Fluentd, a widely used open-source data collector for unified logging, has reported several high-impact vulnerabilities that could enable attackers to achieve remote code execution (RCE), server-side request forgery (SSRF), denial-of-service (DoS), and the exposure of sensitive credentials. These issues, documented…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New RustDuck Botnet Targets IoT Devices and Servers With Weak Passwords and RCE Exploits
A sophisticated new botnet family dubbed RustDuck emerged in early 2026, leveraging a two-stage Loader and Core architecture to compromise IoT devices, routers, and enterprise servers through brute-force credential attacks and remote code execution vulnerabilities. RustDuck employs a multi-pronged infection…
Anthropic buffa Library Zero-Day Lets Attackers Trigger Memory-Amplification DoS
Anthropic’s Rust-based protobuf library, buffa, has been discovered to have a zero-day memory amplification denial-of-service (DoS) vulnerability. This flaw allows attackers to deplete system memory using relatively small inputs. Endor Labs identified the issue through its AI-powered static application security…
Adobe ColdFusion Critical Vulnerabilities Let Attackers Execute Arbitrary Code
Adobe has released an emergency security bulletin, APSB26-68, addressing 11 vulnerabilities in Adobe ColdFusion 2025 and ColdFusion 2023, with multiple vulnerabilities receiving the maximum CVSS base score of 10.0. Published on June 30, 2026, this bulletin carries Adobe’s highest Priority…
Glitch SPY RAT Abuses Android Accessibility Service for Full Device Control
An emerging Android remote-access trojan platform, tracked as Glitch SPY, that leverages a fraudulent Polish apartment-rental website to trick victims into sideloading a malicious APK. The dropper, identified as the Brokewell Android Loader, presents a plausible rental-app experience while secretly…
Google Chrome 151 Released With 382 Security Fixes for Critical Vulnerabilities
Google has promoted Chrome 151 to the stable channel for Windows, macOS and Linux, delivering a major security update that addresses 382 vulnerabilities across the browser’s core engine, graphics stack, extensions framework and cross‑platform components. The release, dated June 30,…
Attackers Register AI-Hallucinated Domains to Deliver Phishing Kits and Malware
An emergent supply-chain attack vector they term “phantom squatting,” in which large language models (LLMs) routinely hallucinate plausible but nonexistent domains for legitimate brands and adversaries then preemptively register those domains to host phishing kits, malware, and other malicious infrastructure.…
Citrix NetScaler ADC and Gateway Flaws Let Attackers Trigger Memory Overread and Denial-of-Service
Citrix has issued a critical security bulletin addressing multiple high-severity vulnerabilities in NetScaler ADC and NetScaler Gateway. These vulnerabilities could allow attackers to trigger memory overreads, arbitrary file access, and denial-of-service (DoS) conditions across affected deployments. The vulnerabilities are tracked…
Hackers Use Vulnerable Windows Drivers to Kill EDR in Ransomware Attacks
Hackers increasingly rely on vulnerable, legitimately signed Windows drivers to neutralize endpoint defenses, turning defense evasion into a decisive phase of modern ransomware attacks. Over the past three years the Bring Your Own Vulnerable Driver (BYOVD) technique has migrated from…
AI-Powered Reverse Engineering Turns EDR Rule Analysis Into Automated Evasion Workflow
LLMs are reshaping endpoint security research by turning what used to be slow, manual reverse engineering into an automated, repeatable evasion workflow. Recent hands-on experiments with advanced models driving disassembly and local analysis show that a compact harness LLM plus…
Apache Tomcat Vulnerabilities Let Attackers Bypass Authentication and Security Constraints
The Apache Software Foundation has disclosed two security vulnerabilities in Apache Tomcat that can lead to authentication bypass and improper enforcement of security constraints. These vulnerabilities impact various deployments across enterprise environments. They are tracked as CVE-2026-55957 (Important severity) and…
U.S. Commerce Withdraws Export Controls on Anthropic Claude Models After Security Commitments
The U.S. Department of Commerce has recently lifted export controls on Anthropic’s advanced AI models, Claude Fable 5 and Mythos 5, following a series of security and compliance commitments made by the company. This decision represents a significant shift in…
Critical Progress Kemp LoadMaster Vulnerability Enables Pre-Auth Remote Code Execution
Progress’s Kemp LoadMaster, a widely deployed edge load balancer and ADC, is at the center of a critical pre-authentication Remote Code Execution (RCE) vulnerability tracked as CVE-2026-8037. The flaw allows unauthenticated attackers with access to the device API to run…
BumbleBee and AdaptixC2 Deliver Akira Ransomware Through Bing SEO Poisoning
BumbleBee and AdaptixC2 are being used in a highly efficient intrusion chain that starts with Bing SEO poisoning and ends with Akira ransomware deployment, showing how trusted search traffic is now being turned into an enterprise compromise vector. The campaign…
PoC Released for NTLM reflection bypass Vulnerability that Emanbles SYSTEM Access on Windows Server
A proof-of-concept has been published that bypasses Microsoft’s mitigation for the NTLM reflection vulnerability tracked as CVE-2025-33073 and allows escalation to NT AUTHORITY\SYSTEM on Windows Server. The exploit leverages two conceptual weaknesses left unaddressed by the original patch: the mitigation…
Multiple AirDrop and Quick Share Vulnerabilities Allow Attackers to Crash Devices
A new technical analysis has exposed six proximity-transfer flaws across Apple AirDrop, Samsung Quick Share on Android, and Google Quick Share for Windows, showing that device-sharing stacks still contain fragile pre-authentication attack surfaces that can be abused from wireless range.…
SystemBC Malware Turns Windows Machines Into SOCKS5 Proxies for Ransomware Attacks
SystemBC (also tracked as Coroxy) remains a versatile and persistent Windows malware family that operators routinely deploy to convert compromised hosts into SOCKS5 proxy gateways and to maintain remote access for follow-on operations. First observed as a payload in exploit…
Kali Linux 2026.2 Release With new Hacking Tool and With Updated Desktop Environments
Kali Linux 2026.2 arrives on schedule in the final week of Q2 with a pragmatic blend of desktop environment refreshes, infrastructure hardening, and practical usability refinements that will matter to both pentesters and platform maintainers. The release emphasizes polish and…
Boss Scam Uses DLL Sideloading to Hijack WhatsApp Web and Defraud Enterprises
The new “Boss Scam” is a sharp escalation in CEO fraud: attackers now combine impersonation, Windows DLL sideloading, and WhatsApp Web session theft to turn trusted executive channels into fraud infrastructure. The campaign was highlighted in advisories tied to India’s…
Japan Hotel Industry Targeted With TONResolver RAT and Guest Complaint Phishing Emails
Japan’s hotel sector is the latest target of a sophisticated phishing and remote-access trojan (RAT) campaign that leverages guest-complaint lures and an unusual resilience mechanism: a TON blockchain–based dead-drop resolver. Beginning in late May 2026, attackers sent highly targeted emails…