Typosquatted npm Packages Steal Cloud and CI/CD Secrets
A coordinated npm supply chain attack has been uncovered targeting developers working with OpenSearch, ElasticSearch, and DevOps tooling, with attackers actively stealing cloud credentials and…
Category: GBHackers
MicrosoftSystem64 Malware Abuses Hugging Face for Stealthy Data Theft
A sophisticated supply chain attack targeting the npm ecosystem has been uncovered, involving a malicious package named js-logger-pack that evolved into a powerful cross-platform malware loader. First…
Malicious Websites Exploit SSD Timing Signals to Monitor Visitor Activity
Malicious websites can now exploit subtle SSD timing signals in modern browsers to quietly track what users are doing on their devices, including which sites…
CISO Watch List for Gartner Security Summit 2026
New York, USA, May 28th, 2026, CyberNewswire TVC Analyst Group has released its list of twelve cybersecurity companies identified for their activity and positioning ahead…
Hackers Pivot from marimo RCE to Internal Database Using LLM Agent
A newly observed intrusion demonstrates how attackers are replacing static playbooks with AI-driven agents that adapt in real time. The attack began on May 10,…
VaultJacking Attack Exposes Google Password Vaults via Single PIN
A newly disclosed phishing technique dubbed “VaultJacking” is raising serious concerns across the cybersecurity community after researchers demonstrated how a single captured Google Password Manager…
FortiClient Code Execution Flaw Exploited to Deploy EKZ Malware
Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake…
CISA Warns LiteSpeed cPanel Plugin Vulnerability Is Being Exploited in Attacks
CISA has issued an urgent warning after adding a critical vulnerability in the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, confirming active…
BadHost Vulnerability Exposes Sensitive AI Agent Server Endpoints to Attackers
A critical vulnerability, “BadHost” (CVE-2026-48710), has been identified in the Starlette web framework, exposing thousands of AI-powered applications and API services to potential attacks. The…
Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon – GBHackers Security
Frankfurt am Main, Germany, May 27th, 2026, CyberNewswire Link11, a European provider of cloud-based IT security solutions specializing in network and web application security, is…
GitHub Enterprise Server 3.20.3 Addresses Critical Security Flaws
GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and…
Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks
Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow attackers to execute arbitrary code remotely, raising significant concerns for enterprise environments…