Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A newly discovered Linux local privilege escalation vulnerability, dubbed “Fragnesia,” is sending shockwaves through the cybersecurity community. This critical flaw grants attackers immediate root access to compromised systems. A Proof of Concept (PoC) exploit is already available online, escalating the…

Read more →

In a massive blow to the global electronics supply chain, manufacturing giant Foxconn has confirmed a major cyberattack on its North American operations. The notorious Nitrogen ransomware gang has claimed responsibility, boasting that it stole a staggering 8 terabytes of…

Read more →

A newly disclosed Windows zero-day, YellowKey, is attracting significant attention because it can bypass BitLocker protection and expose data on encrypted drives without requiring the victim’s recovery key in the public attack scenario described by researchers and media reports. The…

Read more →

Seedworm also known as MuddyWater, Temp Zagros, and Static Kitten is widely attributed to Iran’s Ministry of Intelligence and Security (MOIS). An Iran-linked cyber-espionage group has launched a stealthy global campaign, abusing trusted software to infiltrate high-value targets quietly. The…

Read more →

A newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain using PySoxy, a 10-year-old open-source Python SOCKS5 proxy. Unlike traditional ClickFix attacks that rely on a single PowerShell execution, this campaign…

Read more →

Ransomware is evolving faster than many defenses can keep up. In 2026, attackers are no longer just encrypting files they are systematically dismantling security tools, stealing sensitive data, and even preparing for a post-quantum future. Despite a slight global decline…

Read more →

Infostealer malware is no longer just a consumer nuisance it has become a direct bridge between personal device infections and full-scale enterprise breaches. Once these credentials are harvested and posted on dark web forums, attackers gain immediate footholds into corporate…

Read more →

Ransomware activity remained elevated in Q1 2026, continuing the trend established over the past year. The latest State of Ransomware Q1 2026 report reveals that 2,122 organizations were listed on ransomware data leak sites (DLS), marking the second-highest Q1 total on record.…

Read more →

Hackers are abusing fake download sites for popular tools like FinalShell and Xshell to deliver a new remote access trojan known as Kong RAT, in a highly staged and stealthy campaign that ran from at least May 2025 through March…

Read more →

A severe vulnerability has struck the heart of enterprise resource planning systems this month, threatening organizations worldwide with potential data breaches. On May 12, 2026, the software giant released its monthly security patch update to address 15 newly discovered security…

Read more →

Threat actors are rapidly adopting generative AI platforms to scale phishing operations, and Vercel has emerged as a powerful enabler in this shift. Vercel is a cloud-based platform designed to help developers build and deploy modern web applications quickly. Its…

Read more →

 A newly disclosed batch of vulnerabilities in Zoom’s software suite could give attackers the leverage they need to hijack systems. Zoom has released critical security updates to patch three distinct flaws affecting its Windows and iOS applications. The most dangerous…

Read more →

Global real estate powerhouse Cushman & Wakefield is the latest casualty in an escalating war of corporate extortion. Following a tense “pay or leak” standoff, the notorious ShinyHunters threat syndicate has carried out its threat, dumping hundreds of thousands of…

Read more →

A new Vidar Stealer campaign is abusing trusted tools, multi‑stage loaders, and heavy obfuscation to bypass EDR visibility and steal credentials from infected systems silently. This operation shows a clear shift toward “living‑off‑the‑land” techniques and stealthy backdoor architectures that make…

Read more →

A critical, unpatched vulnerability is actively threatening Open WebUI users, turning a simple profile picture upload into a gateway for complete system compromise. Security researchers have publicly disclosed a severe stored Cross-Site Scripting (XSS) flaw that enables 1-click Remote Code…

Read more →

Hackers are now abusing hijacked Microsoft Teams accounts and fake IT helpdesk chats to push a new, undocumented version of the Python‑based ModeloRAT into corporate environments. Instead, they use compromised or newly created Microsoft Teams accounts that impersonate internal IT…

Read more →

North Korean threat actors have introduced a stealthy new delivery mechanism in their ongoing “Contagious Interview” campaign, shifting tactics to abuse Git hooks for malware execution. The attack begins with a familiar social engineering lure. Victims, often developers targeted through…

Read more →

A critical security vulnerability in the Cline AI coding assistant’s kanban package exposes developers to remote code execution, data theft, and denial-of-service attacks by simply visiting a malicious website. Security researcher Sagilayani disclosed CVE-2026-44211 on GitHub four days ago, revealing…

Read more →

A critical vulnerability dubbed “ClaudeBleed” has compromised Anthropic’s trusted AI assistant, potentially turning it into a backdoor. This severe design flaw in the Claude Chrome extension allows malicious add-ons to hijack the AI secretly. Even extensions with zero declared permissions…

Read more →

A newly uncovered phishing campaign is targeting TRON wallet users through a deceptive Chrome extension that mimics the popular TronLink wallet. The campaign highlights how modern browser extension abuse is evolving beyond static code inspection, making detection significantly harder. At…

Read more →