…
AstraZeneca Data Breach Allegedly Claimed by LAPSUS$ as Internal Data Access Reported
The notorious hacking collective known as LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving multinational pharmaceutical giant AstraZeneca. The threat actors are reportedly attempting to sell a compressed 3GB internal data dump, indicating a potential compromise…
Oracle Fixes High-Severity RCE Vulnerability Affecting Identity and Web Services Platforms
Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity Manager and Oracle Web Services Manager. Tracked as CVE-2026-21992, this vulnerability allows attackers to compromise systems remotely without requiring any…
Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials
A highly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments. Discovered on March 19, 2026, this breach represents the second major security incident to strike the Trivy ecosystem this month…
FBI and CISA Flag Russian Cyber Operations Targeting Select Individuals via Signal
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released a joint cybersecurity advisory regarding a widespread phishing campaign. The alert warns that Russian Intelligence Services are actively targeting users of encrypted messaging…
Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave
Threat actors are actively distributing the PureLog Stealer through a sophisticated, multi-stage attack campaign disguised as legal copyright violation notices. This information-stealing malware is engineered to silently harvest sensitive data, including browser credentials, browser extensions, cryptocurrency wallets, and detailed system…
Critical UNISOC T612 Modem Flaw Enables Remote Code Execution via Cellular Calls
A severe security vulnerability has been uncovered in UNISOC modem firmware, allowing attackers to execute arbitrary code remotely over cellular networks. UNISOC is a major semiconductor manufacturer providing chipsets for prominent mobile brands such as Motorola, Samsung, Vivo, and Realme.…
Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable attackers to execute malicious code remotely. The Stable channel update introduces versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS systems,…
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a critical zero-day vulnerability affecting heavily relied-upon Cisco security products. Tracked officially as CVE-2026-20131, this severe flaw is actively being exploited by cybercriminals in targeted ransomware campaigns. Organizations…