Category: gbhackers

Researchers Unveil Aeternum C2 Infrastructure with Advanced Evasion and Persistence Tactics For years, defenders have relied on a simple strategy to dismantle botnets find and seize their command-and-control (C2) servers. That weakness enabled global law… Go to gbhackers.com

Trump Bans Anthropic AI in Federal Agencies Amid Growing Security Concerns The United States government has taken a massive step by banning federal agencies from using Anthropic, a domestic AI company known for its model,… Go to gbhackers.com

Hackers Exploit Windows File Explorer and WebDAV to Distribute Malware Cybersecurity researchers at Cofense Intelligence have uncovered an ongoing campaign where threat actors abuse Windows File Explorer to distribute malware. By exploiting the legacy… Go to gbhackers.com

1 Million Records from Dutch Telco Odido Leaked Online in Massive Data Breach The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers. The incident, which included an… Go to gbhackers.com

Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials The cybersecurity community is witnessing a rise in credential‑stuffing attacks targeting corporate Single Sign‑On (SSO) systems, with recent campaigns focusing on F5 BIG‑IP devices…. Go to gbhackers.com

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer… Go to gbhackers.com

Critical Trend Micro Apex One Vulnerabilities Allow Remote Malicious Code Execution Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to… Go to gbhackers.com

FreeBSD Vulnerabilities Enable Attackers to Crash Entire System The FreeBSD Project has disclosed a critical security vulnerability, tracked as CVE-2025-15576, which allows attackers to escape jail environments and gain unauthorized access to… Go to gbhackers.com

Hydra Saiga Espionage Campaign Targets Critical Utilities Using Telegram C2 for Data Theft Hydra Saiga is running a long-running espionage campaign that abuses Telegram as command-and-control (C2) to infiltrate critical utilities in Central Asia and exfiltrate sensitive… Go to gbhackers.com

New $300 Android RAT Boasts Automated Permission Bypass and Hidden Remote Control Every so often, a new piece of malware emerges that truly shifts the threat landscape. Oblivion, a newly discovered Android Remote Access Trojan (RAT), appears… Go to gbhackers.com

Government Data Stolen After Hacker Jailbreaks Claude AI to Write Malicious Exploit Code A hacker successfully manipulated Anthropic’s Claude AI to launch a sophisticated month-long cyberattack against Mexican government agencies. Between December 2025 and January 2026, the… Go to gbhackers.com

ResidentBat Android Malware Grants Belarusian KGB Ongoing Mobile Access ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long‑lived surveillance platforms against journalists and civil… Go to gbhackers.com

ServiceNow AI Platform Vulnerability Allows Remote Code Execution ServiceNow has disclosed a critical security vulnerability in its AI Platform that could allow unauthenticated attackers to remotely execute code within the ServiceNow Sandbox… Go to gbhackers.com

Critical SolarWinds Serv-U Vulnerabilities Enable Remote Root Access SolarWinds has released a critical security update for its Serv-U file transfer software, patching four vulnerabilities that could allow attackers to execute arbitrary code… Go to gbhackers.com

Cybercriminals Exploit Fake Avast Website to Steal Users Credit Card Information Cybercriminals have launched a convincing phishing operation by building a fake Avast website designed to steal credit card information from unsuspecting visitors. The fraudulent… Go to gbhackers.com

Android RAT SURXRAT Grants Hackers Full Device Control and Data Exfiltration SURXRAT is an actively developed Android Remote Access Trojan (RAT) sold as a commercial malware-as-a-service (MaaS) on Telegram, giving attackers full device control and… Go to gbhackers.com

Threat Actors Exploit Apache ActiveMQ Vulnerability to Gain RDP Access, Deploy LockBit Ransomware Threat actors recently abused a critical Apache ActiveMQ vulnerability to gain deep access to a Windows environment, eventually deploying LockBit ransomware over RDP. The attack shows… Go to gbhackers.com

