Tag: gbhackers

Hugging Face Transformers Security Flaw Allows Remote Code Execution A critical security flaw in Hugging Face Transformers, tracked as CVE-2026-4372, has exposed millions of machine learning workflows to silent remote code execution (RCE)… Delivered by PolitePaul service Go to gbhackers.com

New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics A new Gafgyt-family botnet, tracked as C0XMO, marks a notable technical shift in IoT malware design: the separation of scanning and propagation into distinct… Delivered by PolitePaul service Go to gbhackers.com

AI-Powered Worm Leverages Stolen Compute to Target Linux, Windows, and IoT Devices AI-powered malware is moving from theory to reality, with new proof-of-concept worms showing how large language models (LLMs) can autonomously compromise mixed networks of… Delivered by PolitePaul service Go to gbhackers.com

New SHub Stealer Variant Targets Major Browsers and Crypto Wallets Threat actors have resurfaced with an upgraded SHub stealer for macOS, now branded “Reaper,” and they’re using a stealthy distribution trick that should worry… Delivered by PolitePaul service Go to gbhackers.com

Malicious Browser Add-Ons Target Major AI Chatbot Users Malicious browser add-ons are actively harvesting conversations and personal data from users of major AI platforms including ChatGPT, Claude, Copilot, Gemini, and DeepSeek. The threat… Delivered by PolitePaul service Go to gbhackers.com

PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability A proof-of-concept (PoC) exploit has been released for a critical server-side request forgery (SSRF) vulnerability impacting Cisco Unified Communications Manager (Unified CM) and Unified… Delivered by PolitePaul service Go to gbhackers.com

Stock Exchange Executive’s Outlook Targeted in Credential Theft Attack A prolonged and highly targeted espionage campaign has been uncovered involving the compromise of a senior executive’s Microsoft Outlook account at a major global… Delivered by PolitePaul service Go to gbhackers.com

IronWorm npm Attack Steals Developer Secrets A newly uncovered supply chain attack dubbed “IronWorm” is leveraging malicious npm packages to compromise developer environments, steal sensitive credentials, and propagate itself across… Delivered by PolitePaul service Go to gbhackers.com

Phishing Attacks Pivot to Infostealer Malware Over Fake Login Pages Cybercriminal tactics are evolving as phishing campaigns increasingly shift away from fake login pages toward infostealer malware designed to quietly harvest sensitive data from… Delivered by PolitePaul service Go to gbhackers.com

Proofpoint: TA4922 Deploys New RAT and Loader Arsenal A rapidly evolving threat cluster tracked as TA4922, a Chinese-speaking cybercriminal actor deploying a diverse and expanding malware arsenal that now includes Atlas RAT,… Delivered by PolitePaul service Go to gbhackers.com

Ivanti ITSM Flaw Could Allow Attackers to Escalate to Admin Access Ivanti has patched a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow authenticated attackers to escalate privileges and gain full… Delivered by PolitePaul service Go to gbhackers.com

HazyBeacon Campaign Abuses AWS for Stealthy C2 Communications A newly documented cyber espionage operation known as HazyBeacon, tracked as CL-STA-1020, is leveraging Amazon Web Services (AWS) to build stealthy command-and-control (C2) channels… Delivered by PolitePaul service Go to gbhackers.com

Hackers Leverage AI-Powered Tools to Streamline Active Directory Compromise A threat campaign in which attackers leveraged AI-powered tools to streamline Active Directory (AD) compromise and accelerate endpoint detection and response (EDR) evasion testing…. Delivered by PolitePaul service Go to gbhackers.com

Windows Search URI Handler Vulnerability Exposes NTLMv2 Hashes to Remote Attackers Windows systems are once again exposed to NTLM credential leakage through a newly observed abuse of the search, URI handler, a vulnerability class closely mirroring… Delivered by PolitePaul service Go to gbhackers.com

HTTP/2 Bomb Remote DoS Exploit Impacts nginx, Apache, IIS, Envoy, and Cloudflare Pingora A newly disclosed “HTTP/2 Bomb” attack is raising serious concerns across the web infrastructure ecosystem, enabling remote denial-of-service (DoS) conditions against widely deployed servers… Delivered by PolitePaul service Go to gbhackers.com

