Category: gbhackers

Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7,… Delivered by PolitePaul service Go to gbhackers.com

Fake Claude Campaign Uses PlugX-Style DLL Sideloading Chain Hackers are abusing a fake Claude AI download site to deliver a PlugX‑style DLL sideloading chain that ultimately deploys a new Windows backdoor dubbed… Delivered by PolitePaul service Go to gbhackers.com

Trending Hugging Face Repo With 200K Downloads Spreads Windows Malware A malicious Hugging Face repository, Open-OSS/privacy-filter, that abused the platform’s trust and trending algorithm to deliver a sophisticated Rust-based infostealer to Windows users. The… Delivered by PolitePaul service Go to gbhackers.com

Sandboxie Escape Flaw Could Let Attackers Gain SYSTEM-Level Privileges Security researchers have exposed critical sandbox escape vulnerabilities in Sandboxie and Sandboxie-Plus that allow attackers to gain full SYSTEM-level privileges. We strongly urge users… Delivered by PolitePaul service Go to gbhackers.com

OpenClaw Malware Targets Crypto Wallets and Bitwarden Credentials OpenClaw users are being targeted in a fresh malware campaign that abuses a fake installer to steal credentials from popular crypto wallets and password… Delivered by PolitePaul service Go to gbhackers.com

TCLBANKER Malware Leverages WhatsApp and Outlook Worm Features in Active Attacks A sophisticated Brazilian banking trojan named TCLBANKER, deployed through a trojanized Logitech installer and capable of hijacking victims’ WhatsApp and Outlook accounts to spread itself… Delivered by PolitePaul service Go to gbhackers.com

Vidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device Data A highly evasive multi-stage malware campaign deploying the Vidar Infostealer. First discovered in late 2018 and built on the Arkei stealer source code, Vidar… Delivered by PolitePaul service Go to gbhackers.com

NVIDIA Confirms GeForce Data Breach Exposed Users’ Personal Data GFN Cloud Internet Services, operating as the regional NVIDIA GeForce NOW cloud gaming partner, GFN.AM has officially confirmed a significant data breach. The security… Delivered by PolitePaul service Go to gbhackers.com

Modular RAT Campaign Steals Credentials and Captures Screenshots A sophisticated spear-phishing campaign, dubbed Operation GriefLure, targeting senior executives in Vietnam and the Philippines with a stealthy modular remote access trojan (RAT). The campaign… Delivered by PolitePaul service Go to gbhackers.com

Pam Backdoor Targets Linux Systems to Steal SSH Credentials A newly observed Linux backdoor technique, dubbed Pam, is exploiting the flexibility of Pluggable Authentication Modules (PAM) to capture SSH credentials and maintain persistence on… Delivered by PolitePaul service Go to gbhackers.com

ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations A new cross‑platform malware family, dubbed ZiChatBot, that abuses the trusted Python Package Index (PyPI) ecosystem and the Zulip team chat platform to run a… Delivered by PolitePaul service Go to gbhackers.com

Cline Kanban WebSocket Vulnerability Enables Malicious Sites to Take Over AI Coding Agents Cline, a widely adopted open-source AI coding agent, has recently patched a severe vulnerability in its local Kanban server. Trusted by developers with deep… Delivered by PolitePaul service Go to gbhackers.com

Fake OpenClaw Installer Targets Crypto Wallets and Password Managers Hackers are abusing a fake OpenClaw installer to deploy a modular Rust-based infostealer framework dubbed Hologram, aimed at harvesting credentials from more than 250 crypto… Delivered by PolitePaul service Go to gbhackers.com

Fake Moustache Fools Age Checks, Sparks Online Safety Act Fears A critical gaps in age verification systems introduced under the Online Safety Act, with children easily bypassing safeguards using simple tricks including drawing fake… Delivered by PolitePaul service Go to gbhackers.com

Trellix Investigates RansomHouse Breach Claims Involving Source Code Repository Leading cybersecurity firm Trellix is actively investigating a potential security incident following claims made by the RansomHouse extortion group. The threat actors recently listed… Delivered by PolitePaul service Go to gbhackers.com

Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could… Delivered by PolitePaul service Go to gbhackers.com

Claude and SpaceX Join Forces to Enhance Large-Scale Compute Capacity Anthropic has officially announced a massive strategic partnership with SpaceX to expand its computing capabilities significantly. This collaboration aims to provide the necessary infrastructure… Delivered by PolitePaul service Go to gbhackers.com