OAuth Vulnerabilities in Entra ID Could Exploit ChatGPT to Breach User Email Accounts OAuth consent attacks in Microsoft Entra ID are giving threat actors a stealthy path to cloud email, and even trusted apps like ChatGPT can… Go to gbhackers.com

Malicious NuGet Packages Target ASP.NET Developers to Steal Login Credentials Malicious NuGet packages posing as legitimate developer utilities are targeting ASP.NET projects to steal identity credentials and silently backdoor applications through a localhost proxy. All… Go to gbhackers.com

Chinese AI Labs Launch Massive Distillation Attacks on Anthropic Claude, Tracking 13M Exchanges Anthropic has identified and exposed industrial-scale data extraction campaigns orchestrated by three major Chinese AI laboratories: DeepSeek, Moonshot, and MiniMax. These organizations utilized approximately… Go to gbhackers.com

ZeroDayRAT Targets Android and iOS Devices for Surveillance and Financial Data Theft ZeroDayRAT targets Android and iOS devices, combining real-time surveillance with direct financial theft within a single browser panel. The Malware-as-a-Service (MaaS) ecosystem is entering a new phase, blending mobile surveillance and… Go to gbhackers.com

Malicious OpenClaw Tactics Deceive Users into Manual Password Entry for AMOS Infection Malicious OpenClaw skills are being weaponized to coerce users into manually entering their passwords, enabling a new Atomic (AMOS) Stealer infection chain that abuses… Go to gbhackers.com

Romanian Cybercriminal Admits Guilt in Scheme Selling Oregon State Government Network Access A Romanian national has pleaded guilty to charges related to unauthorized access and sale of network credentials belonging to an Oregon state government office… Go to gbhackers.com

HPE Telco Service Activator Vulnerability Allows Attackers to Bypass Access Controls Hewlett Packard Enterprise (HPE) has issued a security bulletin warning customers of a serious vulnerability in its Telco Service Activator product that could allow attackers to… Go to gbhackers.com

jsPDF Flaw Exposes Millions of Developers to Object Injection A serious security flaw in jsPDF, a widely used JavaScript library for generating PDFs in web browsers, puts millions of developers and their users… Go to gbhackers.com

CISA Warns of Actively Exploited Roundcube Vulnerabilities On February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in… Go to gbhackers.com

Starkiller Phishing Kit Clones Real Login Pages to Evade MFA Protections New phishing framework Starkiller is enabling more convincing, scalable credential theft by proxying real login pages and bypassing multi-factor authentication (MFA), significantly raising the… Go to gbhackers.com

North Korean Hackers Exploit Fake IT Worker Schemes and Malicious Interview Lures North Korean state-backed hackers are running large-scale fake IT worker and “Contagious Interview” campaigns that abuse developer hiring workflows to deliver JavaScript-based malware, steal… Go to gbhackers.com

Anthropic Debuts Claude Code Security – AI Now Scan Vulnerabilities in Your Entire Codebase Anthropic has quietly flipped the script on application security. On February 20, the company launched Claude Code Security, a new capability baked directly into Claude… Go to gbhackers.com

PayPal Data Breach – 6 Months of Users’ Data Leaked Online PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for… Go to gbhackers.com

Critical Jenkins Flaw Exposes Build Environments to XSS Attacks A popular open-source automation server used by developers worldwide to build, test, and deploy software faces serious security risks from recent flaws. On February… Go to gbhackers.com

Silicon Valley Engineers Indicted for Alleged Trade Secret Theft From Google and Tech Firms Federal authorities arrested three Silicon Valley engineers on Thursday, charging them with conspiring to steal trade secrets from Google and other tech giants. The… Go to gbhackers.com

Google Blocks 1.75 Million Malicious Apps from Entering Play Store Google has revealed that it blocked more than 1.75 million malicious or policy‑violating Android apps from reaching users through the Play Store in 2025,… Go to gbhackers.com

