The world is in major need of more cyber security expert with relevant cyber security skills. A recent report by Cybersecurity Ventures predicted that around 3.5 million cybersecurity positions will be unfilled by 2021. Between 2017 and 2018, demand for…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Node.js Security Release Fixes 7 Vulnerabilities Across All Supported Versions
The Node.js project has released critical security updates addressing multiple vulnerabilities affecting all active release lines. On January 13, 2026, the Node.js team announced patches for versions 20.x, 22.x, 24.x, and 25.x, tackling three high-severity issues, four medium-severity issues, and…
Microsoft Desktop Window Manager Zero-Day Exploited in Active Attacks
Microsoft has disclosed a critical information disclosure vulnerability in the Desktop Window Manager that threat actors are actively exploiting. The vulnerability, tracked as CVE-2026-20805, was publicly released on January 13, 2026, and allows authenticated local attackers to access sensitive information…
Charity-Themed Malware Used by Threat Actors to Target Ukraine’s Defense Forces
Ukrainian cybersecurity authorities have uncovered a sustained, targeted campaign against Ukraine’s defense forces, orchestrated by Russian-affiliated threat actors that disguise malware distribution as charitable donation requests. Between October and December 2025, the National Cyber Incident Response Team of Ukraine (CERT-UA)…
An AI-Driven Game-Theoretic Approach to Attack and Defense
A new research effort from Alias Robotics and Johannes Kepler University Linz proposes a game-theoretic “brain” for cybersecurity AI, aiming to push automated penetration testing and defense planning beyond human-level performance. The work introduces Generative Cut-the-Rope (G-CTR), a guidance layer…
FortiOS and FortiSwitchManager Flaw Allows Remote Code Execution
A high heap-based buffer overflow vulnerability in the cw_acd daemon component of Fortinet’s FortiOS and FortiSwitchManager has been disclosed, enabling remote unauthenticated attackers to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2025-25249, carries a high CVSS v3.1…
Microsoft January 2026 Patch Tuesday Fixes 114 Flaws, Including 3 Zero-Days
Microsoft has released its January 2026 Patch Tuesday security updates, addressing 114 vulnerabilities across Windows, Office, and other products. The update includes three actively exploited zero-day vulnerabilities and 12 critical-severity flaws that require immediate attention from system administrators. The January…
New Magecart Campaign Steals Credit Card Details During Online Checkouts
Cybersecurity researchers at Silent Push Preemptive Cyber Defense have uncovered an extensive and sophisticated web-skimming campaign that has been actively stealing credit card data from e-commerce websites since at least January 2022. The ongoing operation, operating under the umbrella term…
Analysis of VoidLink: A Cloud-Native Malware Threat Targeting Linux Systems
A sophisticated Linux malware framework, VoidLink, has been identified by Check Point Research, representing a significant escalation in threats targeting cloud-native environments. The advanced framework, developed by Chinese-affiliated developers, combines custom loaders, implants, rootkits, and over 30 modular plugins specifically…
Android Banking Malware deVixor Actively Targeting Users with Ransomware Capabilities.
A sophisticated Android banking trojan known as deVixor has emerged as a significant threat to mobile users, combining financial data theft, device surveillance, and ransomware capabilities into a single malicious platform. Active since October 2025, the malware represents a concerning…
HoneyTrap: Outsmarting Jailbreak Attacks on Large Language Models
Researchers from Shanghai Jiao Tong University, the University of Illinois at Urbana-Champaign, and Zhejiang University have unveiled HoneyTrap, a groundbreaking deceptive defense framework designed to counter progressively intensifying jailbreak attacks on large language models. The novel approach leverages collaborative multi-agent…
PowerShell-Driven Multi-Stage Windows Malware Using Text Payloads
Security researchers have identified a sophisticated multi-stage malware campaign dubbed SHADOW#REACTOR that chains together obfuscated Visual Basic Script (VBS) execution, resilient PowerShell stagers, text-only payload delivery mechanisms, and .NET Reactor–protected in-memory loaders to deploy Remcos RAT while evading detection and…
5 Facts You Should Know About Cybersecurity
Are you fascinated by the world of cybersecurity? If so, then keep on reading. We are going to be listing five facts about the cybersecurity world, and explaining them. Are you interested in a degree in cybersecurity? You can learn…
Hackers Remotely Took Control of an Apex Legends Player’s Inputs
A critical security vulnerability has emerged in Respawn Entertainment’s popular battle royale title, allowing threat actors to remotely manipulate player inputs without requiring code execution capabilities. Respawn Entertainment, the developer of Apex Legends, has confirmed an active security incident affecting…
3 Best Android Apps to Help College Students
For college students, it’s always difficult to keep all their lessons and homework well-organized as well as manage their time. Sometimes for some of them, it may seem that life turns into an endless circle, and every new day just…
ServiceNow Vulnerability Enables Privilege Escalation Without Authentication
A critical privilege escalation vulnerability has been identified in ServiceNow’s AI Platform, posing significant risks to enterprise users worldwide. Tracked as CVE-2025-12420, this security flaw allows unauthenticated attackers to impersonate other users and execute unauthorized operations based on the compromised account’s…
Multiple Hikvision Flaws Allow Device Disruption via Crafted Network Packets
Hikvision has disclosed two high buffer overflow vulnerabilities affecting its security devices that could allow network-based attackers to cause device malfunctions. The security flaws, tracked as CVE-2025-66176 and CVE-2025-66177, impact select access control products and video recording systems. Both vulnerabilities…
DPRK Hackers Earn $600M Posing as Remote Workers
The landscape of corporate espionage has undergone a fundamental transformation. For decades, security teams focused their efforts on identifying disgruntled employees or negligent contractors the traditional “insider threat.” Today, the most dangerous infiltrator is not a rogue staffer but rather…
Hackers Exploit Browser-in-the-Browser Trick to Hijack Facebook Accounts
Facebook’s massive 3 billion active users make it an attractive target for sophisticated phishing campaigns. As attackers grow more inventive, a hazardous technique is gaining traction: the “Browser-in-the-Browser” (BitB) attack. This advanced social engineering method creates custom-built fake login pop-ups…
Organized Desktop: Top 6 Best Mac Apps for Productivity to Keep You Organized
The best Mac apps for productivity will help you get organized. Many people have a problem keeping an organized desktop because they don’t take advantage of the many apps available. Organization apps are designed to keep your desktop from getting…