A sophisticated new phishing campaign is targeting Apple Pay users, leveraging high-quality email design and social engineering to bypass security measures. Unlike typical scams that rely on poorly spelled emails and suspicious links, this campaign uses a “hybrid” approach involving…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
State-Backed Hackers Target Military Officials and Journalists on Signal in Latest Cyberattack
German intelligence and security agencies have issued a high-priority warning regarding a sophisticated cyber espionage campaign targeting military officials, diplomats, and investigative journalists across Europe. The Bundesamt für Verfassungsschutz (BfV) and the Federal Office for Information Security (BSI) identified the…
Hackers Exploit Free Firebase Accounts to Launch Phishing Campaigns
A new wave of phishing campaigns where scammers are abusing Google’s legitimate infrastructure to bypass security filters. Attackers are now creating free developer accounts on Google Firebase to send fraudulent emails that impersonate well-known brands. By leveraging the reputation of…
Hackers Exploit Cybersquatting Tactics to Spread Malware and Steal Sensitive Information
Digital squatting has evolved from a simple trademark nuisance into a dangerous cybersecurity threat. In 2025, the World Intellectual Property Organization (WIPO) handled a record-breaking 6,200 domain name disputes. This figure continues a troubling trend, with cybersquatting cases rising by…
Transparent Tribe Hacker Group Targets India’s Startup Ecosystem in Cyber Attack
A worrying shift in the tactics of “Transparent Tribe,” a notorious threat group also known as APT36. Historically focused on Indian government, defense, and educational sectors, the group has now expanded its scope to target India’s growing startup ecosystem. This…
Bulletproof Hosting Providers Exploit Legitimate ISPs to Power Cybercrime Servers
A surprising link between legitimate IT software and major cybercriminal operations. While investigating attacks by the “WantToCry” ransomware gang, analysts noticed that the attackers were using virtual machines (VMs) with identical, computer names (hostnames) like WIN-J9D866ESIJ2 and WIN-LIVFRVQFMKO. These names were not random.…
Claude Opus 4.6 Launches Enhanced Security Capabilities to Validate 500+ Critical Vulnerabilities
Anthropic has released Claude Opus 4.6, marking a significant leap in the defensive application of artificial intelligence. Released yesterday, the model has already identified and validated over 500 high-severity “zero-day” vulnerabilities in open-source software. This development signals a major shift…
FvncBot Targets Android Users, Exploiting Accessibility Services for Attacks
A previously undocumented Android banking trojan dubbed “FvncBot.” First observed in late 2025, this sophisticated malware disguises itself as a security application from mBank, a major Polish financial institution. Unlike many recent threats that recycle code from leaked sources like…
OpenAI Launches Trusted Access to Strengthen Cybersecurity Protections
OpenAI has unveiled Trusted Access for Cyber, a new identity- and trust-based framework designed to enhance cybersecurity defenses while mitigating risks posed by its most advanced AI models. The initiative centers on GPT-5.3-Codex, OpenAI’s most cyber-capable frontier-reasoning model, which can…
RenEngine Loader Deploys Stealthy Multi-Stage Execution to Bypass Security Measures
The malware family, RenEngine Loader, after discovering malicious logic embedded within what appears to be a legitimate Ren’Py-based game launcher. Active since April 2025, the operation has already compromised over 400,000 victims globally, with a localized focus on India, the United…
China-Nexus Hackers Target Linux Devices to Redirect Traffic and Deploy Malware
“DKnife,” a sophisticated gateway-monitoring and adversary-in-the-middle (AitM) framework that turns Linux-based routers and edge devices into surveillance tools. Active since at least 2019, this campaign employs seven distinct Linux implants to inspect network traffic, hijack legitimate software downloads, and deploy…
F5 Releases Urgent Security Fixes for Critical Vulnerabilities in BIG‑IP and NGINX
F5 released its Quarterly Security Notification, addressing multiple security flaws across its product ecosystem. While F5 classifies the primary vulnerabilities as “Medium” severity under their internal policy, the updated CVSS v4.0 scoring system assigns them a score of 8.2, indicating a…
Zscaler Integrates SquareX to Deliver Stronger Browser Security Protections
Zscaler, Inc., a global leader in cloud security, has announced the successful acquisition of SquareX. This strategic move is designed to extend Zscaler’s Zero Trust capabilities directly into the web browser, effectively securing the “AI era” of enterprise work. The…
New Wave of Odyssey Stealer Targets macOS Users in Active Cyberattack Campaign
A significant surge in Odyssey Stealer activity is currently targeting macOS users across multiple continents, with recent telemetry data revealing a dramatic geographic expansion of this sophisticated information-stealing campaign. Security researchers have observed newly updated malware samples spreading rapidly beyond…
APT-Q-27 Launches Stealthy Attacks on Corporate Networks, Evades Detection
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as APT-Q-27, or “GoldenEyeDog”. The attack began…
CISA Alerts Exploited React Native Community Security Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is an Operating System (OS) command injection flaw that poses severe…
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC…
CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded first place…
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over…
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in…