Security researchers from Infoblox have successfully intercepted millions of malicious push notification advertisements by exploiting a DNS misconfiguration technique known as “lame nameserver delegation,” gaining complete visibility into a large-scale affiliate advertising operation without directly compromising any systems. The researchers…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation
Security researcher has disclosed a critical vulnerability in ServiceNow’s Virtual Agent API and Now Assist AI Agents application, tracked as CVE-2025-12420. Dubbed “BodySnatcher,” this flaw enables unauthenticated attackers to impersonate any ServiceNow user using only their email address, bypassing multi-factor…
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterprise Remote Desktop infrastructure, triggering widespread credential prompt failures that prevent users from accessing Azure Virtual Desktop and Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions…
Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages
Threat intelligence researchers at Huntress have uncovered a sophisticated browser extension campaign orchestrated by the KongTuke threat actor group, featuring a malicious ad blocker impersonating the legitimate uBlock Origin Lite extension. The campaign weaponizes fake browser crash warnings to trick…
New Kerberos Relay Technique Exploits DNS CNAMEs to Bypass Existing Defenses
A critical vulnerability in Windows Kerberos authentication that enables attackers to conduct credential-relay attacks by exploiting DNS CNAME records. Tracked as CVE-2026-20929, this flaw allows threat actors to force victims into requesting Kerberos service tickets for attacker-controlled systems, facilitating lateral…
GhostPoster Malware Targets Chrome Users via 17 Rogue Extensions
A sophisticated malware campaign has compromised users of Chrome, Firefox, and Edge by deploying 17 malicious extensions that employ advanced steganography techniques to evade detection. Collectively downloaded more than 840,000 times, the GhostPoster operation represents one of the most technically…
Google Vertex AI Flaw Lets Low-Privilege Users Escalate to Service Agent Roles
Security researchers have discovered critical privilege escalation vulnerabilities in Google’s Vertex AI platform that allow attackers with minimal permissions to hijack high-privileged Service Agent accounts. The flaws affect the Vertex AI Agent Engine and Ray on Vertex AI, where default…
Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover
Security researchers have uncovered two critical cross-site scripting (XSS) vulnerabilities in Meta’s Conversions API Gateway that could enable attackers to hijack Facebook accounts on a massive scale without any user interaction. The flaws affect Meta-owned domains, including facebook.com and meta.com,…
Researchers Breach StealC Infrastructure, Access Malware Control Panels
Criminal infrastructure often fails for the same reasons it succeeds: it is rushed, reused, and poorly secured. Security researchers recently demonstrated this vulnerability by exploiting the very malware infrastructure designed to steal victims’ credentials. StealC Malware and Its Infrastructure Weaknesses…
Windows 11 January Update Sparks Widespread Shutdown Complaints
Microsoft’s latest security update for Windows 11 has triggered an unexpected problem affecting enterprise users: PCs equipped with Secure Launch are unable to shut down or hibernate properly. Instead of powering off, affected devices restart automatically, disrupting workflows and forcing…
Best Security Awareness Training Platforms For 2026
Security awareness training platforms empower organizations to combat rising cyber threats by educating employees on phishing, ransomware, and social engineering in 2026. These top 10 solutions deliver simulated attacks, personalized learning, and measurable risk reduction for businesses seeking robust human…
Go 1.26 Released With Fixes for Multiple Vulnerabilities Causing Memory Exhaustion
The Go development team has released Go versions 1.25.6 and 1.24.12, addressing six critical security vulnerabilities that could enable denial-of-service attacks, arbitrary code execution, and unauthorised session resumption. These minor point releases follow the Go security policy and represent significant…
UAT-8837 Launches Targeted Attacks to Steal Sensitive Organizational Data
UAT-8837, a China-nexus advanced persistent threat (APT) actor, is conducting sustained campaigns against critical infrastructure sectors across North America. The group, assessed with medium confidence based on tactical overlaps with known Chinese threat actors, specializes in obtaining initial access to…
NSA Publishes New Guidelines for Implementing a Zero Trust Security Model
The National Security Agency has published the first two products in its Zero Trust Implementation Guidelines series, offering organizations practical recommendations for adopting Zero Trust security models. These foundational resources represent a significant step toward strengthening the cybersecurity posture of federal and private-sector entities. …
Cisco Secure Email Gateway Zero-Day RCE Exploited in Active Attacks
Cisco has confirmed an ongoing cyberattack campaign targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances, in which threat actors are executing arbitrary commands with root-level privileges on affected systems. The company became aware of the attack on…
Google Begins Rolling Out Long-Awaited @gmail.com Email Feature to Users
Google has initiated a gradual rollout of a highly requested feature that allows users to change their primary Google Account email address from one @gmail.com address to another. The functionality, which has been available in limited scenarios, is now being rolled out to all…
Zero-Click Exploit Chain Discovered Targeting Google Pixel 9 Devices
Security researchers at Google Project Zero have disclosed a complete zero-click exploit chain affecting Google Pixel 9 smartphones, chaining vulnerabilities in the Dolby audio decoder and kernel driver to achieve code execution and privilege escalation without any user interaction. The…
AWS Console Supply Chain Breach Enables GitHub Repository Hijacking
A newly reported supply chain attack targeting the Amazon Web Services (AWS) management console has raised alarms across the developer community. Cybersecurity researchers have discovered that threat actors are exploiting misconfigured AWS credentials and integrated GitHub actions to hijack repositories and inject…
Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the…
Palo Alto Networks Firewall Vulnerability Allows Attackers To Trigger Denial Of Service
Palo Alto Networks has released security updates to address a high‑severity denial-of-service (DoS) vulnerability in PAN-OS that could allow unauthenticated attackers to repeatedly crash firewalls configured with GlobalProtect, forcing them into maintenance mode and disrupting network availability. The flaw, tracked…