Tax Filing Scams Used to Deliver Malware in New Cybercrime Campaigns
Cybercriminals are once again exploiting global tax seasons, abusing IRS and tax filing lures to deliver malware, remote monitoring and management (RMM) tool...
GBHackers
20 articles
CareCloud Data Breach Exposes Patient Data After Hackers Access IT Systems
CareCloud, Inc., a prominent healthcare technology provider, has disclosed a material cybersecurity incident involving unauthorized access to its electronic ...
DeepLoad Malware Uses ClickFix and AI Evasion to Hit Enterprise Networks
New “DeepLoad” malware is turning a single user click into fileless, credential‑stealing persistence inside enterprise networks, leveraging the ClickFix tech...
ChatGPT Vulnerability Enabled Silent Leakage of Prompts and Sensitive Information
Artificial intelligence assistants increasingly handle our most sensitive data, operating under the assumption that enclosed environments keep this informati...
RoadK1ll Malware Turns Hacked Devices Into Network Relays
Hackers are deploying a new Node. js-based implant dubbed RoadK1ll to quietly turn compromised hosts into on-demand network relays, enabling stealthy pivotin...
Claude AI Uncovers Zero-Day RCE Vulnerabilities in Vim and Emacs
Security researchers at Calif recently demonstrated the evolving power of artificial intelligence in vulnerability research by using Claude AI to uncover zer...
GhostSocks Hijacks Devices as Proxy Network for Stealthy Cyberattacks
A newly emerging malware known as GhostSocks is quietly reshaping how attackers evade detection by converting compromised systems into residential proxy node...
Notepad++ v8.9.3 Released With Fixes for cURL Security Flaw and Crash Bugs
Notepad++ rolled out version 8.9.
Russian Hackers Deploy “CTRL” for RDP Hijacking
Russian hackers are using a new remote access toolkit called “CTRL” to silently hijack Remote Desktop Protocol (RDP) sessions via FRP-based reverse tunnels, ...
Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook....
North Korean IT Worker Used Stolen Identity, AI-Generated Resume in Job Scam
A recent investigation as exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and scripted intervie...
CrySome RAT: Stealthy .NET Malware Adds AV Killer, HVNC Features
CrySome RAT is a newly observed, advanced .NET remote access trojan that combines full‑featured post‑exploitation tooling with unusually hardened persistence...
India Set to Ban Hikvision, TP-Link Devices in April
Starting April 1, 2026, the Indian government will officially enforce a nationwide ban on the sale of internet-connected CCTV cameras from major Chinese manu...
ClickFix Evades PowerShell Detection via Rundll32 and WebDAV
A new variant of the ClickFix attack technique that shifts execution away from commonly monitored tools like PowerShell and mshta, instead abusing native Win...
WordPress Plugin Flaw Exposes Sensitive Data Across 800,000+ Sites
A severe security flaw has been disclosed in Smart Slider 3, a highly popular WordPress plugin currently active on more than 800,000 websites. Discovered by ...
TA446 Uses DarkSword Exploit Kit to Target iPhone Users
TA446, a Russia-linked espionage group, has started using the DarkSword exploit kit to compromise iOS devices in a new phishing wave that abuses Atlantic Cou...
New Homoglyph Tricks Let Cybercriminals Mimic Trusted Domains
New homoglyph attack techniques are turning tiny visual differences in text into a reliable way to spoof trusted domains, steal credentials, and bypass weak ...
Telnyx Python SDK Backdoored on PyPI to Steal Cloud Credentials
The popular Telnyx Python SDK on PyPI to deploy a multi‑stage credential‑stealing operation that targets cloud infrastructure, Kubernetes clusters, and devel...
Critical Fortinet FortiClient EMS Vulnerability Actively Exploited in Attacks
Threat intelligence researchers have detected active exploitation of a critical vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS). T...
Stored XSS Vulnerability in Jira Work Management Could Enable Full Organization Takeover
Security researchers recently uncovered a critical stored Cross-Site Scripting (XSS) vulnerability within Atlassian’s Jira Work Management platform. This fla...