Grandstream VoIP Phones Vulnerability Grants Attackers Root Privileges A critical unauthenticated stack-based buffer overflow vulnerability, tracked as CVE-2026-2329, affecting Grandstream GXP1600 series VoIP phones. The vulnerability, rated as critical with a CVSS score of 9.8, allows remote… Go to gbhackers.com

FBI Issues Emergency Alert as Ploutus Malware Drains U.S. ATMs Without Cards or Accounts Ploutus malware is powering a new wave of “jackpotting” attacks that drain U.S. ATMs without needing a bank card, customer account, or bank authorization,… Go to gbhackers.com

Hackers Exploit Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT Hackers are actively exploiting a critical vulnerability in BeyondTrust’s remote support software to deploy the VShell backdoor and SparkRAT remote access trojan, enabling full… Go to gbhackers.com

Google Rushes Out Critical Chrome Update to Address Serious PDFium and V8 Vulnerabilities Google has rushed out a vital security patch for Chrome, fixing three flaws that could let attackers run malicious code on users’ devices. The Stable… Go to gbhackers.com

LLM-Generated Passwords Expose Security Risks with Predictability and Weakness LLM-generated passwords may look complex and “high entropy,” but new research shows they are highly predictable, frequently repeated, and far weaker than traditional cryptographic… Go to gbhackers.com

Ongoing Campaign Targets Microsoft 365 to Steal OAuth Tokens for Persistent Access A new phishing campaign exploiting Microsoft’s OAuth 2.0 Device Authorization Grant flow to gain unauthorized and persistent access to Microsoft 365 accounts. The sophisticated… Go to gbhackers.com

Researchers Uncover DoS Vulnerabilities in Socomec DIRIS M-70 IIoT Power Meter via Thread Emulation… Selective thread emulation and coverage-guided fuzzing have exposed six denial-of-service (DoS) vulnerabilities in the Socomec DIRIS M-70 IIoT power-monitoring gateway, all of which are… Go to gbhackers.com

Threat Actors Using Fake Google Forms Site to Harvest Google Logins A new phishing campaign in which threat actors are using a convincing fake version of Google Forms to steal Google account credentials. Cybercriminals are once… Go to gbhackers.com

CISA Alerts Organizations to Honeywell CCTV Flaw Enabling Account Takeovers The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical vulnerability affecting multiple Honeywell CCTV camera products that could… Go to gbhackers.com

Microsoft Defender Introduces Centralized Script Library Powered by Copilot for Live Response Microsoft has unveiled a significant enhancement to its Defender platform: centralized library management for live response operations, powered by Microsoft Security Copilot. This new… Go to gbhackers.com

Hackers Hide Malware in Emoji-Based Code to Bypass Security Defenses Hackers are increasingly abusing emoji and other Unicode tricks to hide malicious code, bypass filters, and evade modern security controls, including AI-powered defenses. This emerging technique,… Go to gbhackers.com

ClickFix Exploits Homebrew Workflow to Deploy Cuckoo Stealer for macOS Credential Theft ClickFix is being weaponized against macOS developers by turning a trusted Homebrew workflow into a stealthy delivery channel for a new infostealer dubbed Cuckoo… Go to gbhackers.com

Palo Alto Networks to Acquire Koi Security for Enhanced Agentic Endpoint Security Palo Alto Networks announced on February 17, 2026, that it has entered a definitive agreement to acquire Koi Security, a pioneer in Agentic Endpoint… Go to gbhackers.com

New SysUpdate Variant Malware Discovered, Decryption Tool for Linux C2 Traffic Released A new Linux malware sample that strongly aligns with the SysUpdate malware family used by APT27/Iron Tiger. Initially detected on a client’s system, the… Go to gbhackers.com

Malware Campaign Targets Crypto Users with Fake MetaMask Wallet and Remote Access Backdoor An aggressive malware campaign targeting IT professionals in cryptocurrency, Web3, and AI to steal sensitive data and live crypto funds from victim wallets. The… Go to gbhackers.com

CISA Flags Actively Exploited Windows Video ActiveX Control RCE in KEV List The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog. This… Go to gbhackers.com

