Mustang Panda Uses LNK, PowerShell Chain to Deploy PlugX RAT
Mustang Panda is using a fake “Browser Updater” and a multi‑stage LNK–PowerShell loader to sideload PlugX through a legitimate G DATA antivirus binary, ultim...
GBHackers
20 articles
Claude Code GitHub Actions Flaw Exposes Repositories to Full Compromise
A critical supply chain vulnerability in Anthropic’s Claude Code GitHub Actions workflow has been disclosed, exposing thousands of repositories to potential ...
CISA Warns of Active Exploitation of Palo Alto Networks PAN-OS Vulnerability
The U.S.
CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
The U.S.
Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
Google has disclosed a critical Android zero-day vulnerability that is reportedly being actively exploited in targeted attacks, raising serious concerns abou...
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Hackers are actively abusing open-source ecosystems to steal sensitive developer data through a large-scale supply chain attack dubbed “TrapDoor,”. The campa...
Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
Hackers are actively deploying a sophisticated malware framework dubbed AZUREVEIL, an Adaptix-based command-and-control (C2) agent, through a targeted spearp...
Critical StrongDM Flaw Exposes Users to Authentication Token Theft and Reuse
A critical security vulnerability tracked as CVE-2026-4387 has been disclosed in StrongDM, allowing attackers to steal and reuse authentication tokens to gai...
SolyxImmortal Malware Steals Passwords, Cookies, Files, and Keystrokes
A newly analyzed Python-based information stealer named SolyxImmortal is actively targeting sensitive user data, including browser credentials, cookies, docu...
PHANTOMPULSE RAT Uses UAC Bypass to Hijack Windows Systems
New technical details about PHANTOMPULSE, a sophisticated remote access trojan (RAT) used in multi-stage intrusions targeting Windows environments. The malwa...
TP-Link Router Security Bug Enables Remote Command Execution Attacks
TP-Link has disclosed a high-severity security flaw in its Archer BE450 and Archer BE7200 Wi‑Fi routers that could allow remote command execution once an att...
Meta’s AI Bot Misused by Hackers to Take Over Instagram Accounts
Attackers have exploited a critical vulnerability in Meta’s AI-powered Instagram support chatbot to hijack user accounts without needing passwords, phishing,...
Nimbus Manticore APT Uses Fake Jobs to Deliver Custom Malware
A newly observed cyber campaign linked to the Iran-aligned threat group Nimbus Manticore (also tracked as UNC1549 and Smoke Sandstorm) is targeting aerospace...
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of devel...
RaccoonLine Publishes a Breakdown of 7 Structural Differences Between dVPNs and Traditional VPNs
Rome, Italy, June 1st, 2026, CyberNewswire With VPN providers facing increasing legal pressure from governments across multiple jurisdictions in 2026, Raccoo...
Attackers Exploit Docker, Kubernetes Misconfigs to Breach Hosts
Attackers are increasingly targeting Docker and Kubernetes environments by exploiting misconfigurations, weak isolation boundaries, and insecure APIs to comp...
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability in a widely used Magento extension is exposing thousands of online stores to remote code execution (RCE) attacks. The vulne...
Critical Plesk Vulnerability Lets Users Execute Server Commands
A newly disclosed critical vulnerability in Plesk is raising serious security concerns after researchers confirmed that low-privileged users can execute arbi...
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Iran-linked hackers have upgraded their tradecraft by using AppDomainManager hijacking in .NET applications to turn off security telemetry before malicious c...
Microsoft: No Lawsuits Against Researchers in Nightmare-Eclipse Row
Microsoft has issued a clarifying statement, assuring the global cybersecurity community that it has no intention of pursuing legal action against security r...