Category: gbhackers

Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning… Delivered by PolitePaul service Go to gbhackers.com

Hackers Deploy ATHR for Scalable AI-Driven Vishing and Credential Theft Hackers are increasingly turning to telephone-oriented attack delivery (TOAD) to bypass traditional email security, and a new cybercrime platform called ATHR is accelerating this… Delivered by PolitePaul service Go to gbhackers.com

Two U.S. Nationals Sentenced in $5 Million DPRK Remote Worker Laptop Farm Scheme The U.S. Justice Department has sentenced two New Jersey residents, Kejia Wang and Zhenxing Wang, for enabling a massive fraudulent employment operation that generated… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit n8n Webhooks to Spread Malware A new abuse campaign targeting AI-driven workflow automation platforms particularly n8n that turns legitimate automation tools into powerful malware delivery systems. Between October 2025 and March… Delivered by PolitePaul service Go to gbhackers.com

Cisco FMC Zero-Day Among 31 High-Impact Vulnerabilities Exploited in March 31 high-impact vulnerabilities were actively exploited in March 2026, with a Cisco firewall zero-day abused by the Interlock ransomware group emerging as one of… Delivered by PolitePaul service Go to gbhackers.com

New PoC Exploit Published for Microsoft Defender 0-Day Flaw A security researcher operating under the alias “Chaotic Eclipse” has publicly released a proof-of-concept (PoC) exploit for a vulnerability in Microsoft Defender. Published on… Delivered by PolitePaul service Go to gbhackers.com

Chrome Privacy Vulnerability Exposes Users via Fingerprinting and Header Leaks A new technical review of Google Chrome’s privacy posture shows that modern tracking no longer depends only on cookies, because websites can combine browser… Delivered by PolitePaul service Go to gbhackers.com

Trusted WordPress Plugins Hijacked in 8-Month Stealth Backdoor Campaign Hackers secretly planted a remote code-execution backdoor in more than 30 popular WordPress plugins, leaving it dormant for about 8 months before activating malware… Delivered by PolitePaul service Go to gbhackers.com

Windows Active Directory Flaw Opens Door to Malicious Code Execution Microsoft disclosed a critical security vulnerability within Windows Active Directory that exposes enterprise networks to severe risks. Tracked officially as CVE-2026-33826, this vulnerability allows… Delivered by PolitePaul service Go to gbhackers.com

Agentic LLM Browsers Open New Front in Prompt Injection, Data Theft Agentic LLM browsers are turning everyday browsing into automated, AI-driven workflows but they also expose a powerful new attack surface for prompt injection and… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Hidden Microsoft 365 Mailbox Rules to Steal Sensitive Business Emails Attackers are quietly abusing Microsoft 365 mailbox rules to steal emails, hide alerts, and maintain long-term access without installing malware. These stealthy tactics are… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Rolls Out KB5083769 Update for Windows 11 24H2 and 25H2 Microsoft has released KB5083769, the April 14, 2026 cumulative security update for Windows 11 versions 24H2 and 25H2, moving the operating system to builds… Delivered by PolitePaul service Go to gbhackers.com

CISA Alerts on Exploited Microsoft Exchange and Windows CLFS Security Flaws The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding two actively exploited security vulnerabilities in Microsoft products. Added to the… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross‑platform malware chain that ends with the PHANTOMPULSE remote… Delivered by PolitePaul service Go to gbhackers.com

SAP Patch Day Fixes Critical SQL Injection, DoS, and Code Injection Flaws SAP released its monthly Security Patch Day updates, addressing 19 new security notes and one update to a previously released note. According to the… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Critical ShowDoc RCE Flaw in Ongoing Attacks Cybersecurity researchers have highlighted a critical vulnerability in ShowDoc, a widely used online document-sharing platform designed for IT teams. Tracked as CNVD-2020-26585, this severe… Delivered by PolitePaul service Go to gbhackers.com

Okta Under Attack as Hackers Skip Phishing for Identity Systems Hackers are shifting away from email phishing and are directly targeting Okta and other identity providers using voice‑based social engineering, or “Okta vishing.” This… Delivered by PolitePaul service Go to gbhackers.com

