OpenAI has announced the limited preview of its next-generation AI model family, GPT‑5.6, headlined by the flagship “Sol” model, which introduces significant advancements in cybersecurity capabilities alongside a newly engineered layered safeguard architecture. The release, disclosed on June 26, 2026,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Critical Linux Kernel Flaw Allows Unprivileged Users to Gain Full Root Access
A newly disclosed flaw in the Linux kernel’s traffic-control subsystem, now assigned CVE-2026-46331 and referred to as “Pedit COW,” has been found to grant any unprivileged local user full root access on vulnerable systems. Within just 24 hours of the…
Claude Mythos 5 Redeployed to Help U.S. Organizations Strengthen Cyber Defense
Anthropic has officially restored access to its Claude Mythos 5 artificial intelligence model for a select group of U.S. organizations tasked with defending critical national infrastructure. This reinstatement ends a two-week suspension that began on June 12, 2026, which prompted…
Cloud Bucket Hijacking Lets Attackers Silently Exfiltrate AWS, Google Cloud Data
A critical cloud storage attack technique that exploits a fundamental architectural vulnerability shared across all major cloud service providers. The technique, dubbed cloud bucket hijacking, allows attackers to silently redirect active data streams, including audit logs, telemetry pipelines, and sensitive…
Linux Kernel DirtyClone Vulnerability Lets Local Attackers Gain Root Privileges
A critical Local Privilege Escalation flaw has been uncovered within the Linux kernel, allowing unprivileged local users to seamlessly gain root access by manipulating the system’s page cache. This vulnerability, designated as CVE-2026-43503, represents a severe gap in the XFRM/IPsec…
Amazon Q Developer Vulnerability Allows Code Execution via Malicious Repositories
A critical security flaw discovered in the Amazon Q Developer Extension for Visual Studio Code (VS Code) left developers vulnerable to arbitrary code execution and cloud credential theft. Tracked as CVE-2026-12957 and CVE-2026-12958, these high-severity vulnerabilities highlight significant risks in…
Water and Wastewater Systems Become Strategic Targets for Russia, China, and Iran
Water and wastewater systems have become strategic gray‑zone targets for Russia, China, and Iran, driven by chronic underinvestment and weak operational‑technology (OT) defenses that make these utilities easy to probe and exploit. Internet‑facing human‑machine interfaces (HMIs), exposed programmable logic controllers…
China-Linked Malware Found in Counterfeit USB Drives Used on Japan Defense Force Classified Networks
Japan’s defense infrastructure has faced scrutiny following an investigation that revealed members of the Japan Self-Defense Forces (JSDF) used counterfeit USB drives embedded with malware linked to China on systems handling classified information. According to findings reported by Nikkei, these…
FOSSBilling Flaw Lets Admin Attackers Abuse DI Container for SQL Access and RCE
A critical server-side template injection (SSTI) vulnerability in FOSSBilling, tracked as CVE-2026-28496, is exposing instances to potential full database compromise and remote code execution (RCE), with early signs of active exploitation appearing shortly after public disclosure. This flaw is documented…
Scammers Abuse Shopify to Send Fake Invoices and Steal Credentials via Fake Support Calls
Scammers are increasingly exploiting Shopify’s ecosystem and its Shop order-tracking app to deliver fraudulent invoices directly into users’ purchase histories, marking a shift from traditional email-based phishing to in-app social engineering attacks. Security researchers Luis Corrons and Jakub Vavra from…
Hackers Exploit WinRAR CVE-2025-8088 to Plant Startup Shortcut and Run PowerShell Loader
Hackers have weaponized a WinRAR path-traversal flaw tracked as CVE-2025-8088 to silently plant a Startup shortcut and run a multi-stage PowerShell loader that maps a headerless, reflectively loaded PE in memory. The campaign reuses the Ukrainian reconnaissance-themed lure seen in…
Russian Authorities Used Cellebrite UFED to Break Into Human Rights Activist’s iPhone
Russian authorities leveraged Cellebrite’s Universal Forensic Extraction Device (UFED) to gain access to a detained human rights activist’s iPhone, according to a detailed forensic investigation that raises fresh concerns over the use of commercial digital forensics tools in political repression.…
WhatsApp Adds Security Warning Before Users Start Chat With Unknown Numbers
WhatsApp has introduced a new proactive security feature that warns users before they start conversations with unknown phone numbers. This update, currently being rolled out to both Android and iOS users, adds a trust verification layer at the very beginning…
KuinaExtractor Stealer Targets Browser Data, Crypto Wallets, Roblox, Steam, and Discord
A previously undocumented Rust-based infostealer they call KuinaExtractor, a family that has evolved from a capable early prototype into a hardened, stealth-focused threat now rebranded as “k0to.” Analysis of dozens of samples and function-level code comparisons reveals a clear single-operator…
ChatGPT 5.6 Release Reportedly Delayed Following Trump Administration Security Request
OpenAI has reportedly delayed the full public release of its next-generation AI model, GPT-5.6, following a formal request from the Trump administration to limit early access to a select group of government-approved entities. This raises new concerns about the intersection…
Chinese-Speaking Hackers Deploy TinyRCT Backdoor Against Critical Energy Infrastructure
A Chinese-speaking threat cluster tracked as CL-STA-1062 has deployed a newly discovered .NET backdoor, TinyRCT, in targeted campaigns against government and critical energy infrastructure across Southeast Asia during 2025. The recent campaign combines common open-source tooling with bespoke malware. Operators…
CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Cisco Unified Communications Manager (Unified CM) to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks in enterprise communication environments. The newly listed flaw, tracked…
Windows Secure Boot Certificate Expiry Exposes Billions of PCs to Bootkit and Firmware Security Risks
Microsoft’s long-planned Secure Boot certificate rollover has reached a critical milestone, impacting more than just routine updates. The Microsoft Corporation KEK CA 2011 expired on June 24, 2026, the Microsoft UEFI CA 2011 expires on June 27, 2026, and the…
Hackers Use Malicious Minecraft Fabric Mods to Deploy LoaderClient and WeedHack Stealer
Hackers are weaponizing malicious Minecraft Fabric mods to deliver LoaderClient. This stage-one malware loader steals session data and hands it off to the WeedHack stealer through a fileless, blockchain-backed execution chain. The campaign stands out for its use of EtherHiding,…
Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets
A fresh supply-chain wave tied to the Mini Shai-Hulud, Miasma, and Hades malware families is actively poisoning npm packages in the LeoPlatform and RStreams ecosystems and expanding into source-repository compromises. The intrusion blends registry poisoning, install-time execution via binding.gyp, Bun-staged…