Fake Claude AI Installers Used to Spread Malware in New Cyber Scam Hackers are abusing fake Claude AI installer pages promoted through Google Ads to trick users into running malware in a campaign. The operation combines… Delivered by PolitePaul service Go to gbhackers.com

Scammers Exploit Disposable VoIP Numbers to Bypass Reputation Blocking New tactics used by threat actors who embed phone numbers in scam emails as a key indicator of compromise (IOC), revealing how attackers exploit… Delivered by PolitePaul service Go to gbhackers.com

Google Chrome 148 Released With Fixes for 127 Security Flaws Google has officially rolled out Chrome version 148 to the stable channel, delivering a massive security overhaul that addresses 127 vulnerabilities across Windows, Mac,… Delivered by PolitePaul service Go to gbhackers.com

Salesforce Marketing Cloud Vulnerability Exposes Email Data Risk Salesforce Marketing Cloud (SFMC) recently patched a cluster of high‑impact vulnerabilities that could have allowed attackers to read and enumerate marketing emails and subscriber… Delivered by PolitePaul service Go to gbhackers.com

QLNX Targets Developers in Supply Chain Credential Theft Campaign QLNX is a newly documented Linux remote access trojan (RAT) that targets the theft on developers’ and DevOps credentials to hijack software supply chains. Recent… Delivered by PolitePaul service Go to gbhackers.com

Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets A critical vulnerability has been identified in Argo CD that could allow attackers with minimal privileges to extract highly sensitive Kubernetes Secrets directly from… Delivered by PolitePaul service Go to gbhackers.com

Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison A Latvian national operating from Moscow has been sentenced to 102 months in federal prison for his role as a key negotiator within a… Delivered by PolitePaul service Go to gbhackers.com

Iran-Linked Hackers Target Oman Ministries in Webshell and Data Theft Campaign Iran-linked operators have mounted a broad espionage operation against multiple Omani ministries, abusing exposed webshells, SQL escalation scripts, and a poorly secured C2 server… Delivered by PolitePaul service Go to gbhackers.com

WhatsApp Security Flaw Enables Malicious URL Execution Through Instagram Reels WhatsApp has recently patched two notable security vulnerabilities that could have allowed attackers to execute malicious links and disguise dangerous files. The most alarming… Delivered by PolitePaul service Go to gbhackers.com

Attackers Exploit Amazon SES to Send Authenticated Phishing Emails Attackers are increasingly abusing Amazon Simple Email Service (SES) to deliver highly convincing phishing emails that bypass traditional security controls, marking a growing trend… Delivered by PolitePaul service Go to gbhackers.com

Qualcomm Chipset Vulnerabilities Raise Alarm Over Remote Code Execution Risk Qualcomm Technologies has released its May 2026 security bulletin, addressing a sweeping array of vulnerabilities across its proprietary and open-source software ecosystems. Threat actors… Delivered by PolitePaul service Go to gbhackers.com

Code of Conduct Phish Hits 35,000 Users in Multi-Stage AiTM Attack A highly sophisticated phishing campaign leveraging code-of-conduct-themed lures has targeted more than 35,000 users across 13,000 organizations. The multi-stage attack, observed between April 14 and… Delivered by PolitePaul service Go to gbhackers.com

Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks Educational institutions are now facing a coordinated mix of state espionage, spear‑phishing, and supply chain intrusions, even as classic ransomware and vulnerability volumes show… Delivered by PolitePaul service Go to gbhackers.com

Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers New research has uncovered a Mirai-derived botnet called xlabs_v1 that turns Android devices with exposed Android Debug Bridge (ADB) into a distributed attack platform for knocking… Delivered by PolitePaul service Go to gbhackers.com

276 Arrested as Authorities Dismantle Crypto Scam Centers Targeting Americans In an unprecedented international law enforcement operation, authorities have dismantled at least nine overseas cryptocurrency scam centers, resulting in the arrest of 276 individuals. The… Delivered by PolitePaul service Go to gbhackers.com

New Apache MINA Vulnerabilities Open Door to Remote Code Execution Attacks The Apache MINA project has issued urgent security updates to address two severe vulnerabilities. These security flaws could allow malicious actors to execute unauthorized… Delivered by PolitePaul service Go to gbhackers.com

