TrickMo Android Malware Targets Banking, Wallet, and Authenticator Apps
TrickMo, the Android banking malware, has resurfaced with a significantly redesigned architecture, targeting banking, fintech, wallet, and authenticator appl...
GBHackers
20 articles
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program
Dubai, UAE, May 11th, 2026, CyberNewswire Dubai-founded OTT Cybersecurity LLC also unveils the Agent Trust Protocol (ATP), the first open cryptographic stand...
fsnotify Maintainer Access Change Sparks Supply Chain Security Concerns
A dispute over maintainer access in the widely used Go library fsnotify has triggered temporary supply chain concerns after contributors were removed from th...
cPanel and WHM Servers Targeted in Attacks Exploiting CVE-2026-41940
A critical authentication bypass vulnerability affecting cPanel and WHM servers, identified as CVE-2026-41940, is currently under active exploitation by a hi...
Python Infostealer Hides in GitHub Releases to Bypass Detection
A stealthy Python-based infostealer campaign that abuses GitHub Releases to host payloads and maintain long-term, low‑visibility access to victim systems. Th...
PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely
Recently disclosed vulnerabilities in PHP, particularly within its widely used SOAP extension, have raised significant alarms across the cybersecurity commun...
Fake Claude Campaign Uses PlugX-Style DLL Sideloading Chain
Hackers are abusing a fake Claude AI download site to deliver a PlugX‑style DLL sideloading chain that ultimately deploys a new Windows backdoor dubbed “Beag...
Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data
Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Release...
Trending Hugging Face Repo With 200K Downloads Spreads Windows Malware
A malicious Hugging Face repository, Open-OSS/privacy-filter, that abused the platform’s trust and trending algorithm to deliver a sophisticated Rust-based i...
Sandboxie Escape Flaw Could Let Attackers Gain SYSTEM-Level Privileges
Security researchers have exposed critical sandbox escape vulnerabilities in Sandboxie and Sandboxie-Plus that allow attackers to gain full SYSTEM-level priv...
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access
Public references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 sec...
OpenClaw Malware Targets Crypto Wallets and Bitwarden Credentials
OpenClaw users are being targeted in a fresh malware campaign that abuses a fake installer to steal credentials from popular crypto wallets and password mana...
Crimenetwork Bust Reveals 22,000 Members and Over 100 Illicit Vendors
Law enforcement authorities have successfully dismantled the relaunched version of “Crimenetwork,” a prominent criminal online trading platform. A 35-year-ol...
ShinyHunters Exploits Canvas LMS Free Teacher Accounts in New Breach
In early May 2026, ShinyHunters breached Instructure’s Canvas LMS by abusing the Free-For-Teacher (FFT) account program, triggering an active extortion campa...
Windows CreateFileW API Flaw Could Let Attackers Lock SMB Files at Scale
The multi-billion-dollar ransomware defence industry operates on a fundamental assumption: to cause catastrophic operational damage, malicious actors must wr...
Weaponized JPEG file Drops Trojanized ScreenConnect Malware
Hackers are abusing a weaponized JPEG file to quietly install a trojanized version of the ConnectWise ScreenConnect remote‑access tool on Windows systems, en...
macOS Malware Abuses Google Ads and Claude Shared Chats to Deliver Payloads
Threat actors are deploying a sophisticated malvertising campaign targeting macOS users by exploiting Google Ads and legitimate Anthropic Claude shared chats...
ODINI Malware Uses CPU Magnetic Signals to Exfiltrate Data from Air-Gapped Systems
Air-gapped systems and Faraday cages have long represented the gold standard for protecting critical infrastructure and sensitive military networks. However,...
New cPanel and WHM Vulnerabilities Expose Servers to Code Execution and DoS Attacks
cPanel and WebHost Manager (WHM) are critical administrative control panels used by hosting providers globally to manage servers, websites, and databases. Du...
JDownloader Hack Spreads New Python RAT
The official JDownloader website fell victim to a sophisticated supply-chain attack, resulting in malicious installers being distributed to users worldwide. ...