no alarms and no surprises please..

Malicious NuGet Packages Target ASP.NET Developers to Steal Login Credentials Malicious NuGet packages posing as legitimate developer utilities are targeting ASP.NET projects to steal identity credentials and silently backdoor applications through a localhost proxy. All… Go to gbhackers.com

Chinese AI Labs Launch Massive Distillation Attacks on Anthropic Claude, Tracking 13M Exchanges Anthropic has identified and exposed industrial-scale data extraction campaigns orchestrated by three major Chinese AI laboratories: DeepSeek, Moonshot, and MiniMax. These organizations utilized approximately… Go to gbhackers.com

Romanian Cybercriminal Admits Guilt in Scheme Selling Oregon State Government Network Access A Romanian national has pleaded guilty to charges related to unauthorized access and sale of network credentials belonging to an Oregon state government office… Go to gbhackers.com

Malicious OpenClaw Tactics Deceive Users into Manual Password Entry for AMOS Infection Malicious OpenClaw skills are being weaponized to coerce users into manually entering their passwords, enabling a new Atomic (AMOS) Stealer infection chain that abuses… Go to gbhackers.com

ZeroDayRAT Targets Android and iOS Devices for Surveillance and Financial Data Theft ZeroDayRAT targets Android and iOS devices, combining real-time surveillance with direct financial theft within a single browser panel. The Malware-as-a-Service (MaaS) ecosystem is entering a new phase, blending mobile surveillance and… Go to gbhackers.com

Starkiller Phishing Kit Clones Real Login Pages to Evade MFA Protections New phishing framework Starkiller is enabling more convincing, scalable credential theft by proxying real login pages and bypassing multi-factor authentication (MFA), significantly raising the… Go to gbhackers.com

CISA Warns of Actively Exploited Roundcube Vulnerabilities On February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in… Go to gbhackers.com

jsPDF Flaw Exposes Millions of Developers to Object Injection A serious security flaw in jsPDF, a widely used JavaScript library for generating PDFs in web browsers, puts millions of developers and their users… Go to gbhackers.com

HPE Telco Service Activator Vulnerability Allows Attackers to Bypass Access Controls Hewlett Packard Enterprise (HPE) has issued a security bulletin warning customers of a serious vulnerability in its Telco Service Activator product that could allow attackers to… Go to gbhackers.com

North Korean Hackers Exploit Fake IT Worker Schemes and Malicious Interview Lures North Korean state-backed hackers are running large-scale fake IT worker and “Contagious Interview” campaigns that abuse developer hiring workflows to deliver JavaScript-based malware, steal… Go to gbhackers.com

Anthropic Debuts Claude Code Security – AI Now Scan Vulnerabilities in Your Entire Codebase Anthropic has quietly flipped the script on application security. On February 20, the company launched Claude Code Security, a new capability baked directly into Claude… Go to gbhackers.com

PayPal Data Breach – 6 Months of Users’ Data Leaked Online PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for… Go to gbhackers.com

Silicon Valley Engineers Indicted for Alleged Trade Secret Theft From Google and Tech Firms Federal authorities arrested three Silicon Valley engineers on Thursday, charging them with conspiring to steal trade secrets from Google and other tech giants. The… Go to gbhackers.com

Critical Jenkins Flaw Exposes Build Environments to XSS Attacks A popular open-source automation server used by developers worldwide to build, test, and deploy software faces serious security risks from recent flaws. On February… Go to gbhackers.com

Google Blocks 1.75 Million Malicious Apps from Entering Play Store Google has revealed that it blocked more than 1.75 million malicious or policy‑violating Android apps from reaching users through the Play Store in 2025,… Go to gbhackers.com

Grandstream VoIP Phones Vulnerability Grants Attackers Root Privileges A critical unauthenticated stack-based buffer overflow vulnerability, tracked as CVE-2026-2329, affecting Grandstream GXP1600 series VoIP phones. The vulnerability, rated as critical with a CVSS score of 9.8, allows remote… Go to gbhackers.com

FBI Issues Emergency Alert as Ploutus Malware Drains U.S. ATMs Without Cards or Accounts Ploutus malware is powering a new wave of “jackpotting” attacks that drain U.S. ATMs without needing a bank card, customer account, or bank authorization,… Go to gbhackers.com

LLM-Generated Passwords Expose Security Risks with Predictability and Weakness LLM-generated passwords may look complex and “high entropy,” but new research shows they are highly predictable, frequently repeated, and far weaker than traditional cryptographic… Go to gbhackers.com

Google Rushes Out Critical Chrome Update to Address Serious PDFium and V8 Vulnerabilities Google has rushed out a vital security patch for Chrome, fixing three flaws that could let attackers run malicious code on users’ devices. The Stable… Go to gbhackers.com

Hackers Exploit Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT Hackers are actively exploiting a critical vulnerability in BeyondTrust’s remote support software to deploy the VShell backdoor and SparkRAT remote access trojan, enabling full… Go to gbhackers.com

Ongoing Campaign Targets Microsoft 365 to Steal OAuth Tokens for Persistent Access A new phishing campaign exploiting Microsoft’s OAuth 2.0 Device Authorization Grant flow to gain unauthorized and persistent access to Microsoft 365 accounts. The sophisticated… Go to gbhackers.com