CISA Flags Linux Kernel Vulnerability as Threat Actors Launch Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity Linux kernel vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as… Delivered by PolitePaul service Go to gbhackers.com

DOJ Sentences Two Americans for ALPHV BlackCat Ransomware Attacks The U.S. Department of Justice (DOJ) has sentenced two American cybersecurity professionals to prison for their involvement in ALPHV BlackCat ransomware attacks that targeted… Delivered by PolitePaul service Go to gbhackers.com

Massive Facebook Phishing Operation Leverages AppSheet, Netlify, and Telegram Cybersecurity researchers at Guardio Labs have uncovered a massive phishing operation dubbed AccountDumpling that has compromised more than 30,000 Facebook accounts worldwide. Unlike conventional… Delivered by PolitePaul service Go to gbhackers.com

cPanelSniper PoC Exploit Disclosed as 44,000 Servers Reportedly Compromised A critical zero-day vulnerability in cPanel and WebHost Manager (WHM) is under massive active exploitation following the public release of a sophisticated proof-of-concept exploit…. Delivered by PolitePaul service Go to gbhackers.com

EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins A newly uncovered cyber campaign dubbed “EtherRAT” is raising concerns across enterprise environments, as attackers combine SEO poisoning, GitHub abuse, and blockchain-based infrastructure to… Delivered by PolitePaul service Go to gbhackers.com

CAPTCHA and ClickFix Abuse Fuels Credential Theft Surge Attackers are increasingly combining QR codes, fake CAPTCHA gates, and ClickFix-style tricks to steal credentials at scale, even as major phishing-as-a-service (PhaaS) platforms face… Delivered by PolitePaul service Go to gbhackers.com

New Android Spyware Platform Enables Rebranding and Resale A newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell… Delivered by PolitePaul service Go to gbhackers.com

DDoS Malware Targets Jenkins to Hit Valve Game Servers A new DDoS botnet that abuses exposed Jenkins servers to launch powerful attacks against Valve Source Engine game infrastructure, including servers hosting titles like… Delivered by PolitePaul service Go to gbhackers.com

Multiple Exim Mail Server Vulnerabilities Could Trigger Crashes via Malicious DNS Data The developers of the Exim mail server have officially rolled out version 4.99.2 to address four newly discovered security vulnerabilities. This critical update patches… Delivered by PolitePaul service Go to gbhackers.com

Multiple Wireshark Vulnerabilities Allow Arbitrary Code Execution via Malformed Packets The Wireshark Foundation has released version 4.6.5 of its widely used network protocol analyzer, addressing a massive wave of security vulnerabilities. This urgent update… Delivered by PolitePaul service Go to gbhackers.com

OpenAI Unveils Cyber Defense Roadmap Focused on AI-Powered Security OpenAI has released a comprehensive cyber defense roadmap titled “Cybersecurity in the Intelligence Age” to responsibly equip defenders with AI-powered security tools faster than… Delivered by PolitePaul service Go to gbhackers.com

PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP… Delivered by PolitePaul service Go to gbhackers.com

Jenkins Plugin Updates Fix Path Traversal and Stored XSS Bugs The Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and… Delivered by PolitePaul service Go to gbhackers.com

Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote… Delivered by PolitePaul service Go to gbhackers.com

Backdoored WordPress Plugin Abuses Remote Update Checker for Silent Code Delivery A long-dormant backdoor has been uncovered in the “Quick Page/Post Redirect Plugin,” a popular WordPress add-on with over 70,000 active installations. The tampered plugin,… Delivered by PolitePaul service Go to gbhackers.com

VECT 2.0 Ransomware Wipes Large Files Across Windows, Linux & ESXi The “new” VECT 2.0 ransomware is essentially a cross‑platform data wiper that permanently destroys most enterprise files rather than encrypting them for recovery. For any… Delivered by PolitePaul service Go to gbhackers.com

Vimeo Confirms Data Breach After Hackers Access User Database Vimeo has officially confirmed a data breach affecting its user database. The security incident did not originate with Vimeo, but rather with Anodot, a… Delivered by PolitePaul service Go to gbhackers.com

SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis A previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early… Delivered by PolitePaul service Go to gbhackers.com

LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection Minecraft players are being lured with a fake hacking tool called “Slinky” that secretly installs a powerful infostealer dubbed LofyStealer (also tracked as GrabBot),… Delivered by PolitePaul service Go to gbhackers.com

