The Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and stored cross-site scripting (XSS) vulnerabilities that could allow threat actors to execute arbitrary code or hijack…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Qinglong Task Scheduler RCE Flaws Exploited in the Wild
Hackers are actively exploiting two severe authentication bypass vulnerabilities in Qinglong, a popular open-source task scheduling platform. These flaws allow attackers to execute arbitrary code and deploy resource-draining cryptomining malware on vulnerable servers. Qinglong is a self-hosted task management platform…
Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets
Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP npm packages in a new campaign named Mini Shai Hulud. The operation relies on injecting…
ProFTPD SQL Injection Flaw Opens Door To Remote Code Execution Attacks
A newly disclosed flaw in ProFTPD is drawing urgent attention because it can let attackers move from a simple SQL injection bug to authentication bypass, privilege escalation, and in some environments even remote code execution. Tracked as CVE-2026-42167, the issue…
SonicWall SonicOS Flaw Lets Attackers Bypass Access Controls and Crash Firewalls
SonicWall has released a security advisory detailing three new vulnerabilities affecting its SonicOS software. Disclosed on April 29, 2026, under advisory ID SNWLID-2026-0004, these security flaws open the door for attackers to bypass access controls, manipulate restricted files, and intentionally…
Linux Kernel 0-Day “Copy Fail” Grants Root Access Across Major Distros Since 2017
Security researchers have disclosed a critical zero-day vulnerability in the Linux kernel dubbed “Copy Fail” (CVE-2026-31431), which allows unprivileged local users to gain root access. Using a tiny 732-byte Python script, attackers can exploit a logic flaw present in major…
Lazarus Targets macOS Users With New “Mach-O Man” Malware Kit
Lazarus Group is abusing “ClickFix” social engineering to push a new macOS malware kit dubbed “Mach-O Man,” giving attackers a direct path to credentials, Keychain secrets, and corporate access in fintech and crypto environments. This research is authored by Mauro Eldritch, an…
Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft
Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed “CursorJacking,” this flaw carries a CVSS score of 8.2 and exposes developers to immediate credential theft. Any installed extension can silently access a…
CISA Warns of ConnectWise ScreenConnect Flaw Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in ConnectWise ScreenConnect. CVE-2024-1708 is currently being exploited in real-world attacks. Because of this active threat, CISA officially added the flaw to its…
Cursor AI Coding Agent Vulnerability Lets Attackers Run Code on Developers’ Machines
A newly disclosed high-severity vulnerability in the Cursor AI-powered coding environment could allow attackers to execute arbitrary code on a developer’s machine, raising fresh concerns about the security of AI-assisted development workflows. The vulnerability was officially published by Cursor in…
U.S. Charges Suspected Scattered Spider Member Over Cyber Intrusions
Federal authorities have charged 19-year-old Peter Stokes, known online as “Bouquet,” for his alleged role in the notorious cybercriminal group Scattered Spider. Law enforcement arrested the dual U.S. and Estonian citizen earlier this month in Helsinki as he attempted to…
VECT 2.0 Ransomware Wipes Large Files Across Windows, Linux & ESXi
The “new” VECT 2.0 ransomware is essentially a cross‑platform data wiper that permanently destroys most enterprise files rather than encrypting them for recovery. For any file larger than 131,072 bytes (128 KB), VECT processes four separate chunks using four different…
Vimeo Confirms Data Breach After Hackers Access User Database
Vimeo has officially confirmed a data breach affecting its user database. The security incident did not originate with Vimeo, but rather with Anodot, a third-party analytics vendor used by the video hosting platform. This event highlights the ongoing risks associated…
SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis
A previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early 2026. The malware demonstrates advanced evasion techniques and flexible post-exploitation capabilities, making it a notable addition…
LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection
Minecraft players are being lured with a fake hacking tool called “Slinky” that secretly installs a powerful infostealer dubbed LofyStealer (also tracked as GrabBot), linked to the Brazilian cybercrime group LofyGang. The malware uses a Node. js-based loader and an…
Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi
Vect 2.0 Ransomware‑as‑a‑Service (RaaS) operation is rapidly evolving into a multi‑platform threat that can encrypt Windows, Linux, and VMware ESXi environments across modern hybrid infrastructures. The group runs a classic affiliate model, renting out its ransomware and TOR‑based infrastructure to partners…
CISA Warns of Windows Shell Zero-Day Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026, the agency officially added CVE-2026-32202 to its Known Exploited Vulnerabilities (KEV) catalog. This critical flaw…
Microsoft Confirms Remote Desktop Warning Issue After April Update
Microsoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26H1 (KB5083768, OS Build 28000.1836), the update was intended to harden systems against malicious .rdp files.…
cPanel Releases Emergency Patch for Critical Authentication Flaw
Web hosting administrators must take immediate action, as cPanel has rolled out an emergency security update to address a critical vulnerability. Disclosed on April 28, 2026, this flaw impacts various authentication paths within the cPanel and WebHost Manager (WHM) ecosystem.…
BlueNoroff Deploys Fileless PowerShell in AI-Generated Zoom Lure Campaign
A sophisticated BlueNoroff campaign targeting cryptocurrency executives through fake Zoom meetings enhanced with AI-generated deepfakes and fileless PowerShell malware. The North Korean state-sponsored group successfully compromised a North American Web3 company in January 2026, maintaining persistent access for 66 days…