A new GlassWorm-linked supply chain attack abusing the Open VSX Registry, this time via a suspected compromise of a legitimate publisher’s credentials rather than typosquatted packages. The Open VSX security team assessed the activity as consistent with leaked tokens or…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
A malicious application on the Google Play Store masquerading as a legitimate document reader. The deceptive application, which has accumulated over 50,000 downloads, functions as a dropper for the notorious Anatsa banking trojan, a sophisticated malware strain known for targeting…
Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
Hundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are weaponizing the platform’s extensibility features to deliver droppers, backdoors, and infostealers disguised as legitimate automation…
GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration
A new Android spyware campaign that uses romance scams and fake chat profiles to spy on users in Pakistan. The malicious app, named GhostChat and detected as Android/Spy.GhostChat.A, disguises itself as a dating chat platform but is actually built for…
Mozilla Introduces Global Kill Switch for Firefox AI Capabilities
Mozilla has rolled out comprehensive AI controls in Firefox 148, launching February 24, 2026, allowing users to globally disable all generative AI features across the browser. The update addresses growing user concerns about AI integration while maintaining optional AI functionality…
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
In March 2025, the Ricochet Chollima APT group, widely recognized as APT37 and linked to North Korean state-sponsored operations, launched a targeted spear-phishing campaign against activists focused on North Korean affairs. The threat actors initiated the attack chain via spear-phishing…
New “Punishing Owl” Hacker Group Targets Networks Linked to Russian Security Agency
A previously unknown threat actor calling itself Punishing Owl has claimed responsibility for breaching a Russian government security agency, marking the emergence of what cybersecurity researchers believe is a new politically motivated hacktivist collective. The attack demonstrated sophisticated operational security…
Russian Hacker Alliance Launches Large-Scale Cyberattack Targeting Denmark
A pro-Russian hacker alliance calling itself “Russian Legion” has issued direct threats against Denmark, warning of large-scale cyberattacks linked to the country’s planned military support to Ukraine. The campaign appears designed to combine disruptive cyber activity with psychological pressure on…
Over 21,000 OpenClaw AI Instances Leak Personal Configuration Data
The open-source AI assistant OpenClaw experienced explosive growth, expanding from approximately 1,000 active instances to over 21,000 in just seven days. Created by Austrian developer Peter Steinberger, the personal AI assistant integrates with email, calendars, smart-home systems, and food-delivery services,…
DynoWiper Malware Targets Energy Firms in Destructive Data-Wiping Attacks
A new data-wiping malware dubbed DynoWiper, deployed against an energy company in Poland in late December 2025. The malware’s tactics, techniques, and procedures closely mirror those observed in earlier ZOV wiper incidents in Ukraine, prompting ESET to attribute DynoWiper to…
Coordinated Cyberattacks Hit 30 Wind and Solar Farms Across Poland
On December 29, 2025, Poland experienced a significant escalation in coordinated cyberattacks targeting critical energy infrastructure. More than 30 wind and photovoltaic farms, a manufacturing company, and a large combined heat and power plant supplying heating to approximately 500,000 customers…
Windows 11 Introduces New Feature to Block Unauthorized Access to System Files
Microsoft has released KB5074105, a critical preview update for Windows 11 versions 25H2 and 24H2 (OS Builds 26200.7705 and 26100.7705), introducing enhanced security mechanisms to prevent unauthorised access to sensitive system files. This non-security update significantly improves the operating system’s…
ShadowHS: New Stealthy Fileless Linux Malware Spreads Automatically
A sophisticated fileless Linux malware framework, ShadowHS, that represents a significant evolution in post-exploitation tooling. Unlike traditional malware binaries, ShadowHS operates entirely in memory and demonstrates advanced operator-driven capabilities designed specifically for long-term persistence in defended enterprise environments. ShadowHS is…
Notepad++ Users Targeted After State-Backed Attackers Hijack Update Servers
Notepad++ fell victim to a sophisticated supply chain attack orchestrated by state-sponsored threat actors who compromised its update infrastructure over a six-month campaign. Security experts have attributed the attack to a Chinese state-backed group based on the highly selective targeting…
PeckBirdy Hackers Abuse LOLBins Across Environments to Deploy Advanced Malware
A sophisticated JScript-based command-and-control framework, PeckBirdy, since 2023, exploiting living-off-the-land binaries (LOLBins) to deliver modular backdoors across diverse execution environments. The framework has been observed in two coordinated campaigns, SHADOW-VOID-044 and SHADOW-EARTH-045, targeting Chinese gambling industries, Asian government entities, and…
Hackers Target MongoDB Instances to Delete Databases and Plant Ransom Notes
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls. Recent research reveals that opportunistic threat actors are leveraging automated scripts to wipe databases and…
Best E-Signature Solutions For Secure Digital Signing In 2026
As digital transactions become the backbone of modern business, secure electronic signatures are no longer optional. In 2026, organizations face increasing risks related to document fraud, identity theft, and regulatory violations. Choosing the right e-signature solution is now a cybersecurity…
Top 10 Best DNS Filtering Solutions 2026
In 2026, the perimeter is gone. Your users are everywhere, and the “castle and moat” security model is obsolete. The most effective way to secure a hybrid workforce is through DNS filtering and Secure Access Service Edge (SASE). These tools…
Metasploit Update Introduces 7 Exploit Modules Affecting Popular Enterprise Platforms
A significant Metasploit Framework update (version 6.4.111) featuring seven new exploit modules that target critical vulnerabilities across widely deployed enterprise systems. This release demonstrates the increasing sophistication of attack chains leveraging authentication bypass vulnerabilities chained with subsequent code execution techniques.…
SCADA Flaw Enables DoS Condition, Impacting Availability of Affected Systems
A vulnerability affecting the Mitsubishi Electric Iconics Suite, a widely deployed supervisory control and data acquisition (SCADA) system used across industrial sectors, including automotive, energy, and manufacturing. The flaw, tracked as CVE-2025-0921, carries a CVSS score of 6.5 (Medium severity)…