Critical Axios Vulnerability Enables Remote Code Execution, PoC Released A critical security vulnerability has been discovered in Axios, one of the most widely used HTTP client libraries, exposing applications to Remote Code Execution… Delivered by PolitePaul service Go to gbhackers.com

Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations European fitness operator Basic-Fit has confirmed a significant data breach affecting approximately one million members across its network. The incident heavily impacted users in… Delivered by PolitePaul service Go to gbhackers.com

Iran-Linked CyberAv3ngers Target Water Utilities, Industrial Controllers Iran-linked threat group CyberAv3ngers is intensifying attacks on U.S. water utilities and industrial control systems, shifting from noisy hacktivism to sustained disruption of operational technology (OT)… Delivered by PolitePaul service Go to gbhackers.com

Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure A critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public… Delivered by PolitePaul service Go to gbhackers.com

VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi‑stage obfuscated loader to quietly tunnel traffic… Delivered by PolitePaul service Go to gbhackers.com

Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure. A… Delivered by PolitePaul service Go to gbhackers.com

Google Locks Chrome Sessions to Devices to Stop Cookie Theft Google has officially launched a major security upgrade to protect users from session hijacking. Starting with Chrome version 146 for Windows users, Device Bound… Delivered by PolitePaul service Go to gbhackers.com

Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting… Delivered by PolitePaul service Go to gbhackers.com

EngageSDK Vulnerability puts millions of crypto wallets at risk A newly disclosed vulnerability in the widely used Android library EngageSDK has raised serious concerns across the cryptocurrency ecosystem, potentially exposing millions of users… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as… Delivered by PolitePaul service Go to gbhackers.com

Iranian APT alert: 5,219 Rockwell PLCs exposed online Censys has warned that more than 5,000 Rockwell Automation/Allen-Bradley PLCs are currently exposed to the internet as Iranian-affiliated APT actors actively target these devices… Go to gbhackers.com

Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and political figures across the Middle East,… Go to gbhackers.com

TP-Link Devices at Risk as Multiple Security Flaws Enable Takeover Cybersecurity researchers have uncovered five significant security vulnerabilities in the TP-Link Archer AX53 v1.0 router. If left unpatched, these critical flaws could allow attackers… Go to gbhackers.com

HPE Aruba Private 5G Vulnerability Opens Door to Credential Theft Attacks A newly disclosed security flaw in HPE Aruba Networking Private 5G Core On-Prem is putting enterprise networks at severe risk of credential theft. Documented… Go to gbhackers.com

New React Server Components Flaw Could Let Attackers Trigger DoS A newly disclosed high-severity vulnerability in React Server Components could allow unauthenticated attackers to trigger a Denial of Service (DoS) condition. Tracked as CVE-2026-23869,… Go to gbhackers.com

Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain controllers and web servers…. Go to gbhackers.com

STX RAT Hides Remote Desktop, Steals Data to Dodge Detection A stealthy new remote access trojan, dubbed STX RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced evasion and encryption techniques… Go to gbhackers.com

Fake Security Tool Spreads LucidRook in Taiwan Cyberattacks Hackers are using fake security tools and cleverly crafted phishing emails to secretly deploy a new malware family, LucidRook, against organizations in Taiwan. The campaign, tracked… Go to gbhackers.com

CISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The… Go to gbhackers.com

China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes of highly classified information… Go to gbhackers.com

IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data IBM has issued an urgent security bulletin addressing a slew of vulnerabilities impacting IBM Verify Identity Access and IBM Security Verify Access. These flaws… Go to gbhackers.com

Masjesu Botnet Targets Routers in Commercial DDoS Attacks Hackers are abusing the Masjesu botnet to run high-volume DDoS-for-hire attacks against routers, gateways, and other exposed IoT infrastructure, turning everyday network hardware into commercial attack… Go to gbhackers.com

Top 10 Best Multi-Factor Authentication (MFA) Providers in 2026 In the digital realm of 2026, the traditional password stands as a flimsy barrier against an onslaught of sophisticated cyber threats. From phishing campaigns and… Go to gbhackers.com

GreyNoise Launches C2 Detection for Exploited Edge Devices GreyNoise has introduced a new capability, C2 Detection, to identify compromised edge devices such as firewalls, routers, and VPN systems assets that are increasingly targeted… Go to gbhackers.com

Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling A newly disclosed flaw in OpenSSL could allow attackers to access sensitive data stored in application memory. Tracked as CVE-2026-31790, this moderate-severity vulnerability affects… Go to gbhackers.com

Attackers Exploit Flowise Injection Vulnerability as 15,000+ Instances Remain Exposed A critical security flaw in Flowise, a popular open-source AI development platform, is currently being exploited in the wild. Tracked as CVE-2025-59528, this code… Go to gbhackers.com

Critical Android Flaw Allows Zero-Interaction Denial-of-Service Attacks Google has rolled out its April 2026 Android Security Bulletin, addressing multiple vulnerabilities across the mobile operating system. The most alarming discovery this month… Go to gbhackers.com

Tor-Backed ClickFix Campaign Drops Node.js RAT on Windows Hackers are using a deceptive technique known as “ClickFix” to deliver a sophisticated Node. js-based remote access Trojan (RAT) targeting Windows users. ClickFix, which gained… Go to gbhackers.com

Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential‑theft operation that has already compromised at least 766 servers… Go to gbhackers.com

Fake Installers Spread RATs, Monero Miners in Ongoing Malware Campaign Fake software installers are being used in a long-running malware operation to drop remote access trojans (RATs), Monero cryptominers, and a new .NET implant… Go to gbhackers.com

Critical Claude Code Flaw Silently Bypasses User-Configured Security Rules Anthropic’s flagship AI coding agent, Claude Code, was recently discovered to contain a critical security flaw that silently bypasses developer-configured safety rules. The… Go to gbhackers.com

Apache Traffic Server Flaw Allowed Attackers to Trigger Denial-of-Service Attacks The Apache Software Foundation has released critical security updates to address two vulnerabilities in Apache Traffic Server (ATS). Disclosed on April 2, 2026, these… Go to gbhackers.com

Google’s Bug Bounty Program Hits Record $17 Million in 2025 Payouts Google has announced a record-breaking year for its Vulnerability Reward Program (VRP). In 2025, the tech giant paid out more than $17 million to… Go to gbhackers.com

Alleged REvil Leader ‘UNKN’ Identified by German Authorities in New Takedown Effort German authorities have officially put a face to one of the most notorious names in cybercrime. The German Federal Criminal Police (BKA) recently identified… Go to gbhackers.com

Critical Dgraph Database Flaw Allowed Attackers to Bypass Authentication A newly discovered critical vulnerability in the open-source Dgraph database system leaves servers exposed to complete system takeovers. Tracked as CVE-2026-34976 and carrying a… Go to gbhackers.com

Anthropic Ends Claude Subscription Access for Third-Party Tools Like OpenClaw Anthropic has officially shut down third-party AI agent access to its Claude subscription services, pulling the plug on unauthorized external integrations. This move marks… Go to gbhackers.com

LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software A new investigation by Fairlinked e.V. claims that Microsoft-owned LinkedIn is running a massive, undisclosed corporate surveillance operation. According to the “BrowserGate” report, hidden… Go to gbhackers.com

Top 10 Best Identity And Access Management (IAM) Companies 2026 In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become the foundational pillar of… Go to gbhackers.com

Top 10 Best Privileged Access Management (PAM) Solutions 2026 In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and malicious insiders alike. From system… Go to gbhackers.com

Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js… Go to gbhackers.com

Kimsuky Uses Malicious LNK Files to Drop Python Backdoor Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic largely unchanged…. Go to gbhackers.com

Malicious Chrome Extension “ChatGPT Ad Blocker” Targets Users, Steals Conversations Security researchers have uncovered a malicious Google Chrome extension named “ChatGPT Ad Blocker” designed to silently steal private AI conversations. The malware cleverly disguises… Go to gbhackers.com

Axios npm compromise traced to targeted social engineering attack The recent compromise of the widely used Axios npm package has been confirmed as the result of a targeted social engineering attack. The incident, which… Go to gbhackers.com

14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity upgrade to a recently… Go to gbhackers.com

CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its Known Exploited Vulnerabilities (KEV)… Go to gbhackers.com

