Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to upload malicious code and execute commands on affected systems. The company released a Critical Patch on…

Read more →

Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer and CI environments. The package imitates Go’s trusted cryptography library to turn ordinary password prompts into…

Read more →

The cybersecurity community is witnessing a rise in credential‑stuffing attacks targeting corporate Single Sign‑On (SSO) systems, with recent campaigns focusing on F5 BIG‑IP devices. To understand the source of the stolen logins, Defused Cyber analyzed a dataset of 70 unique…

Read more →

The FreeBSD Project has disclosed a critical security vulnerability, tracked as CVE-2025-15576, which allows attackers to escape jail environments and gain unauthorized access to the full host filesystem. This flaw impacts FreeBSD versions 14.3 and 13.5, leaving unpatched systems exposed…

Read more →

The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers. The incident, which included an extortion attempt, has raised serious concerns about customer privacy and data security in the telecom sector.…

Read more →

A Go‑based remote administration tool known as Vshell is emerging as a favored alternative to Cobalt Strike among both red teams and threat actors. Though marketed as a legitimate network administration and security testing platform, recent analyses indicate that Vshell’s powerful post‑compromise…

Read more →

Microsoft is expanding its threat detection capabilities by extending Microsoft Defender for Office 365 (MDO) URL click alerting into Microsoft Teams. This critical update allows security teams to detect, investigate, and respond to potentially malicious link clicks within Teams messages,…

Read more →

Microsoft Defender researchers have uncovered a new campaign that abuses trojanized gaming utilities to deliver multi‑stage malware with remote access, data theft, and payload delivery capabilities. Attackers are masquerading as popular tools such as Xeno.exe and RobloxPlayerBeta.exe, tricking gamers into…

Read more →

North Korean threat group APT37 is using a new multi‑stage toolset to jump air‑gaps and conduct deep surveillance by abusing removable media, Ruby, and cloud services in a campaign Zscaler ThreatLabz tracks as “Ruby Jumper.”​ The campaign’s main goal is…

Read more →

Juniper Networks has issued an out-of-cycle critical security bulletin addressing a severe vulnerability affecting its PTX Series routers running Junos OS Evolved. The flaw allows an unauthenticated, network-based attacker to execute malicious code with root privileges, potentially leading to complete…

Read more →

Security researchers at Truffle Security discovered that legacy public-facing Google API keys can silently gain unauthorized access to Google’s sensitive Gemini AI endpoints. This flaw exposes private files, cached data, and billable AI usage to attackers without any warning or…

Read more →

Agent Tesla continues to cement its status as one of the most persistent remote access trojans (RATs) in the global threat landscape. Known for its data‑stealing capabilities and extensive distribution network, this malware remains a weapon of choice for low‑skilled…

Read more →

Wireshark has released version 4.6.4, delivering security and stability fixes that address several denial‑of‑service risks and multiple crashes in protocol dissectors and tools. The update is recommended for all users, especially analysts working with untrusted capture files or live traffic…

Read more →

Marquis Software Solutions has filed a lawsuit against cybersecurity firm SonicWall, claiming a vulnerability in SonicWall’s cloud backup service led directly to a ransomware attack on its network. Filed in a Texas federal court, the complaint highlights a massive failure…

Read more →

A dangerous new scam is targeting Zoom users by exploiting their trust in video meeting invites. Over just twelve days, 1,437 Windows users unknowingly installed a malicious version of the Teramind monitoring agent after visiting a fake Zoom meeting page designed to trigger silent…

Read more →

OpenAI has confirmed that Chinese-linked operators misused ChatGPT as part of a broader campaign that blended cyber operations, online harassment, and covert influence tactics, according to its latest threat report “Disrupting malicious uses of AI.”   While the models were not…

Read more →

Zyxel has rolled out critical security patches for multiple vulnerabilities affecting its 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, Security Routers, and Wireless Extenders. The flaws range from null pointer dereferences causing Denial-of-Service (DoS) to severe command injections allowing…

Read more →

A sophisticated cloaking platform called 1Campaign, designed to help attackers run malicious Google Ads campaigns while evading detection. The service acts as a full‑service infrastructure for malvertising, filtering out researchers and automated scanners to keep phishing and cryptocurrency drainer sites…

Read more →

ServiceNow has disclosed a critical security vulnerability in its AI Platform that could allow unauthenticated attackers to remotely execute code within the ServiceNow Sandbox environment. Tracked as CVE-2026-0542, the flaw was formally published on February 25, 2026, under security advisory KB2693566. Overview…

Read more →

A hacker successfully manipulated Anthropic’s Claude AI to launch a sophisticated month-long cyberattack against Mexican government agencies. Between December 2025 and January 2026, the attacker utilized “jailbreaking” techniques to bypass safety guardrails, forcing the AI to identify vulnerabilities, generate functional…

Read more →