Top 10 Best Secure Code Review Services For Developers in 2026
In the rapidly evolving landscape of software development, where speed and agility often take precedence, the imperative for robust security cannot be overst...
GBHackers
20 articles
Top 10 Best DevSecOps Companies For Secure SDLC 2026
In the fast-paced world of software development, where agility and speed are paramount, security often struggles to keep pace. The traditional “bolt-on” secu...
TCLBANKER Malware Leverages WhatsApp and Outlook Worm Features in Active Attacks
A sophisticated Brazilian banking trojan named TCLBANKER, deployed through a trojanized Logitech installer and capable of hijacking victims’ WhatsApp and Out...
Vidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device Data
A highly evasive multi-stage malware campaign deploying the Vidar Infostealer. First discovered in late 2018 and built on the Arkei stealer source code, Vida...
NVIDIA Confirms GeForce Data Breach Exposed Users’ Personal Data
GFN Cloud Internet Services, operating as the regional NVIDIA GeForce NOW cloud gaming partner, GFN.AM has officially confirmed a significant data breach.
Pam Backdoor Targets Linux Systems to Steal SSH Credentials
A newly observed Linux backdoor technique, dubbed Pam, is exploiting the flexibility of Pluggable Authentication Modules (PAM) to capture SSH credentials and...
Modular RAT Campaign Steals Credentials and Captures Screenshots
A sophisticated spear-phishing campaign, dubbed Operation GriefLure, targeting senior executives in Vietnam and the Philippines with a stealthy modular remot...
Fake OpenClaw Installer Targets Crypto Wallets and Password Managers
Hackers are abusing a fake OpenClaw installer to deploy a modular Rust-based infostealer framework dubbed Hologram, aimed at harvesting credentials from more...
Cline Kanban WebSocket Vulnerability Enables Malicious Sites to Take Over AI Coding Agents
Cline, a widely adopted open-source AI coding agent, has recently patched a severe vulnerability in its local Kanban server. Trusted by developers with deep ...
ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations
A new cross‑platform malware family, dubbed ZiChatBot, that abuses the trusted Python Package Index (PyPI) ecosystem and the Zulip team chat platform to run ...
Fake Moustache Fools Age Checks, Sparks Online Safety Act Fears
A critical gaps in age verification systems introduced under the Online Safety Act, with children easily bypassing safeguards using simple tricks including d...
Trellix Investigates RansomHouse Breach Claims Involving Source Code Repository
Leading cybersecurity firm Trellix is actively investigating a potential security incident following claims made by the RansomHouse extortion group. The thre...
Critical Vulnerability in Rancher Fleet Enables Full Cluster-Admin Privileges
The SUSE Rancher Security team disclosed a critical vulnerability tracked as CVE-2026-41050. This severe flaw affects Rancher Fleet, a popular GitOps tool fo...
Hackers Use Morse Code to Trick Grok and Bankrbot, Steal $200K in Crypto Tokens
Threat actors have successfully executed a novel prompt injection attack against artificial intelligence agents, draining approximately $200,000 in cryptocur...
Signed Logitech Installer Abused to Drop TCLBANKER Banking Trojan
Hackers are abusing a signed Logitech installer to stealthily deploy a new Brazilian banking trojan known as TCLBANKER, giving threat actors a powerful tool ...
423 Firefox Flaws Fixed as Browser Gains Support for Claude, Mythos, and More
Mozilla has successfully identified and patched 423 latent security vulnerabilities in Firefox using advanced artificial intelligence models, notably Claude ...
New Infostealer Campaign Abuses GitHub Releases to Hide Malware Payloads
A new cyberespionage campaign that abuses GitHub Releases and a PE-less Python implant to steal data from targeted Windows systems quietly. The operation com...
PCPJack Worm Targets Docker, Kubernetes, Redis, and MongoDB Credentials
A newly identified malware framework dubbed PCPJack is targeting exposed cloud and container infrastructure to steal credentials at scale while actively remo...
PoC Exploit Released for Dirty Frag Linux Kernel Vulnerability
A proof-of-concept exploit for a new Linux kernel vulnerability class dubbed “Dirty Frag”. This universal local privilege escalation vulnerability allows att...
NWHStealer Campaign Deploys Bun Loader, Anti-VM Evasion, and Encrypted C2
A new distribution method for the NWHStealer infostealer that leverages the Bun JavaScript runtime, marking a significant evolution in the malware’s delivery...