IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data
IBM has issued an urgent security bulletin addressing a slew of vulnerabilities impacting IBM Verify Identity Access and IBM Security Verify Access. These fl...
GBHackers
20 articles
Masjesu Botnet Targets Routers in Commercial DDoS Attacks
Hackers are abusing the Masjesu botnet to run high-volume DDoS-for-hire attacks against routers, gateways, and other exposed IoT infrastructure, turning ever...
GreyNoise Launches C2 Detection for Exploited Edge Devices
GreyNoise has introduced a new capability, C2 Detection, to identify compromised edge devices such as firewalls, routers, and VPN systems assets that are inc...
Top 10 Best Multi-Factor Authentication (MFA) Providers in 2026
In the digital realm of 2026, the traditional password stands as a flimsy barrier against an onslaught of sophisticated cyber threats. From phishing campaign...
Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling
A newly disclosed flaw in OpenSSL could allow attackers to access sensitive data stored in application memory. Tracked as CVE-2026-31790, this moderate-sever...
Docker Authorization Bypass Flaw Exposed Hosts to Potential Attackers
A high-severity security vulnerability has been discovered in Docker Engine, exposing hosts to potential authorization bypass attacks. Tracked as CVE-2026-34...
Remus Infostealer Debuts With Stealthy New Credential-Theft Tactics
Hackers are rolling out a new 64‑bit infostealer dubbed Remus. The code strongly suggests it is a direct successor to the notorious Lumma Stealer, arriving j...
Claude Code Leak Exploited to Spread Vidar and GhostSocks via GitHub Releases
Hackers are turning the Claude Code source leak into an active malware-delivery channel, using GitHub Releases to push the Vidar stealer and GhostSocks under...
FBI Takes Down Russian Campaign That Compromised Thousands of Routers
In a major counter-cyberespionage action dubbed “Operation Masquerade,” the U.S.
Cybercriminals Use Fake Zoom, Teams Calls to Deliver Malware
Hackers are increasingly using fake Zoom and Microsoft Teams meetings to trick victims into infecting their own systems with malware. SEAL says it has blocke...
Russian Threat Actors Abuse Home Routers in Expanding DNS Hijacking Wave
Russian military-linked hackers are actively compromising poorly secured home and small-office routers to hijack internet traffic and spy on organizations wo...
Fiber Optic Cables Turned Into Hidden Microphones to Spy on Private Conversations
Internet users worldwide rely on fiber optic cables for blazing-fast and secure web connections. However, a groundbreaking discovery reveals that these very ...
ComfyUI Servers Hijacked for Cryptomining, Proxy Botnet Ops
Hackers are aggressively hijacking Internet-exposed ComfyUI servers and converting them into high‑value cryptomining rigs and proxy botnet nodes, abusing wea...
Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ
An AI assistant recently uncovered a critical remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that went unnoticed for 13 years. Tracked ...
CUPS Vulnerabilities Could Allow Remote Attackers to Achieve Root-Level Code Execution
A team of AI-driven vulnerability hunting agents directed by security researcher Asim Viladi Oglu Manizada has discovered two critical security flaws in CUPS...
BPFDoor Variants Hide with Stateless C2 and ICMP Relay Tactics
Seven new BPFDoor variants that push Linux backdoor tradecraft deep into the kernel, making them harder to spot in large telecom networks. These implants use...
Windmill Developer Platform Flaws Expose Users to RCE Attacks, Proof-of-Concept Published
Cybersecurity researchers have discovered critical vulnerabilities in the Windmill developer platform and Nextcloud Flow, an integration embedding the Windmi...
Kubernetes Flaws Let Hackers Jump From Containers to Cloud Accounts
Hackers are increasingly abusing Kubernetes misconfigurations to jump from containers into high‑value cloud accounts, turning a single compromised pod into f...
GPUBreach Attack Could Lead to Full System Takeover and Root Shell Access
A newly discovered vulnerability dubbed “GPUBreach” demonstrates that GPU-based Rowhammer attacks can now achieve complete system compromise. Scheduled for p...
Fake Gemini npm Package Steals AI Tool Tokens
Hackers are abusing a fake Gemini-themed npm package to steal tokens and secrets from developers using AI coding tools like Claude, Cursor, Windsurf, PearAI,...