CISA Warns of Windows Shell Zero-Day Exploited in Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28,… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Expands Copilot Agent Mode for Outlook Inbox and Calendar Tasks Microsoft announced a major evolution for Copilot in Outlook, shifting the tool from a passive assistant to an autonomous agent. Instead of simply drafting… Delivered by PolitePaul service Go to gbhackers.com

Chinese-Backed Smishing Rings Scale Credential Theft via SMS and OTT Apps Chinese-language phishing-as-a-service (PhaaS) platforms are rapidly expanding their global reach by leveraging SMS and over-the-top (OTT) messaging channels such as iMessage and Rich Communication… Delivered by PolitePaul service Go to gbhackers.com

Sandworm Uses SSH-over-Tor Tunnel for Stealthy Long-Term Persistence A significant evolution in Sandworm (APT-C-13) tradecraft, revealing the group’s use of SSH-over-Tor tunneling to achieve long-term, covert persistence inside targeted networks. Sandworm, also… Delivered by PolitePaul service Go to gbhackers.com

Critical LiteLLM Flaw Enables Database Attacks Through SQL Injection A critical pre-authentication SQL injection vulnerability, identified as CVE-2026-42208, has been discovered in the popular LiteLLM gateway, allowing attackers to access databases without credentials…. Delivered by PolitePaul service Go to gbhackers.com

WhatsApp Tests Encrypted Cloud Backup Service for Safer Message Storage WhatsApp is actively developing an independent, first-party cloud backup service featuring mandatory end-to-end encryption. This upcoming feature aims to reduce users’ reliance on third-party… Delivered by PolitePaul service Go to gbhackers.com

Researchers Warn macOS textutil, KeePassXC Can Fuel Automation Attacks Researchers are warning that widely trusted local tools such as macOS’s textutil and KeePassXC can pose unexpected security risks when used within automated workflows…. Delivered by PolitePaul service Go to gbhackers.com

Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However,… Delivered by PolitePaul service Go to gbhackers.com

North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and… Delivered by PolitePaul service Go to gbhackers.com

Critical Gemini CLI Flaw Raises Supply Chain Security Concerns Google has rolled out urgent security updates for its Gemini CLI and the accompanying GitHub Action to address a critical vulnerability. Tracked as GHSA-wpqr-6v78-jr5g,… Delivered by PolitePaul service Go to gbhackers.com

OpenClaw Flaws Expose Systems to Policy Bypass Attacks OpenClaw, a rapidly adopted open-source autonomous AI agent framework, has released critical security updates to address three moderate-severity vulnerabilities. Found in npm package versions… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Agent ID Administrator Role to Hijack Service Principals A severe scoping vulnerability was recently discovered in Microsoft Entra ID’s new Agent Identity Platform. The security flaw allowed users assigned the Agent ID… Delivered by PolitePaul service Go to gbhackers.com

GPT-5.5 Bio Bug Bounty Program Aims to Improve AI Safety and Performance OpenAI has officially launched the GPT-5.5 Bio Bug Bounty program to strengthen safeguards against emerging biological risks. As artificial intelligence models become more advanced,… Delivered by PolitePaul service Go to gbhackers.com

Claude Desktop Reportedly Adds Browser Access Bridge for Chromium Browsers A detailed cybersecurity report published by privacy expert Alexander Hanff on April 18, 2026, reveals that Anthropic’s Claude Desktop application for macOS silently installs… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Cisco Firepower N-Day Flaws for Unauthorized Access A state-sponsored threat actor known as UAT-4356 is actively exploiting known vulnerabilities in Cisco Firepower devices to deploy a sophisticated custom backdoor. UAT-4356 exploited two n-day vulnerabilities, CVE-2025-20333 and CVE-2025-20362m… Delivered by PolitePaul service Go to gbhackers.com

Fake CAPTCHA Scam Triggers Costly SMS Fraud Hackers are abusing fake CAPTCHA pages to run a silent but lucrative international SMS fraud scheme, turning routine “prove you’re human” checks into a… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Pastebin PowerShell Script to Hijack Telegram Sessions Hackers are experimenting with a new Telegram‑focused session stealer that hides in a Pastebin‑hosted PowerShell script posing as a Windows telemetry update, giving defenders… Delivered by PolitePaul service Go to gbhackers.com

