Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Cybersecurity researchers have discovered a critical evasion technique in Palo Alto Networks’ Cortex XDR agent that allowed attackers to completely bypass behavioral detections. The research demonstrates how predefined Behavioral Indicators of Compromise (BIOC) rules, shipped encrypted by Palo Alto, could…

Read more →

Threat actors are increasingly turning to trusted infrastructure to launch their attacks, making it harder for automated security tools to flag malicious activity. A newly identified phishing campaign highlights this growing trend by abusing compromised websites to harvest valuable corporate…

Read more →

A newly identified campaign shows how Software-as-a-Service (SaaS) platforms like LiveChat are being weaponized to steal sensitive data in real time. Unlike traditional phishing attacks that rely on fake login pages or static forms, this tactic uses live chat conversations…

Read more →

Global medical technology giant Stryker suffered a massive cybersecurity incident on March 11, 2026, resulting in the remote wiping of thousands of corporate devices. A pro-Iranian hacktivist group known as Handala has claimed responsibility for the attack, which severely disrupted…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two highly critical zero-day vulnerabilities. These flaws, which primarily affect Google Chrome and its underlying technologies, are currently being exploited in the wild by malicious actors. As…

Read more →

Over the past few years, the enterprise attack surface has shifted decisively toward network infrastructure, with attackers increasingly abusing routers, VPNs, firewalls, and other edge devices for initial access and long‑term persistence. Research from Verizon and others has documented an…

Read more →

Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and…

Read more →

A new cyber espionage campaign dubbed Operation CamelClone, targeting government and strategic sectors across several geopolitically significant regions. The campaign abuses legitimate tools and public file‑sharing platforms to deliver malware and steal sensitive data, making it harder for defenders to…

Read more →

Poland’s National Centre for Nuclear Research recently experienced a targeted cyberattack aimed at its IT infrastructure. Security teams successfully thwarted the intrusion before malicious actors could compromise critical systems or access sensitive data. The facility, which houses the country’s sole…

Read more →

RondoDox is a Mirai‑style botnet that has quickly evolved into a highly automated exploitation engine, chaining 174 vulnerabilities with large‑scale use of compromised residential IP infrastructure.​ This explosive growth widens the global attack surface, especially as many vendors still ship…

Read more →

Zach Rice, the original creator of the widely popular secret scanning tool Gitleaks, has officially launched its successor, Betterleaks. Sponsored by Aikido Security, this new open-source project aims to be a faster, smarter, and highly configurable replacement for finding hardcoded…

Read more →

Every day, billions of people rely on postal and courier services to deliver everything from handwritten letters to high value online orders.The rapid growth of global e-commerce has made parcel delivery services a critical part of everyday life. According to…

Read more →

Google is preparing to launch Android 17, introducing a comprehensive suite of new features aimed at fundamentally improving device security, user privacy, and performance debugging. At the forefront of this release is the highly anticipated Android Advanced Protection Mode (AAPM),…

Read more →

Ransomware group Hive0163 is experimenting with a likely AI-generated malware framework, dubbed “Slopoly,” marking a visible shift toward AI-assisted tooling in attacks. While the malware itself is simple, its use shows how quickly threat actors can now generate and iterate…

Read more →

Fake FileZilla downloads are being used to deliver a stealthy Remote Access Trojan (RAT) through a multi‑stage loader, putting careless downloaders at high risk of compromise.​ Attackers have set up a fake website that closely copies the look and layout…

Read more →

New research reveals that a new ACRStealer variant is now being actively deployed as a final payload by HijackLoader, using low‑level syscalls, AFD-based networking, TLS C2, and flexible secondary payload delivery to evade detection and maximize data theft. The newly…

Read more →

OpenClaw AI agents are facing significant security scrutiny following a recent CNCERT warning about insecure defaults and prompt-injection vulnerabilities. The most critical risk for defenders is not just abstract model confusion, but the ability of an attacker to turn normal…

Read more →

Konni APT recently ran a multi-stage malware operation that hijacked KakaoTalk accounts to spread remote access trojans (RATs) through highly targeted spear‑phishing.​ The message used contextual content aligned with the victim’s role to build trust and trick them into opening…

Read more →

Cybersecurity defenders identified a surge in network breaches originating from compromised FortiGate Next-Generation Firewalls. According to incident responders at SentinelOne, threat actors exploit recent vulnerabilities to extract configuration files, steal credentials, and establish deep network footholds. Attackers are primarily leveraging…

Read more →

Attackers are evolving a well-known Microsoft Teams and Quick Assist social-engineering playbook to install a new, stealthy backdoor dubbed A0Backdoor. The campaign closely mirrors activity previously attributed to Blitz Brigantine (also tracked as Storm‑1811), a financially motivated group tied to Black…

Read more →