Microsoft Teams Leverages AI Workflows with Microsoft 365 Copilot for Task Automation Microsoft is rolling out AI Workflows in the Teams Workflows app, bringing intelligent automation capabilities powered by Microsoft 365 Copilot to help users streamline… Go to gbhackers.com

Firefox v147.0.3 Released with Critical Fix for Heap Buffer Overflow Vulnerability Mozilla has released an emergency security update for Firefox, addressing a critical heap buffer overflow vulnerability in the libvpx library. The update, version 147.0.4,… Go to gbhackers.com

DigitStealer Infostealer Targets macOS, Revealing Critical Infrastructure Vulnerabilities DigitStealer is an increasingly active macOS‑targeting infostealer whose predictable command‑and‑control (C2) setup exposes structural weaknesses in its operators’ infrastructure decisions. While technically sophisticated on… Go to gbhackers.com

New Sophisticated ‘Carding-as-a-Service’ Marketplaces Fuel Surge in Credit Card Fraud Credit card fraud has matured into a service-based criminal economy where stolen cards, malware, and support are bundled and sold like commercial products. Underground “dump shops”… Go to gbhackers.com

EU Parliament Suspends AI Integration on Corporate Devices Over Cybersecurity Fears The European Parliament has taken a precautionary step by disabling built-in artificial intelligence features on work devices issued to lawmakers and staff members, citing unresolved cybersecurity… Go to gbhackers.com

Hackers Exploit ‘Summarize with AI’ Feature to Inject Malicious Prompts into AI Recommendations Hackers and marketers are increasingly abusing “Summarize with AI” buttons and AI-share links to quietly plant persistent instructions in AI assistants’ memory, a growing… Go to gbhackers.com

Critical Airleader Vulnerability Exposes Systems to Exploitable Remote Attacks A critical security vulnerability in Airleader Master software has been disclosed by CISA, exposing industrial control systems across multiple critical infrastructure sectors to potential… Go to gbhackers.com

OpenClaw Founder Peter Steinberger Joins OpenAI to Strengthen AI Research OpenClaw founder Peter Steinberger says he is joining OpenAI to help “bring agents to everyone,” positioning the move as a way to accelerate development… Go to gbhackers.com

FileZen Flaw Allows Attackers to Execute Commands Remotely A high-severity vulnerability in FileZen, a file transfer solution developed by Soliton Systems K.K., enables authenticated attackers to remotely execute arbitrary operating system commands… Go to gbhackers.com

Matryoshka Clickfix Variant Targets macOS Users, Deploys New Stealer Malware A new variant of the “ClickFix” social engineering campaign specifically targeting macOS users. Codenamed Matryoshka a reference to its multiple nested obfuscation layers this evolution… Go to gbhackers.com

REMnux v8 Linux Toolkit Released With AI-Powered Malware Analysis Capabilities The landscape of malware analysis has taken a significant leap forward with the official release of REMnux v8. This popular Linux toolkit, which has… Go to gbhackers.com

Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams,… An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks… Go to gbhackers.com

CVE-2025-64712 in Unstructured.io Puts Amazon, Google, and Tech Giants at Risk of Remote Code… A newly disclosed critical flaw, CVE-2025-64712 (CVSS 9.8), in Unstructured.io’s “unstructured” ETL library could let attackers perform arbitrary file writes and potentially achieve remote code execution… Go to gbhackers.com

Malicious Chrome AI Extensions Target 260,000 Users with Injected Iframes As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions. Security researchers… Go to gbhackers.com

Chrome Extensions Infect 500K Users to Hijack VKontakte Accounts A long-running Chrome extension malware campaign has silently hijacked more than 500,000 VKontakte (VK) accounts, forcing users into attacker-controlled groups, resetting their settings every… Go to gbhackers.com

New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection XWorm, a multi-functional .NET‑based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators… Go to gbhackers.com

CISA Alerts Users to Notepad++ Flaw Allowing Code Execution The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog,… Go to gbhackers.com

