Gunra Ransomware Expands RaaS After Conti Locker Shift
Gunra ransomware is rapidly evolving into a more structured and dangerous cybercrime operation after shifting from a Conti-based locker to its own Ransomware-as-a-Service (RaaS) model.…
Category: GBHackers
Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond traditional credential…
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Windows systems worldwide are at risk from a new critical flaw in the Windows DNS Client that could allow remote code execution without any user…
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn that the…
Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites
A critical vulnerability in a widely used WordPress plugin has exposed more than 200,000 websites to potential takeover, raising urgent concerns across the security community.…
TeamPCP, BreachForums Launch $1K Supply-Chain Attack Contest
A new cybercrime campaign is turning supply chain attacks into a public competition, as TeamPCP and BreachForums operators launch a $1,000 contest that encourages hackers…
Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker
Langflow instances left unpatched against CVE-2026-33017 are now being actively abused not just for remote code execution, but as launchpads to steal AWS keys and…
Google Enhances Android Mobile Security with New AI-powered Protections
Mobile devices have become ground zero for a ruthless wave of cyberattacks, with invisible threat actors draining bank accounts and hijacking digital identities before victims…
ClickFix Evolves Using Decade-Old Open-Source Python SOCKS5 Proxy
A newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain using PySoxy, a 10-year-old open-source Python…
Ransomware Gangs Use BYOVD and EDR Killers to Disable Security Tools
Ransomware is evolving faster than many defenses can keep up. In 2026, attackers are no longer just encrypting files they are systematically dismantling security tools,…
Cushman and Wakefield Confirms Data Breach Impacting Over 310,000 Accounts
Global real estate powerhouse Cushman & Wakefield is the latest casualty in an escalating war of corporate extortion. Following a tense “pay or leak” standoff,…
SAP Releases Patch for Critical SQL Injection Flaw in S/4HANA
A severe vulnerability has struck the heart of enterprise resource planning systems this month, threatening organizations worldwide with potential data breaches. On May 12, 2026,…