In the fast-evolving digital landscape of 2026, enterprises grapple with an ever-growing number of applications and services. Employees, partners, and customers interact with a multitude of platforms daily, often leading to “password fatigue” a phenomenon where users juggle countless credentials,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
GitHub and Jira Alerts Hijacked for Trusted-SaaS Phishing
Hackers are abusing GitHub and Jira’s built‑in notification systems to send phishing emails that appear completely legitimate. Because these emails are sent from the platforms’ own mail servers, they pass standard checks like SPF, DKIM, and DMARC, making them very…
Hackers Exploit MSBuild LOLBin to Evade Detection in Fileless Windows Attacks
Cyber attackers are increasingly using Living Off the Land Binaries (LOLBins) to bypass security detection. By leveraging legitimate system tools, these attacks avoid signature-based defenses and operate without dropping traditional malware files. One such LOLBin now gaining attention is MSBuild.exe, a native Windows…
New Nginx 1.29.8 and FreeNginx Versions Patch Critical Security Flaws
Web server administrators need to prioritize a crucial update this week. The developers behind Nginx and the community-driven FreeNginx project have released new versions to address critical security flaws and introduce key enhancements. Released on April 7, 2026, Nginx version…
Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations
European fitness operator Basic-Fit has confirmed a significant data breach affecting approximately one million members across its network. The incident heavily impacted users in the Netherlands, which accounted for 200,000 of the compromised accounts. This breach underscores the persistent targeting…
Iran-Linked CyberAv3ngers Target Water Utilities, Industrial Controllers
Iran-linked threat group CyberAv3ngers is intensifying attacks on U.S. water utilities and industrial control systems, shifting from noisy hacktivism to sustained disruption of operational technology (OT) environments. CyberAv3ngers operates as a state-directed persona for Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC),…
Critical Axios Vulnerability Enables Remote Code Execution, PoC Released
A critical security vulnerability has been discovered in Axios, one of the most widely used HTTP client libraries, exposing applications to Remote Code Execution (RCE) and full cloud infrastructure compromise. Tracked as CVE-2026-40175, this flaw carries a critical CVSS 3.1…
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi‑stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module…
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
A critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score…
APT37 Uses Facebook, Telegram, and Trojanzied Installer in New Targeted Cyberattack
APT37 is running a new targeted intrusion campaign that abuses Facebook, Telegram, and a tampered Wondershare PDFelement installer to gain stealthy access and exfiltrate sensitive data, likely from defense‑related targets. The operation shows a continued evolution of APT37’s social engineering…
Apache Tomcat Flaws Enable EncryptInterceptor Bypass
The Apache Software Foundation has released critical security updates for Apache Tomcat to address three newly disclosed vulnerabilities. Because Apache Tomcat is a widely deployed open-source web server, these flaws pose a significant risk to many enterprise environments. The newly…
WordPress Plugin Vulnerability Enables Admin Takeover via Auth Bypass
A newly disclosed vulnerability, tracked as CVE-2026-1492, has been identified in the User Registration & Membership plugin for WordPress, exposing websites to critical authentication bypass and privilege escalation risks. Affecting versions up to 5.1.2, the vulnerability allows remote attackers to gain full administrative…
EDR Killers Broaden Ransomware Tactics, ESET Warns
Ransomware gangs are rapidly expanding their use of EDR killers, moving beyond vulnerable drivers to a broader mix of scripts, anti‑rootkits, and driverless techniques. The company’s latest telemetry-backed study tracks almost 90 distinct EDR killers actively used in the wild. It…
Adobe Fixes Actively Exploited Zero-Day in Acrobat Reader
Adobe has released an emergency security update to address a critical zero-day vulnerability in Acrobat and Reader for Windows and macOS. According to Adobe’s APSB26-43 bulletin, the flaw is currently being exploited in the wild, prompting a Priority 1 rating…
WhatsApp’s “End-to-End Encryption by Default” Claim Called Consumer Fraud by Pavel Durov
Telegram founder Pavel Durov has publicly criticized WhatsApp, labeling its “end-to-end encryption by default” claim as a massive consumer fraud. He argues that while messages may be encrypted during transit, the default backup settings leave the vast majority of user…
Google Brings End-to-End Encrypted Gmail to Android and iPhone
Google has officially expanded Gmail’s end-to-end encryption (E2EE) feature to Android and iOS devices, empowering organizations and users to protect the confidentiality of email content directly from their mobile devices. This enhancement is part of Gmail’s client-side encryption (CSE) program, enabling stricter compliance…
Elon Musk Announces XChat Launch With Self-Destructing Messages
Elon Musk has officially announced the launch of XChat, a new secure messaging application scheduled to release on iOS devices on April 17. The platform builds upon the existing direct messaging infrastructure of X (formerly Twitter) but introduces a dedicated…
Google Locks Chrome Sessions to Devices to Stop Cookie Theft
Google has officially launched a major security upgrade to protect users from session hijacking. Starting with Chrome version 146 for Windows users, Device Bound Session Credentials (DBSC) is now publicly available. This new feature aims to stop malware from stealing…
Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure. A single threat actor successfully leveraged artificial intelligence platforms to breach nine Mexican government agencies. The campaign,…
EngageSDK Vulnerability puts millions of crypto wallets at risk
A newly disclosed vulnerability in the widely used Android library EngageSDK has raised serious concerns across the cryptocurrency ecosystem, potentially exposing millions of users to data theft and unauthorized access. Security researchers identified a critical “intent redirection” vulnerability in EngageSDK,…