Cybercriminals abused Atlassian Cloud’s trusted infrastructure to run a burst of highly automated spam campaigns that redirected victims to fraudulent investment schemes and online casinos, highlighting the growing risk of SaaS-powered email abuse. By riding on Atlassian Jira Cloud’s strong…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Matanbuchus 3.0 Unleashes AstarionRAT via ClickFix Social Engineering and Silent MSI Installs
Matanbuchus 3.0 has resurfaced in a tightly orchestrated intrusion chain that blends ClickFix social engineering, silent MSI installations, DLL sideloading, and a new remote access trojan dubbed AstarionRAT, underscoring how mature loaders are evolving toward stealthy, multi‑stage operations rather than simple payload…
Washington Hotel in Japan Hit by Ransomware Attack
Washington Hotel, a prominent hotel chain in Japan, has confirmed a ransomware attack that compromised several of its servers on February 13, 2026. The incident was detected at 10:00 PM when unauthorized access was identified on multiple servers, prompting immediate…
New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts
Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing ClickFix/FileFix social‑engineering…
India’s Largest Pharmacy Exposes Customer Personal Data and Internal System Access
A major security vulnerability was recently discovered in the online infrastructure of Dava India, one of the country’s largest generic pharmacy retail chains. The breach, identified by security researcher Eaton, exposed sensitive customer personal data and granted unauthorized access to…
EU Parliament Suspends AI Integration on Corporate Devices Over Cybersecurity Fears
The European Parliament has taken a precautionary step by disabling built-in artificial intelligence features on work devices issued to lawmakers and staff members, citing unresolved cybersecurity and data protection risks. The decision follows an internal IT security assessment that identified potential vulnerabilities…
New Sophisticated ‘Carding-as-a-Service’ Marketplaces Fuel Surge in Credit Card Fraud
Credit card fraud has matured into a service-based criminal economy where stolen cards, malware, and support are bundled and sold like commercial products. Underground “dump shops” such as Findsome, UltimateShop, and Brian’s Club now operate as full-fledged carding-as-a-service (CaaS) marketplaces, mirroring legitimate…
DigitStealer Infostealer Targets macOS, Revealing Critical Infrastructure Vulnerabilities
DigitStealer is an increasingly active macOS‑targeting infostealer whose predictable command‑and‑control (C2) setup exposes structural weaknesses in its operators’ infrastructure decisions. While technically sophisticated on the endpoint, its reuse of the same providers, protocols, and registration patterns has made much of…
Firefox v147.0.3 Released with Critical Fix for Heap Buffer Overflow Vulnerability
Mozilla has released an emergency security update for Firefox, addressing a critical heap buffer overflow vulnerability in the libvpx library. The update, version 147.0.4, was announced on February 16, 2026, alongside corresponding patches for Firefox ESR 140.7.1 and ESR 115.32.1.…
Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat
Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading README content, and obscure…
Microsoft Teams Leverages AI Workflows with Microsoft 365 Copilot for Task Automation
Microsoft is rolling out AI Workflows in the Teams Workflows app, bringing intelligent automation capabilities powered by Microsoft 365 Copilot to help users streamline daily operations and automate complex tasks. The feature uses scheduled Copilot prompts through predefined templates, making…
Apache NiFi Vulnerabilities Expose Systems to Authorization Bypass Attacks
Apache NiFi users are being urged to upgrade after the project disclosed a high-severity authorization flaw tracked as CVE-2026-25903. The issue, published on 2026-02-16, can allow a less-privileged authenticated user to modify configuration properties on certain “restricted” extension components that…
QR Codes Exploited for Phishing Attacks and Malware Spread on Mobile Devices
QR code abuse has become a significant mobile threat vector, with attackers using it to deliver phishing pages, trigger in‑app account takeovers, and distribute malicious applications outside official app stores. Because people routinely scan QR codes for payments, menus and…
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft
A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to “remove verification popups” and “generate 2FA codes,”…
0APT Ransomware Group Claims 200 Victims, Fails to Provide Proof
A new ransomware-as-a-service (RaaS) outfit calling itself 0APT has quickly drawn attention for all the wrong reasons, after loudly claiming to have compromised around 200 victims while failing to provide any verifiable proof of compromise. Emerging on or around January 28, 2026,…
Langchain Community SSRF Bypass Vulnerability Exposes Internal Services to Unauthorized Access
The Langchain development team has released a critical security update for the @langchain/community package to address a Server-Side Request Forgery (SSRF) vulnerability. Identified as CVE-2026-26019, this flaw exists within the RecursiveUrlLoader class, a utility used for web crawling. If left unpatched, the vulnerability allows…
25 Vulnerabilities Found in Cloud Password Managers, Exposing Users to Unauthorized Access and Changes
The three major cloud-based password managers, such as Bitwarden, LastPass, and Dashlane, collectively serve approximately 60 million users. Despite marketing claims of “zero-knowledge encryption,” the research team demonstrated that these platforms contained vulnerabilities allowing attackers to view or modify stored…
Threat Actors Target OpenClaw Configurations to Steal Login Credentials
A new wave of infostealer activity targeting OpenClaw, an emerging AI assistant platform. The discovery marks a major turning point in the behavior of infostealer malware moving beyond browser and cryptocurrency theft to focus on AI configuration environments that hold deep…
Noodlophile Malware Authors Use Fake Job Ads and Phishing Schemes to Evolve Tactics
Hey folks in the threat‑hunting world looks like our coverage of the Noodlophile infostealer has struck a nerve with its creators. The operators used inflated engagement metrics and fake popularity scores to lure victims into downloading malicious ZIP archives. Once executed, these…
Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices
Microsoft’s February 10, 2026, Patch Tuesday cumulative update KB5077181 for Windows 11 is being linked to severe boot failures on some devices, with users reporting systems that restart repeatedly and never reach the desktop. The issue is primarily discussed across community threads,…