OpenClaw 2026.2.12 Released to Patch Over 40 Security Vulnerabilities The OpenClaw team has officially released version 2026.2.12, a comprehensive update focused heavily on security hardening and architectural stability. This release addresses over 40… Go to gbhackers.com

Chrome Security Update Released to Address Code Execution Vulnerabilities Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux systems, addressing 11 security vulnerabilities that could allow attackers to… Go to gbhackers.com

Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot Loops Palo Alto Networks has disclosed a PAN-OS firewall vulnerability that can let remote attackers force repeated reboots, potentially pushing a device into a “reboot… Go to gbhackers.com

WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution Attacks A critical vulnerability in the popular WPvivid Backup & Migration plugin is putting more than 800,000 WordPress websites at risk of complete takeover through… Go to gbhackers.com

Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users A newly discovered malicious NPM package, dubbed duer-js , is being used to distribute an advanced information‑stealing malware that primarily targets Windows systems and Discord users…. Go to gbhackers.com

Adblock Filters Expose User Location Even With VPN Protection A new fingerprinting technique called “Adbleed” reveals that VPN users aren’t as anonymous as they think. While VPNs hide your IP address and encrypt… Go to gbhackers.com

RU-APT-ChainReaver-L Hijacks Trusted Sites and GitHub in Sweeping Cross-Platform Supply Chain Attack A newly exposed advanced persistent threat (APT) campaign, tracked as RU-APT-ChainReaver-L, is hijacking trusted file-hosting sites and long-standing GitHub accounts to deliver stealthy malware… Go to gbhackers.com

Ivanti Endpoint Manager Flaw Enables Remote Data Exposure Ivanti has issued a high-security update for its Endpoint Manager (EPM) solution to address two significant vulnerabilities that could put organisational data at risk…. Go to gbhackers.com

Windows Remote Access Connection Manager Zero-Day Enables DoS Attacks Microsoft has released urgent security updates to address a zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan). Assigned the identifier CVE-2026-21525, this flaw… Go to gbhackers.com

Hackers Exploit ChatGPT, Grok and Google Ads to Spread macOS AMOS Stealer Threat actors are abusing shareable ChatGPT and Grok conversations and pushing them with Google Search ads to trick macOS users into running Terminal commands… Go to gbhackers.com

Windows Shell Zero-Day Vulnerability Allows Attackers to Bypass Authentication Microsoft has issued an urgent security warning following the discovery of a zero-day vulnerability in the Windows Shell, now tracked as CVE-2026-21510. This critical flaw,… Go to gbhackers.com

Attackers Weaponize Windows Shortcut Files to Deploy Global Group Ransomware A high-volume phishing campaign leveraging the Phorpiex botnet has been distributing GLOBAL GROUP ransomware through weaponized Windows shortcut files. The attack begins with an… Go to gbhackers.com

Windows Error Reporting Flaw Allows Attackers to Elevate Privileges A newly documented Windows vulnerability, CVE-2026-20817, impacts the Windows Error Reporting Service (WER) and enables local privilege escalation. The issue matters because WER runs… Go to gbhackers.com

Axios Vulnerability Allows Attackers to Trigger DoS and Crash Node.js Servers A serious security flaw has been discovered in Axios, one of the most popular HTTP client libraries for Node.js, allowing attackers to crash servers… Go to gbhackers.com

15,200 OpenClaw Control Panels Exposed Online with Full System Access A critical security oversight has left thousands of AI agents wide open to the public internet. 15,200 instances of the OpenClaw AI framework (formerly… Go to gbhackers.com

Fancy Bear Exploits Microsoft Zero-Day to Deploy Backdoors and Email Stealers Fancy Bear has launched a sophisticated campaign exploiting a critical zero-day vulnerability in Microsoft RTF files to target users across Central and Eastern Europe…. Go to gbhackers.com

New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious Payloads A new offensive security tool named “RecoverIt” has been released, offering red teamers a stealthy method for lateral movement and persistence by abusing the… Go to gbhackers.com

APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware APT activity across APAC is rising rapidly as geopolitical tensions continue to grow, and defenders are seeing more advanced tradecraft aimed at long-term access…. Go to gbhackers.com

Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors A threat cluster tracked as “Vortex Werewolf” (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not… Go to gbhackers.com

Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution A critical security vulnerability has been discovered in Fortinet’s FortiClient EMS (Endpoint Management Server), potentially exposing organizations to remote code execution attacks. The flaw,… Go to gbhackers.com

Detecting Ransomware Using Windows Minifilters to Intercept File Change Events A security researcher has released a new proof-of-concept (PoC) tool on GitHub designed to stop ransomware at the deepest level of the operating system…. Go to gbhackers.com

State-Backed Hackers Target Military Officials and Journalists on Signal in Latest Cyberattack German intelligence and security agencies have issued a high-priority warning regarding a sophisticated cyber espionage campaign targeting military officials, diplomats, and investigative journalists across… Go to gbhackers.com

Apple Pay Users Targeted by Phishing Attack Aimed at Stealing Payment Details A sophisticated new phishing campaign is targeting Apple Pay users, leveraging high-quality email design and social engineering to bypass security measures. Unlike typical scams… Go to gbhackers.com

Hackers Exploit Cybersquatting Tactics to Spread Malware and Steal Sensitive Information Digital squatting has evolved from a simple trademark nuisance into a dangerous cybersecurity threat. In 2025, the World Intellectual Property Organization (WIPO) handled a… Go to gbhackers.com

Hackers Exploit Free Firebase Accounts to Launch Phishing Campaigns A new wave of phishing campaigns where scammers are abusing Google’s legitimate infrastructure to bypass security filters. Attackers are now creating free developer accounts… Go to gbhackers.com

Transparent Tribe Hacker Group Targets India’s Startup Ecosystem in Cyber Attack A worrying shift in the tactics of “Transparent Tribe,” a notorious threat group also known as APT36. Historically focused on Indian government, defense, and… Go to gbhackers.com

Bulletproof Hosting Providers Exploit Legitimate ISPs to Power Cybercrime Servers A surprising link between legitimate IT software and major cybercriminal operations. While investigating attacks by the “WantToCry” ransomware gang, analysts noticed that the attackers… Go to gbhackers.com

Claude Opus 4.6 Launches Enhanced Security Capabilities to Validate 500+ Critical Vulnerabilities Anthropic has released Claude Opus 4.6, marking a significant leap in the defensive application of artificial intelligence. Released yesterday, the model has already identified… Go to gbhackers.com

RenEngine Loader Deploys Stealthy Multi-Stage Execution to Bypass Security Measures The malware family, RenEngine Loader, after discovering malicious logic embedded within what appears to be a legitimate Ren’Py-based game launcher. Active since April 2025, the operation… Go to gbhackers.com

China-Nexus Hackers Target Linux Devices to Redirect Traffic and Deploy Malware “DKnife,” a sophisticated gateway-monitoring and adversary-in-the-middle (AitM) framework that turns Linux-based routers and edge devices into surveillance tools. Active since at least 2019, this… Go to gbhackers.com

Zscaler Integrates SquareX to Deliver Stronger Browser Security Protections Zscaler, Inc., a global leader in cloud security, has announced the successful acquisition of SquareX. This strategic move is designed to extend Zscaler’s Zero… Go to gbhackers.com

F5 Releases Urgent Security Fixes for Critical Vulnerabilities in BIG‑IP and NGINX F5 released its Quarterly Security Notification, addressing multiple security flaws across its product ecosystem. While F5 classifies the primary vulnerabilities as “Medium” severity under… Go to gbhackers.com

OpenAI Launches Trusted Access to Strengthen Cybersecurity Protections OpenAI has unveiled Trusted Access for Cyber, a new identity- and trust-based framework designed to enhance cybersecurity defenses while mitigating risks posed by its… Go to gbhackers.com

DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with… Go to gbhackers.com