Microsoft: No Lawsuits Against Researchers in Nightmare-Eclipse Row Microsoft has issued a clarifying statement, assuring the global cybersecurity community that it has no intention of pursuing legal action against security researchers conducting or publishing… Delivered by PolitePaul service Go to gbhackers.com

Meta AI Vulnerability Allegedly Enables Instagram Password Resets Instagram is facing scrutiny after a critical vulnerability in its Meta AI-powered support system allegedly allowed attackers to take over user accounts by abusing… Delivered by PolitePaul service Go to gbhackers.com

Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack Iran-linked hackers have launched a destructive cyber campaign that wipes IT, backup, and recovery systems at multiple organizations in the Middle East and beyond,… Delivered by PolitePaul service Go to gbhackers.com

Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation Microsoft’s May 2026 Patch Tuesday release has taken a critical turn after security researchers confirmed that a high-risk Windows Netlogon vulnerability is now being… Delivered by PolitePaul service Go to gbhackers.com

Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures Microsoft has released cumulative update KB5089573 for Windows 11 versions 24H2 and 25H2, aimed at improving stability and resolving installation issues reported during recent… Delivered by PolitePaul service Go to gbhackers.com

Palo Alto PAN-OS Authentication Bypass Vulnerability Actively Exploited in the Wild A critical authentication-bypass vulnerability affecting Palo Alto Networks PAN-OS and Prisma Access is being actively exploited by malicious actors. In response to mounting attacks, the… Delivered by PolitePaul service Go to gbhackers.com

SideCopy Deploys Persistent XenoRAT Against Afghanistan Finance Ministry Pakistan-linked threat actor SideCopy has launched a highly targeted spear-phishing campaign against Afghanistan’s Ministry of Finance (MoF). The operation surgically targets all 34 provincial… Delivered by PolitePaul service Go to gbhackers.com

Google Chrome’s DBSC Now Generally Available to Prevent Account Takeovers Google has officially made Device Bound Session Credentials (DBSC) generally available for the Chrome browser on Windows. This architectural upgrade delivers a robust… Delivered by PolitePaul service Go to gbhackers.com

Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges A newly analyzed ransomware strain, “The Gentlemen,” is raising concern among security researchers due to its ability to combine strong encryption with aggressive lateral… Delivered by PolitePaul service Go to gbhackers.com

JINX-0164 Uses LinkedIn Lures to Deploy Custom macOS Malware A newly identified threat actor tracked as JINX-0164 is targeting cryptocurrency organizations through sophisticated LinkedIn-based social engineering campaigns. The financially motivated group has been active… Delivered by PolitePaul service Go to gbhackers.com

GitLab Patches Multiple Duo AI, DoS, and Authorisation Vulnerabilities GitLab has released patch versions 19.0.1, 18.11.4, and 18.10.7 to fix seven security issues affecting GitLab CE and EE, including Duo AI workflow runner… Delivered by PolitePaul service Go to gbhackers.com

Typosquatted npm Packages Steal Cloud and CI/CD Secrets A coordinated npm supply chain attack has been uncovered targeting developers working with OpenSearch, ElasticSearch, and DevOps tooling, with attackers actively stealing cloud credentials… Delivered by PolitePaul service Go to gbhackers.com

Trusted Dev Tools Abused to Steal Code and Secrets Attackers are increasingly weaponizing trusted developer tools to infiltrate software supply chains, with CISA warning of multiple ongoing campaigns targeting CI/CD ecosystems and developer… Delivered by PolitePaul service Go to gbhackers.com

Fake Adobe Document Cloud Pages Spread ScreenConnect Malware Hackers are actively exploiting trust in Adobe Document Cloud by using fake delivery pages to install remote access malware. The campaign leverages a sophisticated phishing… Delivered by PolitePaul service Go to gbhackers.com

Samba Security Flaw Lets Attackers Execute Code Remotely A critical security vulnerability in Samba’s printing subsystem has been disclosed, allowing unauthenticated attackers to execute arbitrary code remotely on affected servers. Tracked as… Delivered by PolitePaul service Go to gbhackers.com

