A sophisticated Brazilian banking trojan named TCLBANKER, deployed through a trojanized Logitech installer and capable of hijacking victims’ WhatsApp and Outlook accounts to spread itself to new targets. The campaign, tracked as REF3076, delivers TCLBANKER through a malicious MSI installer bundled inside a ZIP file. The installer abuses a signed Logitech application, Logi AI Prompt Builder, via […]

The post TCLBANKER Malware Leverages WhatsApp and Outlook Worm Features in Active Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A highly evasive multi-stage malware campaign deploying the Vidar Infostealer. First discovered in late 2018 and built on the Arkei stealer source code, Vidar is notorious for aggressively harvesting user credentials, browser session cookies, cryptocurrency wallets, and detailed system data. According to an analysis by researcher Mahadev Joshi, this recent campaign utilizes AutoIt scripting and […]

The post Vidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GFN Cloud Internet Services, operating as the regional NVIDIA GeForce NOW cloud gaming partner, GFN.AM has officially confirmed a significant data breach. The security incident exposed personal information of users registered on their streaming platform. While the company has now secured its database, the delayed discovery of the network intrusion highlights ongoing challenges in protecting […]

The post NVIDIA Confirms GeForce Data Breach Exposed Users’ Personal Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly observed Linux backdoor technique, dubbed Pam, is exploiting the flexibility of Pluggable Authentication Modules (PAM) to capture SSH credentials and maintain persistence on compromised systems stealthily. Since its introduction in 1991 by Linus Torvalds, Linux has been designed for simplicity, modularity, and flexibility. This modular architecture allows administrators to customize nearly every component, from […]

The post Pam Backdoor Targets Linux Systems to Steal SSH Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated spear-phishing campaign, dubbed Operation GriefLure, targeting senior executives in Vietnam and the Philippines with a stealthy modular remote access trojan (RAT). The campaign focuses on high-value organizations, including Viettel Group Vietnam’s largest military-backed telecom provider and St. Luke’s Medical Center (SLMC) in the Philippines, demonstrating a calculated approach to regional cyber-espionage. What sets Operation […]

The post Modular RAT Campaign Steals Credentials and Captures Screenshots appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers are abusing a fake OpenClaw installer to deploy a modular Rust-based infostealer framework dubbed Hologram, aimed at harvesting credentials from more than 250 crypto wallet and password manager browser extensions while hiding behind trusted cloud and messaging services. The site delivers an archive named OpenClaw_x64.7z containing a 130MB Rust-compiled executable, OpenClaw_x64.exe, padded with fake documentation […]

The post Fake OpenClaw Installer Targets Crypto Wallets and Password Managers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cline, a widely adopted open-source AI coding agent, has recently patched a severe vulnerability in its local Kanban server. Trusted by developers with deep access to source code, cloud credentials, and terminals, Cline automates complex coding tasks. However, researchers from Oasis Security uncovered a critical flaw (CVSS 9.7) that allows malicious websites to silently hijack […]

The post Cline Kanban WebSocket Vulnerability Enables Malicious Sites to Take Over AI Coding Agents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new cross‑platform malware family, dubbed ZiChatBot, that abuses the trusted Python Package Index (PyPI) ecosystem and the Zulip team chat platform to run a stealthy command‑and‑control (C2) channel. During routine threat hunting, analysts observed a series of malicious wheel packages being uploaded to PyPI, initially appearing as legitimate utilities. The three fraudulent projects – uuid32-utils, colorinal, and termncolor – […]

The post ZiChatBot Malware Abuses Zulip APIs for Stealthy C2 Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical gaps in age verification systems introduced under the Online Safety Act, with children easily bypassing safeguards using simple tricks including drawing fake facial hair to appear older on camera. The Online Safety Act, which came into force in July 2025, was designed to strengthen protections for children online by enforcing stricter age checks, […]

The post Fake Moustache Fools Age Checks, Sparks Online Safety Act Fears appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Leading cybersecurity firm Trellix is actively investigating a potential security incident following claims made by the RansomHouse extortion group. The threat actors recently listed Trellix on their dark web leak site, alleging a successful cyberattack against the prominent security vendor. The RansomHouse Breach Claims Threat intelligence platform VenariX first highlighted the development, noting on X […]

