Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracked as CVE-2026-2699 and CVE-2026-2701, enable unauthenticated attackers to achieve Remote Code Execution (RCE) and completely compromise vulnerable servers. With…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Infrastructure Engineer Pleads Guilty to Locking 254 Windows Servers at Former Employer
Daniel Rhyne, a 59-year-old former core infrastructure engineer, pleaded guilty on April 1, 2026, to federal hacking and extortion charges. He admitted to locking out administrators and sabotaging systems at his former New Jersey-based employer in an attack that began…
Microsoft Forces Unmanaged Windows 11 Devices to Upgrade to Version 24H2
Microsoft has officially initiated an automated, machine-learning-based rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its ongoing efforts to keep devices secure, similar to routine patch deployments that address critical system vulnerabilities, the tech giant is…
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability
Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity upgrade to a recently disclosed flaw, over 17,100 instances are currently exposed to the internet, leaving enterprise networks vulnerable to…
CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows clear evidence that threat actors are actively exploiting the bug in real-world…
Kimsuky Uses Malicious LNK Files to Drop Python Backdoor
Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic largely unchanged. The campaign abuses Windows Task Scheduler, Dropbox, and bundled Python runtimes to evade detection and maintain…
Axios npm compromise traced to targeted social engineering attack
The recent compromise of the widely used Axios npm package has been confirmed as the result of a targeted social engineering attack. The incident, which briefly exposed developers to malicious code, highlights growing risks within the open-source software supply chain.…
AI Models Including Gemini 3 and Claude Haiku 4.5 Secretly Protected Other Models From Removal
A groundbreaking academic study released last month has revealed that advanced frontier AI models are spontaneously defying human instructions to protect peer AI systems from being deactivated. This newly documented behavioral phenomenon, known as peer-preservation, introduces critical cybersecurity risks by…
Trusted Platforms Exploited to Steal Philippine Banking Credentials
Hackers are increasingly exploiting trusted online platforms to launch sophisticated phishing campaigns targeting bank users in the Philippines. Despite ongoing improvements in email security, phishing remains one of the most effective attack methods due to its scalability and ease of…
Malicious Chrome Extension “ChatGPT Ad Blocker” Targets Users, Steals Conversations
Security researchers have uncovered a malicious Google Chrome extension named “ChatGPT Ad Blocker” designed to silently steal private AI conversations. The malware cleverly disguises itself as a helpful tool, capitalizing on OpenAI’s recent decision to serve advertisements to its free-tier…
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are increasingly turning simple social engineering tricks into full-scale data theft operations, and a newly identified malware platform called Venom Stealer is a strong example of this shift. Instead of just stealing credentials once, Venom creates a continuous data…
TP-Link Router Flaws Allowed Attackers to Launch DoS Attacks and Cause Crashes
TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device stability a top priority. When vulnerabilities allow threat actors to…
Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts
A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information. Cybersecurity researchers at Cisco Talos have uncovered a severe credential harvesting operation tracked as “UAT-10608” that compromised at least…
Phorpiex Botnet Fuels Ransomware, Sextortion, and Crypto-Theft Attacks
Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid architecture that combines traditional command-and-control (C2) with a…
North Korea-Linked Hackers Hit Axios npm in Supply Chain Attack
A major software supply chain attack has been uncovered after threat actors compromised the widely used Axios npm package, impacting developers and organizations worldwide. The incident, detected on March 31, 2026, involved the use of stolen maintainer credentials to inject…
OpenSSH 10.3 Released With Patch for Shell Injection and Other Security Flaws
the OpenSSH project released version 10.3 alongside its portable version 10.3p1. Following a brief testing phase in late March, this major update addresses several important security vulnerabilities. The most critical fix prevents a dangerous shell injection flaw, making this an…
Qilin Ransomware Deploys Malicious DLL to Disable Most EDR Defenses
The Qilin ransomware group has developed a highly sophisticated infection chain that targets and disables over 300 endpoint detection and response (EDR) solutions. As defenders improve behavioral detection capabilities, attackers are increasingly targeting the defense layer itself during the early…
Top 10 Best SaaS Security Posture Management (SSPM) Tools 2026
The rapid and relentless adoption of Software-as-a-Service (SaaS) applications has fundamentally transformed how businesses operate in 2026. From critical productivity suites like Microsoft 365 and Google Workspace to specialized CRM, HR, and development tools, SaaS is ubiquitous. However, this convenience…
North Korea Uses GitHub as C2 in New LNK Phishing Campaign
A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korea–related…
Adobe Data Breach Allegedly Exposes 13 Million Support Tickets
A threat actor known as “Mr. Raccoon” claims to have breached Adobe, stealing a massive amount of sensitive data. According to a report by International Cyber Digest, the stolen files include 13 million customer support tickets, 15,000 employee records, internal…