Void Dokkaebi Hackers Spread Malware Through Fake Job Interviews Void Dokkaebi, also known as Famous Chollima, is expanding its cyber operations by turning fake job interviews into a large-scale malware distribution campaign targeting… Delivered by PolitePaul service Go to gbhackers.com

Xiongmai IP Camera Flaw Lets Attackers Bypass Authentication A critical security vulnerability has been identified in Hangzhou Xiongmai Technology’s XM530 IP Cameras, putting countless commercial facilities at risk. This severe flaw allows… Delivered by PolitePaul service Go to gbhackers.com

Malicious npm Package Hijacks Hugging Face for Malware Delivery Malicious npm package js-logger-pack is now abusing Hugging Face not just as a malware CDN, but also as a live exfiltration backend for stolen data, turning… Delivered by PolitePaul service Go to gbhackers.com

Outlook Mailboxes Used to Conceal Linux GoGra Backdoor Traffic A newly discovered Linux variant of the GoGra backdoor is being used by the Harvester advanced persistent threat (APT) group to conduct stealthy cyber… Delivered by PolitePaul service Go to gbhackers.com

Attackers Exploit LMDeploy Flaw in the Wild Within 12 Hours of Advisory A critical Server-Side Request Forgery (SSRF) vulnerability in LMDeploy’s vision-language module was exploited in active attacks just 12 hours and 31 minutes after its… Delivered by PolitePaul service Go to gbhackers.com

Lazarus Lures Developers With Backdoored Coding Tests North Korea-linked hackers are using AI-assisted malware and backdoored coding challenges to quietly loot millions in cryptocurrency from Web3 developers. Expel assesses with high confidence… Delivered by PolitePaul service Go to gbhackers.com

North Korean Fake IT Workers Infiltrate Firms to Dodge Sanctions North Korean threat actors are once again leveraging deceptive remote work schemes to infiltrate global organizations, using fake IT worker personas to generate revenue… Delivered by PolitePaul service Go to gbhackers.com

Critical Spring Authorization Server Issue Exposes Systems to XSS and SSRF Attacks A critical vulnerability, tracked as CVE-2026-22752, has been disclosed in Spring Security Authorization Server, affecting organizations running Dynamic Client Registration endpoints. The flaw allows attackers… Delivered by PolitePaul service Go to gbhackers.com

Lotus Wiper Hits Energy Sector in Destructive Cyberattack Hackers have deployed a new destructive malware, dubbed Lotus Wiper , in a targeted cyberattack against energy and utilities organizations in Venezuela, aiming not to extort… Delivered by PolitePaul service Go to gbhackers.com

Critical Bamboo Data Centre and Server Flaw Enables Command Injection Attacks Atlassian has disclosed a critical OS Command Injection vulnerability (CVE-2026-21571) in Bamboo Data Centre and Server, with a CVSS score of 9.4, enabling authenticated… Delivered by PolitePaul service Go to gbhackers.com

Microsoft warns of fake IT worker identities infiltrating cloud environments Microsoft is warning that North Korea‑aligned group Jasper Sleet is abusing remote hiring to slip fake IT workers into cloud environments by posing as… Delivered by PolitePaul service Go to gbhackers.com

Auraboros RAT Adds Live Audio, Keylogging, and Cookie Theft via Open C2 Panel A fully exposed command-and-control (C2) panel for a previously undocumented remote access trojan (RAT) framework dubbed Auraboros, supporting live audio streaming, intensive keylogging, browser credential… Delivered by PolitePaul service Go to gbhackers.com

Apache Syncope RCE Vulnerability Detailed After Public Exploit Code Release Security researchers have released full technical details and a working proof-of-concept (PoC) exploit for CVE-2025-57738, a high-severity remote code execution (RCE) vulnerability in Apache… Delivered by PolitePaul service Go to gbhackers.com

CISA Alerts Defenders to Exploited Cisco Catalyst SD-WAN Manager Security Flaws The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to network defenders regarding the active exploitation of Cisco Catalyst SD-WAN Manager…. Delivered by PolitePaul service Go to gbhackers.com

GitHub Issue Alerts Exploited in OAuth Phishing Scam Targeting Developers Hackers are abusing GitHub’s own issue-notification emails to phish developers and silently take over their repositories using malicious OAuth applications, effectively turning trusted DevOps… Delivered by PolitePaul service Go to gbhackers.com

