Operation Dragon Whistle Targets Changzhou University with Malicious LNK Files
A recent phishing campaign dubbed “Operation Dragon Whistle” highlights an evolving trend in cyberattacks: threat actors abusing legitimate developer tools a...
GBHackers
20 articles
Hackers Hide Malware in Nested macOS-Style Folders to Evade Scans
Hackers are increasingly adopting stealthy delivery techniques, and a newly uncovered spear-phishing campaign shows how nested macOS-like folder structures c...
CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks
CISA has added a newly disclosed vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is activel...
Megalodon Malware Rapidly Infects Over 5,500 GitHub Repositories
A newly identified malware campaign dubbed “Megalodon” has compromised more than 5,500 GitHub repositories, raising serious concerns about the security of op...
Hackers Abuse Hugging Face to Deliver npm Malware
A newly uncovered supply chain attack targeting the npm ecosystem has been linked to North Korean (DPRK)-aligned threat actors. The campaign centers around a...
Mini Shai-Hulud Attack Prompts npm to Revoke 2FA-Bypass Tokens
npm has forced a platform-wide reset of granular access tokens that bypass two-factor authentication (2FA) after a wave of supply chain attacks linked to the...
Flipper Introduces Flipper One as a Modular Linux-Based Cyberdeck
Flipper Devices has officially unveiled Flipper One, a modular, Linux-based cyberdeck designed to push the boundaries of open hardware and portable network a...
Authorities Take Down “First VPN” Service Used in Ransomware Attacks
Authorities in Europe have dismantled a major criminal VPN service known as “First VPN,” which was widely used by ransomware operators and cybercriminal grou...
Apache OFBiz RCE Flaw Abuses Password-Change Restrictions for Authentication Bypass
A critical authentication bypass vulnerability in Apache OFBiz allows attackers to hijack forced password-change flows and achieve remote code execution (RCE...
Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild
Microsoft has disclosed two new zero-day vulnerabilities in Microsoft Defender that are actively being exploited in the wild, raising concerns among security...
Discord Enables End-to-End Encryption by Default Across Voice and Video Features
Discord has officially enabled end-to-end encryption (E2EE) by default for all voice and video communications across its platform, marking a significant shif...
Google Chrome Security Flaws Could Let Attackers Execute Code Remotely
Google has released a critical security update for its Chrome browser, addressing multiple vulnerabilities that could allow attackers to execute arbitrary co...
Fake Microsoft Teams Downloads Spread ValleyRAT Malware
Hackers are actively distributing a sophisticated ValleyRAT malware variant through fake Microsoft Teams download pages, leveraging social engineering and mu...
TamperedChef Malware Hides in Signed Apps to Drop Stealers and RATs
A large-scale malware campaign dubbed “TamperedChef” is leveraging trojanized productivity applications such as PDF editors, calendar tools, and file convert...
New NGINX 0-Day RCE “nginx-poolslip” Threatens Millions of Servers
A newly discovered zero-day vulnerability in NGINX, dubbed “nginx-poolslip,” is raising serious concerns across the global cybersecurity community, as it exp...
Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security
Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain high-level administr...
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
A large-scale phishing campaign leveraging fake event invitations is actively targeting U.S.
Indian Student Data Weaponized in Phishing and Financial Fraud Campaigns
A growing trend in India where student data is increasingly being exploited for cybercrime activities, including phishing, impersonation, social engineering,...
Critical Drupal Vulnerability Could Leave Sites Open to Cyberattack
The Drupal Security Team has issued a warning about a highly critical vulnerability affecting Drupal core, with a security release scheduled for May 20, 2026...
Mini Shai-Hulud Hits @antv npm Packages, Targets CI/CD Secrets
An Active and sophisticated supply chain attack targeting the widely used @antv npm ecosystem, where a threat actor compromised a maintainer account and push...