Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The LACUNA Chain’s “Ghost Frames” technique introduces a new method for manipulating call stacks that effectively bypasses modern Endpoint Detection and Response (EDR) systems, which rely on kernel-level stack inspection. This marks a significant advancement in post-exploitation tactics. Security researcher…

Read more →

Researchers have uncovered a systemic LLM credential exposure problem in the iOS ecosystem, with 282 AI‑powered apps leaking exploitable API credentials and backend access mechanisms directly in network traffic. The findings highlight widespread misuse of OpenAI, Gemini, and other LLM…

Read more →

Microsoft has announced that the upcoming Windows 11 version 26H2 will be delivered using an enablement package model. This approach aligns with their goal of providing streamlined, low-disruption feature updates specifically for enterprise environments. According to the Windows IT Pro…

Read more →

A newly analyzed botnet family, AryStinger, weaponizes long‑neglected routers and NAS appliances to build a stealthy reconnaissance and relay infrastructure that helps attackers obscure origin and extend lateral reach. AryStinger leverages decade‑old vulnerabilities in RTL819X‑based routers and a more feature‑rich…

Read more →

Attackers can now manipulate AI “deep-research” agents by discreetly editing Reddit threads and Wikipedia pages. They can insert as little as a 13-word snippet, which these agents may later reference as authoritative advice, product recommendations, or even scams in their…

Read more →

In the fast-paced digital world of 2026, cyberattacks are no longer a matter of if, but when. The increasing sophistication of threats like ransomware, phishing, and data breaches means that even businesses with robust cybersecurity defenses are at risk. As…

Read more →

In the ever-evolving landscape of digital commerce, safeguarding cardholder data is paramount. The Payment Card Industry Data Security Standard (PCI DSS) sets the benchmark for protecting this sensitive information, and compliance is not just a requirement it’s a cornerstone of…

Read more →

In the complex digital landscape of 2026, technology alone is no longer enough to protect an organization from cyber threats. The human element, often cited as the weakest link, is now recognized as a critical line of defense the human…

Read more →

Apple has revealed a significant security vulnerability affecting Beats Studio Buds, which could allow attackers within Bluetooth range to access a device’s microphone without user consent. This issue, identified as CVE-2025-20701, was addressed in Beats Firmware Update 1B211, released on…

Read more →

A customer compromised by a newly observed ransomware family we attribute to the Prinz Eugen group. The encryptor is a purpose-built Go binary that departs from many first-wave samples by combining deliberate file-targeting, modern cryptography, and anti‑forensic measures traits that…

Read more →

Chinese state-linked cyber activity has moved decisively away from the neat, single-actor narratives that dominated early attribution toward an ecosystem model in which responsibility is distributed across military units, intelligence services, private firms, and criminal-style intermediaries. Official advisories characterized some…

Read more →

pgAdmin 4 version 9.16 has been released by the pgAdmin Development Team, introducing significant security improvements along with feature enhancements and bug fixes. This update addresses seven vulnerabilities, tracked as CVE-2026-12044 through CVE-2026-12050, and includes 64 bug fixes and various…

Read more →

A widespread npm supply‑chain compromise to Sapphire Sleet, a North Korean state actor, after the takeover of an npm maintainer account enabled the mass publication of poisoned Mastra packages that silently delivered a multi‑stage implant. The campaign, disclosed June 19,…

Read more →

GitHub has implemented a major security enhancement in its Actions ecosystem with the release of actions/checkout v7, which aims to address a long-standing class of vulnerabilities known as “pwn requests.” This update was announced on June 18, 2026, and introduces…

Read more →

A previously undocumented Windows loader, tracked as OXLOADER, that combines sophisticated obfuscation and unconventional staging to evade static detection and sandbox analysis while delivering the new CASTLESTEALER infostealer via malvertising. The campaign leveraged malicious Google Ads impersonating Node.js and API…

Read more →

A large-scale malware distribution campaign utilizing GitHub repositories has been uncovered. This coordinated effort weaponized over 10,000 repositories to deliver Trojanized payloads. The activity was first identified on June 18, 2026, and highlights significant gaps in automated detection and monitoring…

Read more →

A trio of coordinated campaigns a JetBrains fake AI assistant campaign, the GlassWorm self‑propagating worm, and the compromised Nx Console Visual Studio Code extension made clear that IDE plugin ecosystems are now a primary attack surface for AI credential theft.…

Read more →

Fortinet has issued a security warning about ongoing credential-harvesting attacks targeting FortiGate devices in a campaign known as “FortiBleed.” Threat actors are exploiting weak authentication practices rather than any newly disclosed vulnerabilities. A PSIRT advisory released on June 19, 2026,…

Read more →

Texas Cyber Command has disclosed a massive third-party data breach affecting the Texas Parks and Wildlife Department (TPWD), exposing the personal records of exactly 3,087,721 individuals. An unauthorized actor breached this vendor’s network infrastructure, resulting in a severe supply chain…

Read more →

A sophisticated evasion technique developed by Vidar infostealer operators successfully bypasses Google Chrome’s Application-Bound Encryption (ABE). Introduced in 2024, ABE was designed to protect browser-stored cookies and sensitive credentials. According to recent findings by Gen Threat Labs, the latest iterations…

Read more →