The post Trellix Investigates RansomHouse Breach Claims Involving Source Code Repository appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The SUSE Rancher Security team disclosed a critical vulnerability tracked as CVE-2026-41050. This severe flaw affects Rancher Fleet, a popular GitOps tool for managing Kubernetes clusters at scale. The vulnerability completely breaks the platform’s core multi-tenant isolation mechanism, allowing malicious users to bypass security boundaries and steal sensitive data. According to an analysis by Lyrie […]

The post Critical Vulnerability in Rancher Fleet Enables Full Cluster-Admin Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat actors have successfully executed a novel prompt injection attack against artificial intelligence agents, draining approximately $200,000 in cryptocurrency. By using Morse code to bypass standard AI safety filters, an attacker tricked the Grok AI model and an autonomous wallet agent, Bankrbot, into authorizing a massive unauthorized transfer on the Base network. This incident exposes […]

The post Hackers Use Morse Code to Trick Grok and Bankrbot, Steal $200K in Crypto Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers are abusing a signed Logitech installer to stealthily deploy a new Brazilian banking trojan known as TCLBANKER, giving threat actors a powerful tool to steal financial data and self‑propagate through popular communication platforms. The malware specifically targets Brazilian users and focuses on 59 banking, fintech, and cryptocurrency websites, activating only when victims browse to […]

The post Signed Logitech Installer Abused to Drop TCLBANKER Banking Trojan appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mozilla has successfully identified and patched 423 latent security vulnerabilities in Firefox using advanced artificial intelligence models, notably Claude Mythos Preview. Two weeks after initially announcing their AI-assisted security initiative, Firefox developers have shared a behind-the-scenes look at how they engineered a highly effective threat-hunting pipeline. This milestone marks a significant shift in open-source security, […]

The post 423 Firefox Flaws Fixed as Browser Gains Support for Claude, Mythos, and More appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a newly identified, severe vulnerability within Palo Alto Networks PAN-OS. Officially tracked as CVE-2026-0300, this critical flaw was aggressively added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on May 6, 2026. Because the vulnerability grants unauthorized users complete system control, federal agencies […]

The post CISA Issues Warning Over Palo Alto PAN-OS Flaw Enabling Root-Level Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers have abused commercial Claude AI models to help compromise a Mexican water and drainage utility’s IT network and probe systems connected to critical infrastructure. The attackers used Claude as an operational “copilot” to discover industrial systems, build custom tools, and plan attacks against an internal SCADA/IIoT platform managing water and drainage processes. The investigation […]

The post Hackers Weaponize Claude AI in Attacks on Water and Drainage Utilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anthropic has officially announced a massive strategic partnership with SpaceX to expand its computing capabilities significantly. This collaboration aims to provide the necessary infrastructure to scale up the Claude artificial intelligence ecosystem. By securing dedicated computing power, Anthropic is immediately increasing usage limits for its dedicated customers and laying the groundwork for unprecedented future technological […]

The post Claude and SpaceX Join Forces to Enhance Large-Scale Compute Capacity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow attackers to access arbitrary files, leak Google Cloud Platform (GCP) secrets, and manipulate system directories. Administrators, please patch your systems immediately to prevent active exploitation. Spring Vulnerabilities Critical Directory Traversal […]

The post Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers are abusing fake Claude AI installer pages promoted through Google Ads to trick users into running malware in a campaign. The operation combines highly realistic install guides with a stealthy, multi‑stage infection chain that abuses trusted Windows components, fileless execution, and advanced evasion techniques to stay under the radar. Victims who click these ads […]

The post Fake Claude AI Installers Used to Spread Malware in New Cyber Scam appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New tactics used by threat actors who embed phone numbers in scam emails as a key indicator of compromise (IOC), revealing how attackers exploit VoIP infrastructure to evade detection and scale fraud operations. Telephone-oriented attack delivery (TOAD) remains a dominant phishing technique, in which victims are lured to call attacker-controlled numbers rather than clicking malicious […]

The post Scammers Exploit Disposable VoIP Numbers to Bypass Reputation Blocking appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.