Trapdoor Android Ad Fraud Ring Abuses 455 Apps for Fake Clicks
A large-scale Android ad fraud campaign named “Trapdoor,” exposing a sophisticated ecosystem built on 455 malicious apps and 183 command-and-control (C2) dom...
GBHackers
20 articles
FreePBX Security Flaw Lets Attackers Access User Portals
A critical security vulnerability has been discovered in FreePBX, a widely used open-source PBX platform, allowing unauthenticated attackers to access user p...
DevilNFC Malware Traps Android Users in NFC Relay Attacks
A newly identified Android malware family named DevilNFC is raising concern among cybersecurity researchers for its advanced use of kiosk mode to trap victim...
Mini Shai-Hulud Attack Hits npm Ecosystem, Compromising Over 600 Packages
A large-scale supply chain attack targeting the npm ecosystem has resurfaced with a new variant of the Mini Shai-Hulud malware, compromising more than 600 pa...
Single-Letter Go Module Typosquat Drops DNS-Based Backdoor
A newly uncovered software supply chain attack targeting Go developers demonstrates how a single-character typo can silently introduce a persistent backdoor....
PoC Exploit Released for DirtyDecrypt Linux Kernel Vulnerability
PoC exploit code for the DirtyDecrypt (DirtyCBC) Linux kernel vulnerability has been released publicly, turning a previously theoretical local privilege esca...
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware
Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. De...
GitHub Source Code Reportedly Compromised, TeamPCP Claims Breach
A threat actor group known as TeamPCP has claimed responsibility for a significant breach involving GitHub’s internal systems, alleging the theft of sensitiv...
Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM
Torrance, United States / California, May 19th, 2026, CyberNewswire Criminal IP has announced its return to Infosecurity Europe 2026 with a focus on deliveri...
Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report
New York, United States, May 19th, 2026, CyberNewswire New research shows identity dark matter continues to expand and erode enterprise identity, resulting i...
VoidStealer Malware Targets Chrome Data Despite Built-In Browser Protections
A newly discovered infostealer called VoidStealer is raising concerns after researchers revealed it can bypass Google Chrome’s App-Bound Encryption (ABE), a ...
UAC-0184 Uses Bitsadmin and HTA Files to Deliver Gated Malware
UAC-0184 uses a multi‑stage malware chain that abuses bitsadmin and HTA loaders to reach a heavily obfuscated payload bundle, ultimately hiding behind signed...
macOS Malware Abuses Fake Google Update for Persistence
A newly observed variant of the SHub macOS infostealer, dubbed “Reaper,” is expanding its capabilities with stealthier delivery, enhanced data theft, and a p...
Operation Ramz Dismantles 53 Servers Used in Scam and Malware Campaigns
A large-scale international cybercrime operation led by INTERPOL has resulted in 201 arrests and the takedown of 53 malicious servers linked to phishing, mal...
Microsoft Edge Enhances Security by Preventing Password Loading at Startup
Microsoft is rolling out a key security change in its Edge browser to stop saved passwords from being loaded into memory as soon as the browser starts.
ShinyHunters Takes Responsibility for Attack on Learning Management Platform
A cyberattack linked to the notorious threat group ShinyHunters has disrupted a widely used Learning Management System (LMS), impacting educational instituti...
What to Look for When Choosing an ASPM Platform
Application security posture management (ASPM) has become a foundational capability for software-as-a-service (SaaS) and software companies building increasi...
Gentlemen Ransomware Targets Windows, Linux, NAS, BSD, and ESXi Systems
The Gentlemen ransomware operation has rapidly emerged as one of the most active and scalable cybercrime threats since its public appearance in the second ha...
Kimsuky Uses LNK, JSE Lures to Target Recruiters, Crypto Users, Defense Officials
Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials. North Korea-linked threat group Kimsuky has launched at leas...
20-Year-Old PostgreSQL Flaw Gets Public PoC Exploit for Remote Code Execution
A newly released proof-of-concept (PoC) exploit for CVE-2026-2005 has brought renewed attention to a critical vulnerability in PostgreSQL’s pgcrypto extensio...