Hackers are exploiting Google Cloud Storage to bypass email and web filters and deliver Remcos RAT through convincing Google Drive–themed phishing campaigns that blend social engineering with fileless, multi‑stage execution chains. Phishing emails link to Google Cloud Storage buckets named…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Trusted WordPress Plugins Hijacked in 8-Month Stealth Backdoor Campaign
Hackers secretly planted a remote code-execution backdoor in more than 30 popular WordPress plugins, leaving it dormant for about 8 months before activating malware that rewrote wp-config.php and injected cloaked SEO spam at scale. The incident centers on “Essential Plugin,”…
Windows Active Directory Flaw Opens Door to Malicious Code Execution
Microsoft disclosed a critical security vulnerability within Windows Active Directory that exposes enterprise networks to severe risks. Tracked officially as CVE-2026-33826, this vulnerability allows authenticated attackers to execute malicious code remotely over an adjacent network. Given its critical classification, network…
Hackers Exploit Hidden Microsoft 365 Mailbox Rules to Steal Sensitive Business Emails
Attackers are quietly abusing Microsoft 365 mailbox rules to steal emails, hide alerts, and maintain long-term access without installing malware. These stealthy tactics are increasingly common in business email compromise (BEC) campaigns targeting enterprise users worldwide. After gaining initial access…
Microsoft Rolls Out KB5083769 Update for Windows 11 24H2 and 25H2
Microsoft has released KB5083769, the April 14, 2026 cumulative security update for Windows 11 versions 24H2 and 25H2, moving the operating system to builds 26100.8246 and 26200.8246 respectively. The update bundles the latest security fixes with quality improvements that were…
Agentic LLM Browsers Open New Front in Prompt Injection, Data Theft
Agentic LLM browsers are turning everyday browsing into automated, AI-driven workflows but they also expose a powerful new attack surface for prompt injection and data theft. By letting an AI “drive” the browser with your full session, cookies, and permissions,…
FUNNULL Scam Network Resurfaces With 175+ Rotating Domains Worldwide
FUNNULL-Linked Triad Nexus has quietly rebuilt its scam infrastructure, now rotating through more than 175 CNAME domains to keep a sprawling global fraud and brand‑impersonation network online. Following U.S. Treasury sanctions in May 2025 against FUNNULL Technology Inc., a core…
Microsoft Warns of Actively Exploited SharePoint Server Zero-Day
Microsoft issued an urgent security update addressing an actively exploited zero-day vulnerability in its SharePoint Server platform. The flaw, officially tracked as CVE-2026-32201, allows unauthenticated attackers to conduct network-based spoofing attacks. Because threat actors are already exploiting this weakness in…
Ivanti Neurons for ITSM Vulnerabilities Let Remote Attackers Hijack User Sessions
Ivanti has issued a security advisory detailing two medium-severity vulnerabilities affecting its Neurons for IT Service Management (ITSM) platform. If left unpatched, these security flaws could allow remote authenticated attackers to compromise user sessions and maintain unauthorized access to corporate…
OpenAI Introduces GPT-5.4 for Reverse Engineering, Vulnerability Discovery, and Malware Analysis
OpenAI has officially launched GPT-5.4-Cyber, a specialized variant of its latest artificial intelligence model explicitly fine-tuned for defensive cybersecurity. Alongside this release, the organization is significantly scaling its Trusted Access for Cyber (TAC) program, providing verified security professionals with advanced…
Fortinet Fixes 11 Security Flaws Affecting FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager
Fortinet has recently released a comprehensive security update, patching 11 newly identified vulnerabilities across several of its core enterprise products. The security flaws affect critical infrastructure components, including FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager. Addressing these vulnerabilities is paramount for organizations…
JanaWare Ransomware Hits Turkish Users via Customized Adwind RAT
A new ransomware campaign dubbed “JanaWare”, leveraging a customized variant of the Adwind remote access Trojan (RAT) to target users in Turkey. The malware exhibits polymorphic behavior, advanced obfuscation, and strict geofencing controls to restrict activity to Turkish systems, signaling a focused and…
Microsoft Patch Tuesday April 2026 Fixes 168 Flaws, Including an Actively Exploited Zero-Day
Microsoft has released its highly anticipated April 2026 Patch Tuesday security updates, addressing a massive 168 vulnerabilities across its vast product portfolio. According to recent cybersecurity news reports, this comprehensive update includes a patch for one actively exploited zero-day vulnerability…
Dragon Boss Solutions Supply Chain Attack Exposes 25,000+ Endpoints
Early on Sunday, 22 March 2025, what initially appeared to be routine adware suddenly escalated into a serious supply chain risk across managed environments. Seemingly benign executables, signed by Dragon Boss Solutions LLC, were using a built-in update mechanism to…
Top 10 Best Passwordless Authentication Solutions in 2026
Passwords are susceptible to phishing, brute-force attacks, credential stuffing, and human error, leading to an alarming number of data breaches and significant financial losses for enterprises worldwide. The frustration of forgotten passwords and endless resets also plagues users, leading to…
Mirax Android RAT Hijacks Infected Phones as Residential Proxies
A new Android banking trojan called Mirax is rapidly gaining traction in the cybercrime ecosystem, combining powerful remote access features with residential proxy capabilities to turn victims’ smartphones into high-value infrastructure nodes. Mirax is marketed as a premium Android RAT and banking…
PlugX USB Worm Hits Multiple Continents via DLL Sideloading
A new PlugX USB worm variant is driving fresh infection waves across several continents, using DLL sideloading and stealthy USB-based propagation to evade detection. First observed in Papua New Guinea in August 2022, the same strain resurfaced months later not…
Botnet Exposed: Hackers Leave Worker Access and Root Passwords Wide Open
Hackers have left a live Twitter/X credential‑stuffing botnet effectively unlocked, exposing its full command‑and‑control stack, worker fleet, and root passwords to anyone who knows where to look. The C2 runs on a Windows Server 2019 instance hosted by Hetzner in…
Janela RAT Spreads via Fake MSI Installers, Malicious Extensions
Janela Remote Access Trojan (RAT) campaign using fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and exfiltrate sensitive data. The latest Janela RAT samples are being distributed through public GitLab repositories, where attackers host MSI installation files disguised as legitimate software installers.…
AI Codex Exploits Samsung TV Driver Flaw to Gain Root Access
A new experiment has shown how an AI coding assistant, Codex, can independently escalate privileges on a Samsung Smart TV by abusing dangerously exposed kernel drivers in Samsung’s KantS2 Tizen firmware. Working from an existing browser foothold, Codex chained together…