PureRAT Hides PE Payloads in PNGs for Fileless Execution A multi-stage PureRAT campaign that hides portable executable (PE) payloads inside PNG images and executes them almost entirely in memory, making detection and forensics… Delivered by PolitePaul service Go to gbhackers.com

Microsoft spots Sapphire Sleet macOS attack using AppleScript and social engineering A new macOS-focused cyber campaign linked to the North Korean threat actor Sapphire Sleet, highlighting how attackers are increasingly relying on social engineering rather… Delivered by PolitePaul service Go to gbhackers.com

Iran’s MOIS Tied to Coordinated Cyber Campaign Using Multiple Hacker Personas A single Iranian state-directed operation is hiding behind several so‑called “hacktivist” brands, using different online identities to run one coordinated global cyber campaign. New analysis… Delivered by PolitePaul service Go to gbhackers.com

TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware Hackers are actively exploiting a critical vulnerability in TBK digital video recorder (DVR) devices to deploy a new Mirai-based botnet called Nexcorium. The campaign leverages… Delivered by PolitePaul service Go to gbhackers.com

MiningDropper Spreads Infostealers, RATs, Banking Malware on Android Hackers are abusing a modular Android framework called MiningDropper to mine cryptocurrency and silently install infostealers, remote access trojans (RATs), and banking malware on infected devices. MiningDropper… Delivered by PolitePaul service Go to gbhackers.com

Microsoft-Signed Malware Built With FUD Crypt Packs Persistence and C2 Hackers are abusing a service called FUD Crypt to generate fully undetected, Microsoft‑signed malware that installs persistence and connects to a dedicated command‑and‑control (C2)… Delivered by PolitePaul service Go to gbhackers.com

iTerm2 Flaw Turns SSH Escape Sequences Into Arbitrary Code Execution In the cybersecurity community, we often assume that simply reading a text file using a command like cat is a perfectly safe operation. However, security researchers… Delivered by PolitePaul service Go to gbhackers.com

Researcher Claims Claude Opus Enabled Creation of Working Chrome Exploit A security researcher has shown that Anthropic’s Claude Opus can help build a working browser exploit chain against Google Chrome’s V8 engine, raising fresh… Delivered by PolitePaul service Go to gbhackers.com

Nexcorium Mirai Variant Weaponises TBK DVR Vulnerability in Fresh IoT Botnet Push A newly discovered Mirai malware variant named Nexcorium is actively targeting unpatched Internet of Things (IoT) devices. According to recent threat research from FortiGuard… Delivered by PolitePaul service Go to gbhackers.com

TP-Link Routers Hit by Mirai in CVE-2023-33538 Attacks Hackers are actively scanning for vulnerable TP-Link home routers to push Mirai-style malware, abusing CVE-2023-33538 in a new wave of automated attacks. While the… Delivered by PolitePaul service Go to gbhackers.com

SEO Poisoning Attack Uses Microsoft Binary to Install RMM Tool New research has exposed a search engine poisoning campaign that delivers a trojanized TestDisk installer, abuses a Microsoft-signed binary for DLL sideloading, and silently… Delivered by PolitePaul service Go to gbhackers.com

Industrial Systems Hit by New Email-Worm Threat Wave Email-borne worms are driving a fresh wave of incidents against industrial control systems (ICS), even as overall malware activity on these networks appears to… Delivered by PolitePaul service Go to gbhackers.com

Operation PowerOFF Knocks Out 75,000 DDoS Attackers and Over 50 Service Domains A major international law enforcement campaign has hit the DDoS-for-hire ecosystem, warning more than 75,000 suspected users and disrupting the infrastructure that helped power… Delivered by PolitePaul service Go to gbhackers.com

Fake Zoom SDK Update Spreads Sapphire Sleet Malware in New macOS Attack Chain A sophisticated macOS-focused cyber campaign orchestrated by the North Korean threat actor Sapphire Sleet, revealing a shift toward social engineering over traditional software exploitation…. Delivered by PolitePaul service Go to gbhackers.com

PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an… Delivered by PolitePaul service Go to gbhackers.com

Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters OX Security researchers have uncovered a critical, systemic vulnerability built directly into the architecture of Anthropic’s Model Context Protocol (MCP). As the industry standard… Delivered by PolitePaul service Go to gbhackers.com