NoVoice on Google Play Exploits 22 Flaws to Hit Millions of Android Users NoVoice is a new Android rootkit campaign that hid in more than 50 apps on Google Play, exploiting 22 vulnerabilities to hijack millions of… Go to gbhackers.com

RFQ Malware Campaign Uses DOCX, RTF, JS, and Python Hackers are abusing DOCX, RTF, JavaScript, PowerShell, and Python to deliver an in‑memory Cobalt Strike beacon in a stealthy spear‑phishing campaign that impersonates Boeing… Go to gbhackers.com

Axios npm Supply Chain Breach: Microsoft Shares Mitigation Steps Microsoft has detailed how organizations can detect and mitigate a recent supply chain compromise involving malicious Axios npm releases and infrastructure attributed to the… Go to gbhackers.com

Apple Releases iOS 18.7.7 Update to Defend Against DarkSword Exploit Apple has officially expanded the rollout of iOS 18.7.7 and iPadOS 18.7.7 to defend users against a critical web-based threat known as the DarkSword… Go to gbhackers.com

CISA Issues Alert on Chrome Zero-Day Under Active Exploitation The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability affecting Google Chrome and other Chromium-based… Go to gbhackers.com

PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw A critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and execute arbitrary commands. Proof-of-Concept (PoC)… Go to gbhackers.com

Hackers Exploit Hotel Booking Systems to Send Fake Payment Requests to Guests Hackers are increasingly targeting hotel booking workflows to trick travelers into handing over payment details, using a technique that blends real reservation data with… Go to gbhackers.com

CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful toolkit that combines remote… Go to gbhackers.com

CrewAI Hit by Critical Vulnerabilities Enabling Sandbox Escape and Host Compromise CrewAI, a prominent tool used by developers to orchestrate multi-agent AI systems, is currently vulnerable to a chain of critical security flaws. By using… Go to gbhackers.com

North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems A North Korea–nexus threat actor has hijacked the popular Axios NPM package in a high‑impact software supply chain attack that can silently backdoor Windows,… Go to gbhackers.com

EvilTokens Launches New Phishing Service Targeting Microsoft Accounts EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The… Go to gbhackers.com

PNG Vulnerabilities Allow Attackers to Trigger Crashes and Leak Sensitive Data Security researchers have disclosed two high-severity vulnerabilities in libpng, the widely deployed reference library used for processing Portable Network Graphics (PNG) image files. These critical… Go to gbhackers.com

Telegram-Based ResokerRAT Adds Screenshot Capture and Persistence Hackers are deploying a new Windows malware called ResokerRAT, a Telegram‑based Remote Access Trojan (RAT) that gives attackers stealthy remote control over infected systems. Instead… Go to gbhackers.com

Dutch Finance Ministry Responds to Cyberattack by Taking Systems Offline The Dutch Ministry of Finance is actively managing a significant cybersecurity incident after discovering unauthorized access to its internal Information and Communication Technology (ICT)… Go to gbhackers.com

Google Introduces Advanced Ransomware Defense and Recovery Features in Drive Google has officially moved its advanced ransomware detection and file restoration features for Google Drive out of beta, making them generally available to organizations… Go to gbhackers.com

Telnyx Python SDK Backdoored on PyPI to Steal Cloud Credentials The popular Telnyx Python SDK on PyPI to deploy a multi‑stage credential‑stealing operation that targets cloud infrastructure, Kubernetes clusters, and developer environments at scale…. Go to gbhackers.com

New Homoglyph Tricks Let Cybercriminals Mimic Trusted Domains New homoglyph attack techniques are turning tiny visual differences in text into a reliable way to spoof trusted domains, steal credentials, and bypass weak… Go to gbhackers.com

Critical Fortinet FortiClient EMS Vulnerability Actively Exploited in Attacks Threat intelligence researchers have detected active exploitation of a critical vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS). The security flaw, identified as CVE-2026-21643,… Go to gbhackers.com

10 Best Data Loss Prevention Software in 2026 Data loss prevention (DLP) refers to technology and techniques for detecting and preventing unauthorized access, use, disclosure, or destruction of sensitive data. DLP solutions… Go to gbhackers.com