VaultJacking Attack Exposes Google Password Vaults via Single PIN A newly disclosed phishing technique dubbed “VaultJacking” is raising serious concerns across the cybersecurity community after researchers demonstrated how a single captured Google Password… Delivered by PolitePaul service Go to gbhackers.com

Gitea Container Registry Vulnerability Could Lead to Private Image Exposure A critical vulnerability, tracked as CVE-2026-27771, has been discovered in Gitea’s built-in container registry, allowing unauthenticated remote attackers to access private container images without… Delivered by PolitePaul service Go to gbhackers.com

Top 10 Best Mobile Application Security Testing (MAST) Tools in 2026 As mobile usage continues to dominate the digital landscape, securing mobile applications has never been more critical. The year 2026 brings new challenges to… Delivered by PolitePaul service Go to gbhackers.com

AI-Generated npm Malware Leaks Hacker’s Private GitHub Token A newly discovered malicious npm package is drawing attention across the cybersecurity community after inadvertently exposing its own operator’s private GitHub token. Identified by… Delivered by PolitePaul service Go to gbhackers.com

Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks Notepad++ has released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could allow arbitrary code execution under specific conditions. The update,… Delivered by PolitePaul service Go to gbhackers.com

Windows Kernel Vulnerability Lets Attackers Modify Kernel Memory Counters A critical Windows kernel vulnerability, CVE-2026-40369, allows any unprivileged process, including a browser renderer sandbox, to increment arbitrary kernel memory and reliably escalate to… Delivered by PolitePaul service Go to gbhackers.com

GitHub Enterprise Server 3.20.3 Addresses Critical Security Flaws GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges,… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit Shared CDN Edge IPs to Evade Protective DNS Filtering Hackers are exploiting shared CDN edge infrastructure to bypass DNS-based security controls, according to new research from ADAMnetworks, which details a stealthy evasion technique… Delivered by PolitePaul service Go to gbhackers.com

New Zero-Click WhatsApp Account Takeover Attack Targets iOS 16 Users A newly uncovered zero-click attack targets iPhone users running iOS 16, allowing threat actors to hijack WhatsApp accounts without any user interaction, visible prompts,… Delivered by PolitePaul service Go to gbhackers.com

Anthropic Launches Free Claude Code Terminal Plugin to Detect Security Vulnerabilities Anthropic has launched a free Claude Code terminal plugin, “security-guidance,” that continuously reviews AI‑generated code in-session to detect and remediate security vulnerabilities before they… Delivered by PolitePaul service Go to gbhackers.com

China-Linked Hackers Hit SEA Edge Routers With Custom Linux Implant China-linked hackers are conducting a stealthy infrastructure-centric espionage campaign across Southeast Asia by compromising Linux-based edge routers with a custom ELF implant and pairing… Delivered by PolitePaul service Go to gbhackers.com

Memcached SASL Flaw Exposes Usernames to Enumeration Attacks A newly identified vulnerability in Memcached has raised concerns among security professionals after researchers confirmed a timing side-channel flaw that allows attackers to enumerate… Delivered by PolitePaul service Go to gbhackers.com

Apache CXF Flaw Exposes Systems to LDAP Injection Attacks Apache CXF users are facing a significant security risk following the disclosure of a new vulnerability that exposes systems to LDAP injection attacks, potentially… Delivered by PolitePaul service Go to gbhackers.com

Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware Hackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to compromise websites and distribute ClickFix malware through large-scale page-poisoning attacks…. Delivered by PolitePaul service Go to gbhackers.com

NightSpire Ransomware Abuses RDP for Stealthy Persistence NightSpire has quickly emerged as a significant ransomware threat since its discovery in early 2025, combining classic double-extortion tactics with stealthy intrusion techniques. The… Delivered by PolitePaul service Go to gbhackers.com

WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS Security researchers have raised concerns over how WhatsApp stores user chat data on macOS and iOS, revealing that message databases may be stored in… Delivered by PolitePaul service Go to gbhackers.com

Telegram Channels Fuel Sale of Verified Bank Mule Accounts Cybercriminal groups are increasingly using Telegram channels and encrypted platforms to sell verified bank and fintech mule accounts, signaling a major shift in how… Delivered by PolitePaul service Go to gbhackers.com

