Linux administrators are being urged to update promptly after disclosures of multiple vulnerabilities in GitLab, including flaws that could enable cross-site scripting, authorization bypass, and denial of service in selfmanaged instances. The latest patch releases, GitLab 18.7.1, 18.6.3, and 18.5.5, address these security…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Chinese Hackers Use NFC-Enabled Android Malware to Steal Payment Information
Chinese threat actors are conducting an aggressive campaign that distributes NFC-enabled Android malware capable of intercepting and remotely relaying payment card data via Telegram. Identified as “Ghost Tap” and linked to threat groups including TX-NFC and NFU Pay, the malicious…
CrazyHunter Ransomware Targets Healthcare Sector Using Sophisticated Evasion Tactics
A sophisticated new ransomware variant, CrazyHunter, has emerged as a critical threat to the healthcare sector, employing advanced anti-malware evasion techniques and rapid network propagation that have security researchers deeply concerned. Trellix, which has been actively tracking this threat since…
Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns with Multiple Malware
A custom Windows packer dubbed pkr_mtsi is fueling large-scale malvertising and SEO‑poisoning campaigns that deliver a broad range of information‑stealing and remote‑access malware, according to new research. First observed in the wild on April 24, 2025, the packer remains active and has continuously…
Critical n8n Vulnerability Allows Authenticated Remote Code Execution
A critical security vulnerability has been discovered in n8n, the popular workflow automation tool, potentially allowing authenticated attackers to execute arbitrary code on the host server. Identified as CVE-2026-21877, this high-severity vulnerability affects both self-hosted and n8n Cloud instances, posing a…
Hackers Using Malicious QR Codes for Phishing via HTML Table
Threat actors are continuing to refine “quishing” phishing delivered through QR codes by shifting from traditional image-based payloads to “imageless” QR codes rendered directly in email HTML, a tactic designed to sidestep security tools that focus on decoding QR images.…
Hackers Create Fake DocuSign Login Page to Steal User Credentials
Phishing attacks continue to dominate the cybercrime landscape as threat actors refine their social engineering tactics to evade detection systems. The FBI’s Internet Crime Complaint Center (IC3) recorded 193,407 phishing and spoofing complaints in 2024, making it the year’s top…
Court Demands OpenAI Hand Over 20M Anonymized ChatGPT Chats in AI Copyright Dispute
A federal judge has ordered OpenAI to turn over 20 million anonymized ChatGPT conversation logs in a major copyright lawsuit, rejecting the company’s arguments that privacy concerns should limit the disclosure. District Judge Sidney H. Stein upheld a ruling by…
Google Warns of High-Risk WebView Vulnerability That Breaks Security Controls
Google released Chrome versions 143.0.7499.192/.193 on January 6, 2026, to patch a high-severity vulnerability in WebView that could allow attackers to bypass important security policies. The flaw, tracked as CVE-2026-0628, represents a significant threat to users whose browsers rely on…
Black Cat Hacker Group Uses Fake Notepad++ Websites to Distribute Malware and Steal Data
A sophisticated cyberattack campaign orchestrated by the notorious “Black Cat” criminal gang has been uncovered by CNCERT and Microstep Online, revealing a coordinated effort to compromise internet users through weaponized fake Notepad++ download websites. The operation exploits search engine optimization…
Veeam Backup Vulnerability Exposes Systems to Root-Level Remote Code Execution
Veeam has released a critical security update for its Backup & Replication software to address multiple high-severity vulnerabilities. The most concerning of these flaws could allow attackers to execute remote code with root-level privileges, potentially granting them full control over affected systems. …
Critical AdonisJS Vulnerability Allows Remote Attackers to Write Files on Server
A critical path traversal vulnerability has been discovered in AdonisJS’s multipart file handling, potentially allowing remote attackers to write arbitrary files to server locations outside the intended upload directory. The vulnerability, tracked as CVE-2026-21440, affects @adonisjs/bodyparser versions through 10.1.1 and…
New n8n Vulnerability Allows Attackers to Execute Arbitrary Commands
A critical vulnerability has been discovered in n8n, an open-source automation and workflow platform, that could allow authenticated users to execute arbitrary commands on vulnerable systems. The flaw, tracked as CVE-2025-68668, affects all n8n versions from 1.0.0 to 1.999.999 and…
Threat Actors Exploit Office Assistant to Deliver Malicious Mltab Browser Plugin
A sophisticated malware campaign has been discovered exploiting Office Assistant, a widely used AI-powered productivity software in China, to distribute a malicious browser plugin that hijacks user traffic and exfiltrates sensitive information. The RedDrip Team from QiAnXin Technology’s Threat Intelligence…
Copilot, Recall, and Other AI Tools Can Be Removed from Windows 11 with New Tool
A new community tool is giving Windows 11 users far more control over Microsoft’s growing stack of AI features. An open‑source project called RemoveWindowsAI now lets administrators and power users disable or strip out components such as Copilot, Recall, and other AI…
CloudEyE MaaS Downloader and Cryptor Infects Over 100,000 Users Globally
ESET Research has uncovered a significant surge in CloudEye malware detections, with a 30-fold increase in the second half of 2025. The security firm detected more than 100,000 infection attempts over the six months, signaling a widespread threat affecting organizations…
GHOSTCREW: AI-Powered Red Team Toolkit Integrating Metasploit, Nmap, and More
A new open-source tool is bridging the gap between artificial intelligence and offensive security operations. GHOSTCREW is an advanced AI red team assistant that leverages Large Language Models (LLMs), Model Context Protocol (MCP), and Retrieval-Augmented Generation (RAG) to automate complex penetration…
ProfileHound: Post-Escalation Tool Designed to Achieve Red Team Objectives
ProfileHound emerges as a specialized post-exploitation instrument for offensive security professionals seeking to identify high-value targets within Active Directory environments. The tool addresses a critical gap in red-team reconnaissance by enumerating domain user profiles stored on compromised machines, enabling operators…
Kimwolf Botnet Exploits 2 Million Devices to Build a Global Proxy Infrastructure
A massive new botnet dubbed “Kimwolf” has infected over 2 million devices globally, transforming innocent users’ home internet connections into secret proxy nodes for cybercriminals. According to a new report by security firm Synthient, the botnet has grown explosively by…
Attackers Leverage FortiWeb Vulnerabilities to Deploy Sliver C2 for Long-Term Access
Threat researchers have uncovered a sophisticated attack campaign targeting FortiWeb web application firewalls across multiple continents, with adversaries deploying the Sliver command-and-control framework to establish persistent access and establish covert proxy infrastructure. The discovery came from analyzing exposed Silver C2…