Zscaler, Inc., a global leader in cloud security, has announced the successful acquisition of SquareX. This strategic move is designed to extend Zscaler’s Zero Trust capabilities directly into the web browser, effectively securing the “AI era” of enterprise work. The…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Wave of Odyssey Stealer Targets macOS Users in Active Cyberattack Campaign
A significant surge in Odyssey Stealer activity is currently targeting macOS users across multiple continents, with recent telemetry data revealing a dramatic geographic expansion of this sophisticated information-stealing campaign. Security researchers have observed newly updated malware samples spreading rapidly beyond…
APT-Q-27 Launches Stealthy Attacks on Corporate Networks, Evades Detection
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as APT-Q-27, or “GoldenEyeDog”. The attack began…
CISA Alerts Exploited React Native Community Security Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is an Operating System (OS) command injection flaw that poses severe…
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC…
CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded first place…
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over…
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in…
Betterment Data Breach Exposes Sensitive Information of 1.4 Million Customers
Automated investment platform Betterment has confirmed a data breach affecting approximately 1.4 million customers. The incident, which occurred in January 2026, was the result of a targeted social engineering attack rather than a direct exploit of the company’s core infrastructure.…
Spam Campaign Distributes Fake PDFs, Deploys Remote Monitoring Tools for Ongoing Access
An ongoing spam campaign that leverages social engineering to deploy legitimate Remote Monitoring and Management (RMM) software on victim networks. By disguising malicious payloads as essential Adobe Acrobat updates, threat actors are successfully bypassing traditional security controls and establishing persistent…
Cyberattackers Use Fake RTO Challan Alerts to Spread Android Malware
Indian users’ trust in government services through a sophisticated Android malware campaign that impersonates Regional Transport Office (RTO) challan notifications. This campaign represents an evolution from previous RTO-themed malware, featuring advanced anti-analysis techniques, a modular three-stage architecture, and a structured…
Moxa Switches Vulnerability Enables Unauthorized Access through Authentication Bypass
Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentially granting unauthorized access to critical network infrastructure. With a CVSS…
n8n Vulnerability Allows Remote Attackers to Hijack Systems via Malicious Workflow Execution
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and execute arbitrary system commands, potentially leading…
ShadowSyndicate Leverages Server Transition Technique in Latest Ransomware Attacks
ShadowSyndicate, a sophisticated cybercrime cluster first identified in 2023, has evolved its infrastructure management tactics by implementing a previously unreported server transition technique. This method involves rotating SSH fingerprints across multiple servers to obscure operational continuity. However, operational security (OPSEC)…
Cybersecurity Alert: Fake Traffic Ticket Portals Target Personal, Credit Card Data
A highly sophisticated phishing campaign that targets Canadian drivers by impersonating provincial traffic bureaus. This new wave of attacks utilizes “SEO poisoning” to trick search engines into ranking fake websites above legitimate government portals. The campaign forces victims through a…
LockBit 5.0 Unveils Cross-Platform Threats for Windows, Linux & ESXi Systems
The inner workings of LockBit 5.0, a sophisticated ransomware variant targeting Windows, Linux, and VMware ESXi systems simultaneously. This latest version represents a significant evolution in the cyber threat landscape, demonstrating how ransomware operators are refining their tools to maximize…
DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens…
Go 1.25.7 and Go 1.24.13 Released With Patches for Multiple Security Vulnerabilities
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent potential code smuggling and authentication bypass scenarios. Overview of the Vulnerability…
Weaponized Voicemail Hack Allows Remote Access to Systems, Experts Warn
A sophisticated social engineering campaign that weaponizes fake voicemail notifications to trick victims into installing remote access tools. The attack begins when victims receive communications directing them to compromised websites displaying convincing voicemail-themed landing pages. These pages use bank-related subdomains…
APT28 Hackers Exploit Microsoft Office Vulnerability to Target Government Agencies
Russian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the theft on secrets from maritime and…