Italian Authorities Dismantle CINEMAGOAL App Enabling Unauthorised Access to Streaming Platforms Italian law enforcement agencies have dismantled a sophisticated piracy operation centered around the CINEMAGOAL application, which enabled unauthorized access to premium streaming platforms including… Delivered by PolitePaul service Go to gbhackers.com

CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082,… Delivered by PolitePaul service Go to gbhackers.com

Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed A sharp surge in internet scanning activity targeting SonicWall firewall management interfaces has raised concerns among cybersecurity researchers, with GreyNoise reporting nearly 597,000 sessions… Delivered by PolitePaul service Go to gbhackers.com

LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access A critical zero-day privilege escalation vulnerability in the LiteSpeed User-End cPanel plugin is being actively exploited in the wild, enabling any authenticated cPanel user… Delivered by PolitePaul service Go to gbhackers.com

Hackers Exploit F5 BIG-IP to Gain SSH Access and Pivot Into Linux Networks Threat actors are actively exploiting end-of-life F5 BIG-IP appliances to gain unauthorized SSH access into enterprise networks, using the compromised devices as launchpads for… Delivered by PolitePaul service Go to gbhackers.com

Hackers Compromise Laravel-Lang Packages via 700 GitHub Repos A sophisticated and active supply chain attack has struck the Laravel-Lang open-source organization, compromising over 700 historical package versions across four widely used PHP… Delivered by PolitePaul service Go to gbhackers.com

Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installers Financially motivated threat actors are running an active campaign that impersonates Google’s Gemini CLI and Anthropic’s Claude Code, using SEO poisoning to deliver a… Delivered by PolitePaul service Go to gbhackers.com

Ubiquiti Patches Critical UniFi OS Privilege Escalation Flaws Ubiquiti has released urgent security patches for five critical and high-severity vulnerabilities across its UniFi OS platform, addressing flaws that could allow remote attackers… Delivered by PolitePaul service Go to gbhackers.com

Popular npm Package “art-template” Backdoored in Watering-Hole Attack Hackers compromised the popular art-template npm package to inject a stealthy backdoor that redirected users’ browsers to a malicious watering‑hole site delivering a Coruna‑class… Delivered by PolitePaul service Go to gbhackers.com

CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities CISA has issued an urgent alert warning organizations about two newly disclosed zero-day vulnerabilities affecting Microsoft Defender, both added to the Known Exploited Vulnerabilities… Delivered by PolitePaul service Go to gbhackers.com

Hackers Use Six-Layer Persistence on FreePBX Systems Hackers are actively exploiting FreePBX systems using a highly resilient six-layer persistence mechanism. The campaign has been attributed with high confidence to the threat… Delivered by PolitePaul service Go to gbhackers.com

Hackers Weaponize NF-e Invoice Lures to Deploy Banana RAT Hackers are actively using Brazil’s electronic invoice system (NF-e) as a lure to distribute a sophisticated banking trojan known as Banana RAT. The campaign has… Delivered by PolitePaul service Go to gbhackers.com

Android Malware Secretly Signs Users Up for Premium Services Android users are being targeted by a large-scale malware campaign that silently subscribes victims to premium mobile services without their knowledge. The malware campaign focuses… Delivered by PolitePaul service Go to gbhackers.com

Fake Microsoft Teams Downloads Spread ValleyRAT Malware Hackers are actively distributing a sophisticated ValleyRAT malware variant through fake Microsoft Teams download pages, leveraging social engineering and multi-stage execution techniques to evade… Delivered by PolitePaul service Go to gbhackers.com

Google Chrome Security Flaws Could Let Attackers Execute Code Remotely Google has released a critical security update for its Chrome browser, addressing multiple vulnerabilities that could allow attackers to execute arbitrary code on affected… Delivered by PolitePaul service Go to gbhackers.com

TamperedChef Malware Hides in Signed Apps to Drop Stealers and RATs A large-scale malware campaign dubbed “TamperedChef” is leveraging trojanized productivity applications such as PDF editors, calendar tools, and file converters to silently deploy information… Delivered by PolitePaul service Go to gbhackers.com

Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain high-level administrative access to sensitive… Delivered by PolitePaul service Go to gbhackers.com

New NGINX 0-Day RCE “nginx-poolslip” Threatens Millions of Servers A newly discovered zero-day vulnerability in NGINX, dubbed “nginx-poolslip,” is raising serious concerns across the global cybersecurity community, as it exposes millions of servers… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Edge Enhances Security by Preventing Password Loading at Startup Microsoft is rolling out a key security change in its Edge browser to stop saved passwords from being loaded into memory as soon as… Delivered by PolitePaul service Go to gbhackers.com

ShinyHunters Takes Responsibility for Attack on Learning Management Platform A cyberattack linked to the notorious threat group ShinyHunters has disrupted a widely used Learning Management System (LMS), impacting educational institutions and students across… Delivered by PolitePaul service Go to gbhackers.com

Gentlemen Ransomware Targets Windows, Linux, NAS, BSD, and ESXi Systems The Gentlemen ransomware operation has rapidly emerged as one of the most active and scalable cybercrime threats since its public appearance in the second… Delivered by PolitePaul service Go to gbhackers.com

Kimsuky Uses LNK, JSE Lures to Target Recruiters, Crypto Users, Defense Officials Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials. North Korea-linked threat group Kimsuky has launched at least four… Delivered by PolitePaul service Go to gbhackers.com

20-Year-Old PostgreSQL Flaw Gets Public PoC Exploit for Remote Code Execution A newly released proof-of-concept (PoC) exploit for CVE-2026-2005 has brought renewed attention to a critical vulnerability in PostgreSQL’s pgcrypto extension, exposing systems to remote… Delivered by PolitePaul service Go to gbhackers.com

Hackers Abuse Cloudflare Storage to Exfiltrate Network Files A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blends custom tooling, cloud infrastructure,… Delivered by PolitePaul service Go to gbhackers.com

Paper Werewolf APT Spreads EchoGather RAT via Fake Adobe Installer A sophisticated Russian-language threat cluster known as Paper Werewolf (also tracked as GOFFEE) has launched a fresh wave of targeted cyberattacks against Russian industrial, financial, and… Delivered by PolitePaul service Go to gbhackers.com

Hackers Hide PureLogs Infostealer in PawsRunner Loader Threat actors are increasingly hiding malware inside seemingly harmless files, and a new campaign shows just how effective this tactic has become. The attack… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Acknowledges Windows 11 Update Failure Linked to Error 0x800f0922 Microsoft has acknowledged a growing issue affecting Windows 11 users: the May 2026 cumulative update (KB5089549) fails to install, resulting in error code 0x800f0922…. Delivered by PolitePaul service Go to gbhackers.com

Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely A newly disclosed critical vulnerability in the Marimo Python notebook framework is raising serious alarms across the cybersecurity community, as it allows attackers to… Delivered by PolitePaul service Go to gbhackers.com

JDownloader Website Hack Exposes Windows and Linux Users to Malicious Installers A popular open-source download manager trusted by millions suddenly became a malware delivery platform after attackers compromised its official website, replacing legitimate installers with… Delivered by PolitePaul service Go to gbhackers.com

VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges A newly disclosed vulnerability in VMware Fusion has raised serious security concerns after researchers confirmed it could allow attackers to escalate privileges to root… Delivered by PolitePaul service Go to gbhackers.com

Gunra Ransomware Expands RaaS After Conti Locker Shift Gunra ransomware is rapidly evolving into a more structured and dangerous cybercrime operation after shifting from a Conti-based locker to its own Ransomware-as-a-Service (RaaS)… Delivered by PolitePaul service Go to gbhackers.com

Linux “ssh-keysign-pwn” Flaw Exposing Critical Authentication Files A newly disclosed Linux kernel vulnerability, dubbed “ssh-keysign-pwn” by Qualys researchers, exposes millions of Linux systems to unauthorized access to sensitive SSH private keys and hashed… Delivered by PolitePaul service Go to gbhackers.com

Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS & Kubernetes Shai-Hulud is a major cybersecurity threat targeting the open-source software supply chain. Security researchers are raising alarms over “Shai-Hulud,” a self-propagating npm worm designed to… Delivered by PolitePaul service Go to gbhackers.com

OrBit Rootkit Targets Linux to Steal SSH and Sudo Credentials Hackers are continuing to abuse a stealthy Linux rootkit known as OrBit to harvest SSH and sudo credentials, with new research showing the threat… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026 The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks Microsoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to silently infiltrate networks. The… Delivered by PolitePaul service Go to gbhackers.com

Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond traditional… Delivered by PolitePaul service Go to gbhackers.com

Amazon Redshift JDBC Driver Flaws Expose Systems to RCE Attacks Amazon Redshift users are facing a serious security risk after researchers uncovered a high-severity vulnerability that could allow attackers to execute arbitrary code on… Delivered by PolitePaul service Go to gbhackers.com

170 npm Packages Hijacked to Steal GitHub, AWS & Kubernetes Secrets Hackers have launched a large-scale supply chain attack by compromising more than 170 npm packages and two PyPI libraries, collectively downloaded over 200 million… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Research: AI Can Generate Realistic Command-Line and Process Telemetry A new approach showing how artificial intelligence can generate highly realistic command-line data and process telemetry potentially transforming how security teams build and test… Delivered by PolitePaul service Go to gbhackers.com

Amazon Quick Security Flaw Allowed Restricted Users to Access AI Chat Agents A newly disclosed security flaw in Amazon’s AI-powered business intelligence platform has revealed how restricted users could quietly bypass controls and interact with AI… Delivered by PolitePaul service Go to gbhackers.com

Hackers Hijack HWMonitor to Sideload Malicious DLL Hackers are once again exploiting user trust in legitimate software, this time abusing the popular CPUID HWMonitor utility to deliver a stealthy remote access… Delivered by PolitePaul service Go to gbhackers.com

GitLab Security Flaw Allows Cross-Site Scripting and Unauthenticated DoS GitLab has issued an urgent security update to neutralise a massive wave of vulnerabilities. Threat actors could exploit these newly disclosed flaws to silently… Delivered by PolitePaul service Go to gbhackers.com

Ransomware Gangs Use BYOVD and EDR Killers to Disable Security Tools Ransomware is evolving faster than many defenses can keep up. In 2026, attackers are no longer just encrypting files they are systematically dismantling security… Delivered by PolitePaul service Go to gbhackers.com

ClickFix Evolves Using Decade-Old Open-Source Python SOCKS5 Proxy A newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain using PySoxy, a 10-year-old open-source… Delivered by PolitePaul service Go to gbhackers.com

Infostealer Malware Fuels Corporate Breaches From Personal Devices Infostealer malware is no longer just a consumer nuisance it has become a direct bridge between personal device infections and full-scale enterprise breaches. Once… Delivered by PolitePaul service Go to gbhackers.com

Fake FinalShell and Xshell Sites Push Kong RAT Malware Hackers are abusing fake download sites for popular tools like FinalShell and Xshell to deliver a new remote access trojan known as Kong RAT,… Delivered by PolitePaul service Go to gbhackers.com

Q1 2026 Ransomware Attacks Hits 2,122 Orgs Amid Fewer, More Impactful Groups Ransomware activity remained elevated in Q1 2026, continuing the trend established over the past year. The latest State of Ransomware Q1 2026 report reveals that 2,122 organizations… Delivered by PolitePaul service Go to gbhackers.com

Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks A critical security vulnerability in the Cline AI coding assistant’s kanban package exposes developers to remote code execution, data theft, and denial-of-service attacks by… Delivered by PolitePaul service Go to gbhackers.com

North Korea Hackers Abuse Git Hooks to Deploy Cross-Platform Malware North Korean threat actors have introduced a stealthy new delivery mechanism in their ongoing “Contagious Interview” campaign, shifting tactics to abuse Git hooks for… Delivered by PolitePaul service Go to gbhackers.com

Fake TronLink Chrome Extension Steals Crypto Wallet Credentials A newly uncovered phishing campaign is targeting TRON wallet users through a deceptive Chrome extension that mimics the popular TronLink wallet. The campaign… Delivered by PolitePaul service Go to gbhackers.com

Microsoft Warns: MistralAI PyPI Package Compromised with Malware Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of… Delivered by PolitePaul service Go to gbhackers.com

Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data A critical vulnerability dubbed “ClaudeBleed” has compromised Anthropic’s trusted AI assistant, potentially turning it into a backdoor. This severe design flaw in the Claude… Delivered by PolitePaul service Go to gbhackers.com