Networking and security leader Cisco has announced its intent to acquire Astrix Security, a pioneer in Non-Human Identity (NHI) management. Announced in May 2026, this acquisition is designed to help enterprises secure the rapidly expanding “agentic workforce”, the growing ecosystem…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Cerberus Stalkerware Hits Google Play, Abuses Accessibility and Firebase for Remote Control
Cerberus Anti-theft, a long-running Android “security” app, is operating as full-featured stalkerware on Google Play, abusing accessibility services and Google Firebase to give abusers near-total remote control over victims’ phones. Once installed, Cerberus lets an abuser push a custom lock‑screen…
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks
Educational institutions are now facing a coordinated mix of state espionage, spear‑phishing, and supply chain intrusions, even as classic ransomware and vulnerability volumes show signs of easing. Every attributed campaign was linked to state actors, with no financially motivated groups…
WhatsApp Security Flaw Enables Malicious URL Execution Through Instagram Reels
WhatsApp has recently patched two notable security vulnerabilities that could have allowed attackers to execute malicious links and disguise dangerous files. The most alarming discovery involves a flaw in how WhatsApp processes Instagram Reels. This vulnerability allows remote threat actors…
Code of Conduct Phish Hits 35,000 Users in Multi-Stage AiTM Attack
A highly sophisticated phishing campaign leveraging code-of-conduct-themed lures has targeted more than 35,000 users across 13,000 organizations. The multi-stage attack, observed between April 14 and April 16, 2026, highlights how threat actors are refining social engineering, delivery infrastructure, and authentication…
Attackers Exploit Amazon SES to Send Authenticated Phishing Emails
Attackers are increasingly abusing Amazon Simple Email Service (SES) to deliver highly convincing phishing emails that bypass traditional security controls, marking a growing trend in email-based threats. The primary goal of any phishing campaign is to evade detection while tricking…
Qualcomm Chipset Vulnerabilities Raise Alarm Over Remote Code Execution Risk
Qualcomm Technologies has released its May 2026 security bulletin, addressing a sweeping array of vulnerabilities across its proprietary and open-source software ecosystems. Threat actors could exploit these security gaps to compromise smartphones, automotive systems, and industrial Internet of Things devices…
Critical Android Zero-Click Vulnerability Enables Remote Shell Access
Google has released the Android Security Bulletin for May 2026, addressing a highly critical vulnerability that allows attackers to execute code remotely without any user interaction. Published on May 4, 2026, the latest security update focuses heavily on a severe…
New Attribution Framework Links APT Campaigns Across Key Layers
A new attribution framework is reshaping how cybersecurity analysts connect advanced persistent threat (APT) activity, moving beyond static group labels toward a dynamic, multi-layered model that reflects how modern adversaries actually operate. These profiles are built from observed tactics, techniques,…
Fake “Notepad++ for Mac” Site May Pose Malware Risk for Mac Users
A deceptive website is circulating online that claims to offer an official “Notepad++ for Mac” download, and it has already misled some users and even tech media outlets into believing that Notepad++ has finally launched a native macOS version. The…
Apache HTTP Server Vulnerability Exposes Millions to Remote Code Execution Threats
The Apache Software Foundation has released an urgent security update for the Apache HTTP Server to patch a severe vulnerability. Tracked as CVE-2026-23918, this flaw could allow attackers to execute malicious code remotely on affected web servers, putting millions of…
Microsoft Edge Found Storing Saved Passwords in Cleartext Memory at Startup
A new security finding reveals that Microsoft Edge loads every saved password into its process memory as cleartext the moment the browser launches. Even more surprising to security professionals is Microsoft’s official response to the disclosure, which states that this…
DigiCert Hacked in Screensaver-Based Attack to Fraudulently Obtain EV Code Signing Certificates
DigiCert, a major Certificate Authority, recently suffered a significant security breach where hackers used a malicious screensaver file to steal 60 Extended Validation (EV) Code Signing certificates. These highly trusted certificates were subsequently used to sign the “Zhong Stealer” malware,…
pnpm 11 Enables Default Release-Age Guard to Curb npm Supply Chain Attacks
pnpm 11 has been released with a strong focus on reducing software supply chain risk, introducing security-first defaults that directly address modern package ecosystem threats. The most significant change in pnpm 11 is the introduction of a default Minimum Release…
Cisco Launches AI Provenance Tool to Strengthen Security and Compliance
Artificial intelligence models are integrated into countless enterprise applications, but knowing exactly where these models come from remains a major security hurdle. Cisco recently launched the Model Provenance Kit, an open-source tool for tracing the exact lineage of AI models.…
Bluekit Phishing Kit Streamlines Domains, 2FA Lures, and Session Hijacking
A newly discovered phishing kit called “Bluekit” is reshaping how cybercriminals run phishing campaigns by combining multiple attack stages into a single, centralized platform. Instead, Bluekit integrates these capabilities into one operator panel, streamlining the entire attack lifecycle from setup…
Canvas Confirms Data Breach Following ShinyHunters Claim
Instructure, the educational technology company behind the widely used Canvas Learning Management System (LMS), has officially confirmed a major data breach. This confirmation directly follows recent claims made by the notorious threat actor group known as ShinyHunters. Canvas is a…
Malicious TanStack Package Abuses Postinstall Script to Steal Developer Secrets
A malicious npm package named “tanstack” has been discovered deploying a stealthy data exfiltration campaign, targeting developers through a deceptive naming strategy and a hidden postinstall script. The package, impersonating the well-known TanStack ecosystem, was weaponized to steal sensitive environment files immediately…
Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers
New research has uncovered a Mirai-derived botnet called xlabs_v1 that turns Android devices with exposed Android Debug Bridge (ADB) into a distributed attack platform for knocking Minecraft servers and other game hosts offline. By abusing TCP port 5555 on poorly secured Android-based…
276 Arrested as Authorities Dismantle Crypto Scam Centers Targeting Americans
In an unprecedented international law enforcement operation, authorities have dismantled at least nine overseas cryptocurrency scam centers, resulting in the arrest of 276 individuals. The coordinated effort, led by the FBI, Dubai Police, and the Chinese Ministry of Public Security,…