Category: GBHackers

DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote Employment
10
Feb
2026

DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote Employment

A new wave of identity fraud has hit the remote job market, with North Korean (DPRK) operatives adopting a sophisticated…

Share: X : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote EmploymentFacebook : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote EmploymentLinkedin : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote EmploymentReddit : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote EmploymentTelegram : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote EmploymentWhatsApp : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote EmploymentEmail : DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote Employment
New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious Payloads
10
Feb
2026

New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious Payloads

A new offensive security tool named “RecoverIt” has been released, offering red teamers a stealthy method for lateral movement and…

Share: X : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious PayloadsFacebook : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious PayloadsLinkedin : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious PayloadsReddit : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious PayloadsTelegram : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious PayloadsWhatsApp : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious PayloadsEmail : New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious Payloads
Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
10
Feb
2026

Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering

A new evolution in ClawHub skill-based attacks that effectively sidesteps recent security measures. Rather than embedding base64-encoded payloads directly in…

Share: X : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social EngineeringFacebook : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social EngineeringLinkedin : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social EngineeringReddit : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social EngineeringTelegram : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social EngineeringWhatsApp : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social EngineeringEmail : Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver Malware
10
Feb
2026

ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver Malware

The North Korean-backed advanced persistent threat (APT) group known as ScarCruft has significantly evolved its attack techniques. In a departure…

Share: X : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver MalwareFacebook : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver MalwareLinkedin : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver MalwareReddit : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver MalwareTelegram : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver MalwareWhatsApp : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver MalwareEmail : ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver Malware
Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom Malware
10
Feb
2026

Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom Malware

Threat actors are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to deploy custom malware and establish persistent…

Share: X : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom MalwareFacebook : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom MalwareLinkedin : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom MalwareReddit : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom MalwareTelegram : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom MalwareWhatsApp : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom MalwareEmail : Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom Malware
Node.js LTX Stealer Emerges as New Threat to Login Credentials
10
Feb
2026

Node.js LTX Stealer Emerges as New Threat to Login Credentials

A new, sophisticated malware campaign dubbed “LTX Stealer.” This malware represents a shift in attacker techniques, utilizing legitimate software frameworks…

Share: X : Node.js LTX Stealer Emerges as New Threat to Login CredentialsFacebook : Node.js LTX Stealer Emerges as New Threat to Login CredentialsLinkedin : Node.js LTX Stealer Emerges as New Threat to Login CredentialsReddit : Node.js LTX Stealer Emerges as New Threat to Login CredentialsTelegram : Node.js LTX Stealer Emerges as New Threat to Login CredentialsWhatsApp : Node.js LTX Stealer Emerges as New Threat to Login CredentialsEmail : Node.js LTX Stealer Emerges as New Threat to Login Credentials
European Commission Mitigates Cyberattack Aimed at Employee Mobile Information
10
Feb
2026

European Commission Mitigates Cyberattack Aimed at Employee Mobile Information

The European Commission successfully contained a cyberattack targeting its mobile device management infrastructure on January 30, 2026. The incident, which…

Share: X : European Commission Mitigates Cyberattack Aimed at Employee Mobile InformationFacebook : European Commission Mitigates Cyberattack Aimed at Employee Mobile InformationLinkedin : European Commission Mitigates Cyberattack Aimed at Employee Mobile InformationReddit : European Commission Mitigates Cyberattack Aimed at Employee Mobile InformationTelegram : European Commission Mitigates Cyberattack Aimed at Employee Mobile InformationWhatsApp : European Commission Mitigates Cyberattack Aimed at Employee Mobile InformationEmail : European Commission Mitigates Cyberattack Aimed at Employee Mobile Information
Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack Campaign
10
Feb
2026

Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack Campaign

A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks,…

Share: X : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack CampaignFacebook : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack CampaignLinkedin : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack CampaignReddit : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack CampaignTelegram : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack CampaignWhatsApp : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack CampaignEmail : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack Campaign
Criminal IP Adds Real-Time Threat Intelligence to IBM QRadar
10
Feb
2026

Criminal IP Adds Real-Time Threat Intelligence to IBM QRadar

Torrance, United States / California, February 9th, 2026, CyberNewswire Criminal IP (criminalip.io), the AI-powered threat intelligence and attack surface intelligence…

Share: X : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadarFacebook : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadarLinkedin : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadarReddit : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadarTelegram : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadarWhatsApp : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadarEmail : Criminal IP Adds Real-Time Threat Intelligence to IBM QRadar
APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware
09
Feb
2026

APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware

APT activity across APAC is rising rapidly as geopolitical tensions continue to grow, and defenders are seeing more advanced tradecraft…

Share: X : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy MalwareFacebook : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy MalwareLinkedin : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy MalwareReddit : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy MalwareTelegram : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy MalwareWhatsApp : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy MalwareEmail : APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
09
Feb
2026

Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors

A threat cluster tracked as “Vortex Werewolf” (also known as SkyCloak) has been observed targeting Russian government and defense organizations….

Share: X : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH BackdoorsFacebook : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH BackdoorsLinkedin : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH BackdoorsReddit : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH BackdoorsTelegram : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH BackdoorsWhatsApp : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH BackdoorsEmail : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution
09
Feb
2026

Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution

A critical security vulnerability has been discovered in Fortinet’s FortiClient EMS (Endpoint Management Server), potentially exposing organizations to remote code…

Share: X : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code ExecutionFacebook : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code ExecutionLinkedin : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code ExecutionReddit : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code ExecutionTelegram : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code ExecutionWhatsApp : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code ExecutionEmail : Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution