Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

GBHackers

20 articles

GBHackers Campaigns Google GitHub Jul 3

Hackers Compromise GitHub Maintainer Accounts to Publish PolinRider-Infected Package Versions

A widescale escalation in the PolinRider supply‑chain campaign: threat actors have compromised GitHub maintainer accounts to publish infected package version...

GBHackers →

GBHackers TTPs Google Intel Jul 3

Google Disrupts NetNut Residential Proxy Botnet Used for Malware C2 and Password Spray Attacks

Google has disrupted the NetNut residential proxy botnet, a large-scale infrastructure widely exploited for malware command-and-control (C2) operations and p...

GBHackers →

GBHackers General Jul 2

Opera Browser Adds Native Paste Protect to Stop Clipboard Hijacking and Code Injection Attacks

Opera has announced a new native security feature called “Paste Protect,” which aims to combat clipboard hijacking and command injection attacks directly wit...

T1059

GBHackers →

GBHackers Campaigns Jul 2

Hackers Abuse ScreenConnect Remote Access Tool to Deploy AsyncRAT Through Fake Installers

A wide-reaching campaign in which attackers abused the legitimate remote administration tool ScreenConnect to deploy AsyncRAT via faux software installers. T...

GBHackers →

GBHackers Campaigns Cloudflare Jul 2

Phishing Campaign Uses Fake Invoice PDF to Drop AsyncRAT, VenomRAT, and XWorm

A sophisticated phishing campaign that uses a fake invoice PDF to mask the delivery of multiple remote access trojans primarily AsyncRAT, but also VenomRAT a...

T1566

GBHackers →

GBHackers CVE Oracle Jul 2

950 Oracle E-Business Suite Instances Exposed as CVE-2026-46817 Attacks Observed in the Wild

Around 950 internet-facing Oracle E-Business Suite (EBS) instances have been identified as exposed following enhanced scanning efforts. At the same time, act...

T1592 1 IOC

GBHackers →

GBHackers Phishing Microsoft Jul 2

EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft

A fully featured phishing-as-a-service (PhaaS) panel named “ARToken” that closely mirrors the EvilTokens infrastructure first profiled in early 2026, but wit...

T1566 T1041 T1598

GBHackers →

GBHackers CVE Microsoft Jul 2

CISA Adds Actively Exploited Microsoft SharePoint Vulnerability to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a newly discovered vulnerability in Microsoft SharePoint Server, tracked as CV...

1 IOC

GBHackers →

GBHackers TTPs Jul 2

Hackers Use Geofenced Webpages to Deliver Ousaban Banking Trojan in Spain and Portugal

A targeted phishing campaign delivering the Ousaban banking Trojan to users in Spain and Portugal, notable for its use of geofenced webpages, layered evasion...

T1566

GBHackers →

GBHackers Vulnerability Disclosure Jul 2

JetBrains Patches Critical Hub Authentication Bypass and Account Takeover Vulnerabilities

JetBrains has released patches for several critical vulnerabilities in JetBrains Hub that could allow for full authentication bypass, account takeover, and u...

T1548 T1556

GBHackers →

GBHackers General Proofpoint Jul 2

ValleyRAT Uses RC4 Encryption, Donut Shellcode, and rundll32 Injection for Stealth

A recent surge in ValleyRAT activity that combines RC4-encrypted payloads, Donut-generated shellcode, and in-memory execution via suspended rundll32 processe...

T1027

GBHackers →

GBHackers Vulnerability Disclosure Apple Jul 2

Apple Hide My Email Vulnerability Lets Attackers Reveal Users’ Real Email Addresses

Apple’s Hide My Email privacy feature currently faces a significant flaw that may expose users’ real email addresses, compromising one of iCloud+’s core anon...

GBHackers →

GBHackers Ransomware Jul 2

JADEPUFFER Agentic Ransomware Uses LLM to Automate Database Extortion

The first instance of agentic ransomware: JADEPUFFER, an LLM-driven extortion operation that automated an end-to-end database-crippling campaign.

1 IOC

GBHackers →

GBHackers Vulnerability Disclosure GitHub Jul 2

ChocoPoC Campaign Abuses GitHub PoC Repositories to Steal Browser Credentials

A coordinated supply-chain campaign has been weaponizing GitHub proof-of-concept (PoC) repositories to compromise vulnerability researchers and penetration t...

GBHackers →

GBHackers General Jul 2

Attackers Downgrade WDigest Protection to Dump Plaintext Credentials With Mimikatz

An incident that began with innocuous enumeration commands but quickly escalated into a focused, multi-stage effort to impair detection and extract credentia...

T1190 T1003 T1592

GBHackers →

GBHackers Campaigns Microsoft Jul 2

LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts

A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million l...

GBHackers →

GBHackers Ransomware Jul 2

Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation

A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level...

T1204

GBHackers →

GBHackers CVE Amazon Jul 2

Critical Cursor IDE Flaws Let Attackers Execute Code via Zero-Click Prompt Injection

Two significant remote code execution (RCE) vulnerabilities in the widely used Cursor ID expose developers to zero-click attacks driven by prompt injection. ...

T1190 2 IOCs

GBHackers →

GBHackers Ransomware Fortinet Jul 2

FortiBleed Campaign Linked to INC and Lynx Ransomware Operations

A direct operational link between the large-scale FortiBleed credential-harvesting campaign and two active ransomware-as-a-service (RaaS) groups: INC Ransom ...

T1588

GBHackers →

GBHackers General Jul 2

Scattered Spider Hacker Arrested in Finland and Extradited to U.S. Over Cyber Intrusion Charges

U.S.

GBHackers →

«Previous page 1 ... 5 6 7 8 9 ... 45 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA