Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A proof-of-concept (PoC) exploit that demonstrates how attackers can bypass Windows 11 BitLocker disk encryption in under 5 minutes. Dubbed the “BitUnlocker” attack, this physical downgrade technique exploits a known vulnerability, CVE-2025-48804. Initially documented by the Microsoft STORM team in…

Read more →

TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator applications while introducing advanced stealth and network capabilities. Rather than introducing entirely new user-facing functionality, the latest TrickMo variant focuses on backend…

Read more →

Artificial intelligence has officially transitioned from an experimental hacking novelty into an industrial-scale weapon for cybercriminals. Google Threat Intelligence Group (GTIG) adversaries are now actively using generative AI models to discover vulnerabilities and engineer functional zero-day exploits. This marks a…

Read more →

A dispute over maintainer access in the widely used Go library fsnotify has triggered temporary supply chain concerns after contributors were removed from the project’s GitHub organization and recent releases came under scrutiny. While no evidence suggests that any version of fsnotify…

Read more →

Recently disclosed vulnerabilities in PHP, particularly within its widely used SOAP extension, have raised significant alarms across the cybersecurity community. Among the newly identified flaws is a high-severity vulnerability that could permit attackers to achieve Remote Code Execution (RCE) on…

Read more →

A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low‑visibility access to victim systems. The operation, dubbed “Operation HumanitarianBait” in some reporting, appears designed for cyberespionage against Russian‑speaking targets using humanitarian‑themed lures and a…

Read more →

A critical authentication bypass vulnerability affecting cPanel and WHM servers, identified as CVE-2026-41940, is currently under active exploitation by a highly sophisticated and elusive cybercriminal syndicate known as Mr_Rot13. The vulnerability carries a maximum severity CVSS score of 9.8, allowing…

Read more →

Hackers are abusing a fake Claude AI download site to deliver a PlugX‑style DLL sideloading chain that ultimately deploys a new Windows backdoor dubbed “Beagle.” The campaign blends malvertising, a trojanized installer, and signed security software components to achieve stealthy…

Read more →

A malicious Hugging Face repository, Open-OSS/privacy-filter, that abused the platform’s trust and trending algorithm to deliver a sophisticated Rust-based infostealer to Windows users. The project briefly reached the #1 trending position with roughly 244,000 downloads and hundreds of likes before…

Read more →

Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7, 2026, these security flaws pose a substantial risk to enterprise data privacy and corporate confidentiality. If…

Read more →

Public references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the urgency for defenders with wireless ADB enabled on test or production devices. Google and multiple…

Read more →

Security researchers have exposed critical sandbox escape vulnerabilities in Sandboxie and Sandboxie-Plus that allow attackers to gain full SYSTEM-level privileges. We strongly urge users to update to version 1.17.5, which was recently patched, to mitigate these severe execution threats. A…

Read more →

OpenClaw users are being targeted in a fresh malware campaign that abuses a fake installer to steal credentials from popular crypto wallets and password managers, including MetaMask, Phantom, and Bitwarden. The archive contains a 130MB Rust executable padded with fake…

Read more →

Law enforcement authorities have successfully dismantled the relaunched version of “Crimenetwork,” a prominent criminal online trading platform. A 35-year-old German citizen, suspected of operating the illicit platform, was apprehended at his residence in Mallorca, Spain, by a special unit of…

Read more →

In early May 2026, ShinyHunters breached Instructure’s Canvas LMS by abusing the Free-For-Teacher (FFT) account program, triggering an active extortion campaign and exposing student and faculty data across thousands of schools worldwide. ShinyHunters claimed responsibility on 3 May and published…

Read more →

Hackers are abusing a weaponized JPEG file to quietly install a trojanized version of the ConnectWise ScreenConnect remote‑access tool on Windows systems, enabling full surveillance, credential theft, and long‑term control over compromised networks. The campaign shows how a simple‑looking image…

Read more →

The multi-billion-dollar ransomware defence industry operates on a fundamental assumption: to cause catastrophic operational damage, malicious actors must write corrupted data to a disk. However, a newly disclosed attack technique, GhostLock, completely invalidates this foundational premise by demonstrating how threat…

Read more →

Air-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However, a groundbreaking threat known as ODINI demonstrates that even these extreme isolation measures can be compromised. Researchers have developed a…

Read more →

Threat actors are deploying a sophisticated malvertising campaign targeting macOS users by exploiting Google Ads and legitimate Anthropic Claude shared chats. Security researcher Berk Albayrak uncovered this novel attack chain on May 10, which distributes a variant of the MacSync…

Read more →

The official JDownloader website fell victim to a sophisticated supply-chain attack, resulting in malicious installers being distributed to users worldwide. Attackers exploited an unpatched vulnerability in the site’s content management system to redirect specific download links from legitimate JDownloader installers…

Read more →