Stored XSS Vulnerability in Jira Work Management Could Enable Full Organization Takeover Security researchers recently uncovered a critical stored Cross-Site Scripting (XSS) vulnerability within Atlassian’s Jira Work Management platform. This flaw allows an attacker with limited… Go to gbhackers.com

Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, in a growing threat now dubbed “prompt poaching.”… Go to gbhackers.com

BIND 9 Security Flaws Allow Attackers to Bypass Security Controls and Crash Servers The Internet Systems Consortium (ISC) has released critical security advisories addressing three new vulnerabilities in the widely used BIND 9 Domain Name System (DNS)… Go to gbhackers.com

European Commission Confirms Cyberattack After AWS Account Breach The European Commission has confirmed a cybersecurity incident affecting its cloud-based infrastructure after attackers gained access to an Amazon Web Services (AWS) account hosting… Go to gbhackers.com

Open VSX Scanner Vulnerability Lets Malicious Extensions Go Live Open VSX, the extension marketplace used by VS Code forks such as Cursor and Windsurf, recently fixed a critical vulnerability in its newly introduced… Go to gbhackers.com

Fake Certificate Loader Hides BlankGrabber Malware Chain BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi‑stage Rust and Python infection chain, making this commodity stealer significantly harder… Go to gbhackers.com

Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks A South Asian financial institution has been hit by a custom malware toolkit combining a modular backdoor, dubbed BRUSHWORM, and a DLL side‑loaded keylogger known… Go to gbhackers.com

TeamPCP Hackers Focus on AI Developers, Planting Malicious Code to Disrupt Projects The FBI Cyber Division has issued a critical alert following a massive supply chain attack orchestrated by the threat actor group TeamPCP. The hackers… Go to gbhackers.com

Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams A threat actor known as Silver Fox is targeting Japanese organizations with a new wave of spearphishing attacks timed to coincide with the country’s… Go to gbhackers.com

CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV Catalog The Cybersecurity and Infrastructure Security Agency (CISA) has urgently added a critical flaw affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog…. Go to gbhackers.com

Red Hat Warns of Malware Embedded in Popular Linux Tool, Opening Doors for Unauthorized… Red Hat has issued an urgent security alert regarding a highly sophisticated supply chain attack targeting the popular xz compression utility. Cybersecurity researchers discovered malicious code embedded… Go to gbhackers.com

Torg Grabber Malware Shifts from Telegram Exfiltration to Encrypted REST API for C2 A fast-evolving information‑stealing malware dubbed “Torg Grabber” that has shifted from simple Telegram‑based exfiltration to a hardened, encrypted REST API command‑and‑control (C2) channel fronted… Go to gbhackers.com

Kiss Loader Malware Targets with Early Bird APC Injection in New Attack Campaign A newly identified malware loader dubbed “Kiss Loader” is emerging as a potential threat, leveraging advanced process injection techniques and dynamic delivery infrastructure. The… Go to gbhackers.com

IDrive for Windows Vulnerability Allows Attackers to Escalate Privileges and Gain Unauthorized Access A critical security flaw has been identified in the IDrive Cloud Backup Client for Windows, exposing users to local privilege escalation attacks. Tracked as… Go to gbhackers.com

Fake Screenshot Lures Target Web3 Support Staff with Multi-Stage Malware Attack Fake screenshot links are being used to quietly deploy a multi‑stage backdoor against Web3 customer support teams, in a campaign assessed to be linked… Go to gbhackers.com

Preventing Account Takeovers: A Practical Guide to Detection and Response Yesterday’s password leak can become tomorrow’s identity crisis. According to research firm Gitnux, account-takeover attacks jumped 354 percent in 2023, driven by bots that… Go to gbhackers.com

ClawHub Vulnerability Lets Attackers Manipulate Rankings to Become Top Skill Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability allowed attackers to… Go to gbhackers.com

SmartApeSG ClickFix Campaign Spreads Remcos, NetSupport RAT, StealC, Sectop RAT A recent SmartApeSG campaign observed on March 24, 2026, highlights the growing sophistication of ClickFix-based attack chains, which deliver multiple remote access trojans (RATs)… Go to gbhackers.com

Hackers Exploiting Magento Flaw to Execute Remote Code and Seize Full Account Access A critical vulnerability dubbed “PolyShell” is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team and published on… Go to gbhackers.com