macOS Malware Abuses Google Ads and Claude Shared Chats to Deliver Payloads
Threat actors are deploying a sophisticated malvertising campaign targeting macOS users by exploiting Google Ads and legitimate Anthropic Claude shared chats...
GBHackers
20 articles
ODINI Malware Uses CPU Magnetic Signals to Exfiltrate Data from Air-Gapped Systems
Air-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However,...
New cPanel and WHM Vulnerabilities Expose Servers to Code Execution and DoS Attacks
cPanel and WebHost Manager (WHM) are critical administrative control panels used by hosting providers globally to manage servers, websites, and databases. Du...
JDownloader Hack Spreads New Python RAT
The official JDownloader website fell victim to a sophisticated supply-chain attack, resulting in malicious installers being distributed to users worldwide. ...
Top 10 Best Secure Code Review Services For Developers in 2026
In the rapidly evolving landscape of software development, where speed and agility often take precedence, the imperative for robust security cannot be overst...
Top 10 Best DevSecOps Companies For Secure SDLC 2026
In the fast-paced world of software development, where agility and speed are paramount, security often struggles to keep pace. The traditional “bolt-on” secu...
TCLBANKER Malware Leverages WhatsApp and Outlook Worm Features in Active Attacks
A sophisticated Brazilian banking trojan named TCLBANKER, deployed through a trojanized Logitech installer and capable of hijacking victims’ WhatsApp and Out...
Vidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device Data
A highly evasive multi-stage malware campaign deploying the Vidar Infostealer. First discovered in late 2018 and built on the Arkei stealer source code, Vida...
NVIDIA Confirms GeForce Data Breach Exposed Users’ Personal Data
GFN Cloud Internet Services, operating as the regional NVIDIA GeForce NOW cloud gaming partner, GFN.AM has officially confirmed a significant data breach.
Pam Backdoor Targets Linux Systems to Steal SSH Credentials
A newly observed Linux backdoor technique, dubbed Pam, is exploiting the flexibility of Pluggable Authentication Modules (PAM) to capture SSH credentials and...
Modular RAT Campaign Steals Credentials and Captures Screenshots
A sophisticated spear-phishing campaign, dubbed Operation GriefLure, targeting senior executives in Vietnam and the Philippines with a stealthy modular remot...
Fake OpenClaw Installer Targets Crypto Wallets and Password Managers
Hackers are abusing a fake OpenClaw installer to deploy a modular Rust-based infostealer framework dubbed Hologram, aimed at harvesting credentials from more...
Cline Kanban WebSocket Vulnerability Enables Malicious Sites to Take Over AI Coding Agents
Cline, a widely adopted open-source AI coding agent, has recently patched a severe vulnerability in its local Kanban server. Trusted by developers with deep ...
ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations
A new cross‑platform malware family, dubbed ZiChatBot, that abuses the trusted Python Package Index (PyPI) ecosystem and the Zulip team chat platform to run ...
Fake Moustache Fools Age Checks, Sparks Online Safety Act Fears
A critical gaps in age verification systems introduced under the Online Safety Act, with children easily bypassing safeguards using simple tricks including d...
Trellix Investigates RansomHouse Breach Claims Involving Source Code Repository
Leading cybersecurity firm Trellix is actively investigating a potential security incident following claims made by the RansomHouse extortion group. The thre...
Critical Vulnerability in Rancher Fleet Enables Full Cluster-Admin Privileges
The SUSE Rancher Security team disclosed a critical vulnerability tracked as CVE-2026-41050. This severe flaw affects Rancher Fleet, a popular GitOps tool fo...
Hackers Use Morse Code to Trick Grok and Bankrbot, Steal $200K in Crypto Tokens
Threat actors have successfully executed a novel prompt injection attack against artificial intelligence agents, draining approximately $200,000 in cryptocur...
Signed Logitech Installer Abused to Drop TCLBANKER Banking Trojan
Hackers are abusing a signed Logitech installer to stealthily deploy a new Brazilian banking trojan known as TCLBANKER, giving threat actors a powerful tool ...
423 Firefox Flaws Fixed as Browser Gains Support for Claude, Mythos, and More
Mozilla has successfully identified and patched 423 latent security vulnerabilities in Firefox using advanced artificial intelligence models, notably Claude ...