Criminal IP & Securonix ThreatQ Boost Threat Intelligence
Torrance, United States / California, May 1st, 2026, CyberNewswire Criminal IP partners with Securonix to integrate Criminal IP’s Threat Intelligence into ThreatQ, allowing organizations to…
Category: GBHackers
EtherRAT Uses SEO Poisoning and Fake GitHub Pages to Target Enterprise Admins
A newly uncovered cyber campaign dubbed “EtherRAT” is raising concerns across enterprise environments, as attackers combine SEO poisoning, GitHub abuse, and blockchain-based infrastructure to target…
New Android Spyware Platform Enables Rebranding and Resale
A newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell surveillance…
China-Aligned Hackers Deploy ShadowPad in Multi-Stage Espionage Campaign
China-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian…
Jenkins Plugin Updates Fix Path Traversal and Stored XSS Bugs
The Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and stored…
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release
A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers…
OpenAI Unveils Cyber Defense Roadmap Focused on AI-Powered Security
OpenAI has released a comprehensive cyber defense roadmap titled “Cybersecurity in the Intelligence Age” to responsibly equip defenders with AI-powered security tools faster than malicious…
PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw
A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN…
Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets
Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP…
Cursor AI Coding Agent Vulnerability Lets Attackers Run Code on Developers’ Machines
A newly disclosed high-severity vulnerability in the Cursor AI-powered coding environment could allow attackers to execute arbitrary code on a developer’s machine, raising fresh concerns…
Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft
Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed “CursorJacking,” this flaw carries a CVSS score of…
Lazarus Targets macOS Users With New “Mach-O Man” Malware Kit
Lazarus Group is abusing “ClickFix” social engineering to push a new macOS malware kit dubbed “Mach-O Man,” giving attackers a direct path to credentials, Keychain secrets, and…