NoVoice on Google Play Exploits 22 Flaws to Hit Millions of Android Users
NoVoice is a new Android rootkit campaign that hid in more than 50 apps on Google Play, exploiting 22 vulnerabilities to hijack millions of older and unpatch...
GBHackers
20 articles
CISA Issues Alert on Chrome Zero-Day Under Active Exploitation
The U.S.
Apple Releases iOS 18.7.7 Update to Defend Against DarkSword Exploit
Apple has officially expanded the rollout of iOS 18.7.
Axios npm Supply Chain Breach: Microsoft Shares Mitigation Steps
Microsoft has detailed how organizations can detect and mitigate a recent supply chain compromise involving malicious Axios npm releases and infrastructure a...
FBI Warns Chinese Mobile Apps Could Expose User Data to Cyberattacks
The Federal Bureau of Investigation (FBI) has issued a public warning about potential data security risks associated with foreign-developed mobile applicatio...
New ZAP PTK Add-On Converts Browser Security Findings Into Native ZAP Alerts
The OWASP Zed Attack Proxy (ZAP) just received a massive upgrade for testing modern web applications. The release of the ZAP PTK Add-on 0.
Cisco Smart Software Manager Flaw Allowed Arbitrary Command Execution
Cisco has released a high-priority security advisory regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. The fla...
Critical PX4 Autopilot Vulnerability Let Attackers Gain Control of Drones
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding a severe vulnerability in the PX4 Autopilot system. Th...
TA416 Broadens Europe Spy Campaign With Web Bugs and Malware
China-aligned threat actor TA416 has resumed large-scale espionage against European governments. It is now expanding to Middle Eastern diplomatic targets, co...
WhatsApp Attack Chain Delivers VBS, Cloud Payloads, MSI Backdoor
A new malware campaign that abuses WhatsApp messages to deliver malicious Visual Basic Script (VBS) files to Windows users, enabling persistent remote access...
Cisco Warns of Critical IMC Vulnerability Enabling Authentication Bypass
Cisco has published an urgent security advisory for CVE-2026-20093, a critical 9.8-severity authentication bypass vulnerability affecting its Integrated Mana...
Remcos RAT Attack Uses Obfuscated Scripts, Trusted Windows Tools
Remcos RAT operators are abusing obfuscated scripts and trusted Windows binaries to deliver a stealthy, largely fileless infection chain that runs almost ent...
Symantec DLP Agent Flaw Exposed Systems to Privilege Escalation Attacks
A high-severity vulnerability in the Symantec Data Loss Prevention (DLP) Agent for Windows could allow low-privileged attackers to take complete control of a...
Ethereum-Based EtherRAT, EtherHiding Power Stealthy Malware Campaigns
Hackers are abusing the Ethereum blockchain to hide and control a new Node.js backdoor called EtherRAT, using a stealthy technique known as EtherHiding to ma...
Google Warns of New Chrome Zero-Day Under Active Exploitation – Users Urged to Update Immediately
Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is active...
Microsoft Teams to Improve Privacy With EXIF Data Removal Feature
Microsoft is rolling out a wave of privacy and security updates for Microsoft Teams, headlining with a critical new feature that automatically removes EXIF m...
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking group Shi...
Top 10 Best Dynamic Application Security Testing (DAST) Platforms in 2026
In today’s fast-paced software development world, where applications are released at an unprecedented rate, ensuring their security is more critical than eve...
Vim Modeline Vulnerability Opens Door to Arbitrary OS Command Execution
Vim is a widely used, highly configurable text editor, but a recently disclosed flaw highlights the risks associated with its file-parsing features. Tracked ...
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a po...