Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting Canadian users. By hijacking live Microsoft 365 sessions, the group redirects payroll deposits to attacker-controlled bank…

Read more →

A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE-2025-59145 with a critical CVSS score of 9.6, this vulnerability required no malicious code execution. Instead,…

Read more →

Cybercriminals are exploiting the massive hype around BTS’s return to the global stage by launching a wave of fake ticketing websites targeting fans across multiple countries. The K-pop group recently reunited after nearly four years, during which members completed mandatory…

Read more →

Censys has warned that more than 5,000 Rockwell Automation/Allen-Bradley PLCs are currently exposed to the internet as Iranian-affiliated APT actors actively target these devices across U.S. critical infrastructure. The same operators were previously associated with a November 2023 campaign that…

Read more →

Cybersecurity researchers have uncovered five significant security vulnerabilities in the TP-Link Archer AX53 v1.0 router. If left unpatched, these critical flaws could allow attackers to take full control of the device, steal sensitive network data, and compromise connected systems. Because…

Read more →

A newly disclosed security flaw in HPE Aruba Networking Private 5G Core On-Prem is putting enterprise networks at severe risk of credential theft. Documented under the security bulletin HPESBNW05032EN_US, this vulnerability targets the platform’s graphical user interface and allows threat…

Read more →

Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and political figures across the Middle East, in a hack‑for‑hire campaign linked to the BITTER APT group. The campaign has been active since…

Read more →

Hackers are increasingly abusing trusted software development platforms GitHub and GitLab to host malware and credential phishing campaigns, making defensive detection significantly harder for enterprises. Because these Git-based platforms are deeply integrated into development and business workflows, organizations cannot simply…

Read more →

A newly disclosed high-severity vulnerability in React Server Components could allow unauthenticated attackers to trigger a Denial of Service (DoS) condition. Tracked as CVE-2026-23869, this flaw poses a significant risk to web applications using specific server-side rendering packages. Because the…

Read more →

Juniper Networks has issued a critical security alert regarding a severe vulnerability in its Support Insights (JSI) Virtual Lightweight Collector (vLWC). Tracked as CVE-2026-33784, this default credential flaw carries a near-maximum CVSS v3.1 severity score of 9.8. If left unresolved,…

Read more →

MuddyWater is now weaponizing a Russian malware-as-a-service (MaaS) platform to run a new operation dubbed “ChainShell”, blending Iranian state targeting with commercially developed cybercrime tooling. The assessment is based on a misconfigured command‑and‑control (C2) web server, 15 malware samples, and…

Read more →

A newly discovered jailbreak technique named “sockpuppeting” successfully forces 11 leading artificial intelligence models, including ChatGPT, Claude, and Gemini, to bypass their safety guardrails. By exploiting a standard application programming interface (API) feature with a single line of code, attackers…

Read more →

A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace. GlassWorm is not new. Researchers have tracked the campaign since March 2025, when attackers hid malicious payloads inside npm…

Read more →

AWS recently issued a critical security bulletin addressing severe vulnerabilities in its Research and Engineering Studio (RES). RES is an open-source web portal that allows administrators to create and manage secure cloud-based research environments. Security researchers identified three major flaws…

Read more →

DesckVB RAT is emerging as a highly active and stealthy malware threat in 2026, leveraging layered obfuscation and fileless execution techniques to bypass traditional security defenses. The attack chain begins with a malicious JavaScript file that hides its true intent…

Read more →

For years, WhatsApp required users to share their personal phone numbers to communicate. This is finally changing. To improve user privacy and mitigate risks like doxing or targeted spam, WhatsApp is rolling out a highly anticipated username feature. This update…

Read more →

Hackers are abusing ClickFix commands and booby-trapping DMG installers to deliver a new macOS stealer called notnullOSX, built to loot high-value crypto wallets from Mac users. The story starts with 0xFFF, a malware developer who abruptly quit a major Russian-speaking…

Read more →

Security researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with a sophisticated credit card skimmer. To evade security scanners and steal shopper payment data seamlessly, attackers concealed the malicious payload…

Read more →

A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google Drive login page…

Read more →

A stealthy new remote access trojan, dubbed STX RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced evasion and encryption techniques to stay under the radar of security tools. The operators rely on opportunistic initial access, including…

Read more →