Threat Actors Using Fake Google Forms Site to Harvest Google Logins
A new phishing campaign in which threat actors are using a convincing fake version of Google Forms to steal Google account credentials. Cybercriminals are once…
Category: GBHackers
Hackers Hide Malware in Emoji-Based Code to Bypass Security Defenses
Hackers are increasingly abusing emoji and other Unicode tricks to hide malicious code, bypass filters, and evade modern security controls, including AI-powered defenses. This emerging technique, known…
Stealthy Crypto-Mining Malware Jumps Air-Gaps, Spreads via External Drives
Cryptojacking, the unauthorized use of a victim’s computing resources to mine cryptocurrency, has transitioned from a browser-based nuisance (typified by Coinhive scripts) to a system-level…
A New Framework to Detect and Exploit Blockchain Vulnerabilities
OpenAI has collaborated with crypto investment firm Paradigm to release EVMbench, a new benchmark designed to evaluate how artificial intelligence agents interact with smart contract…
Researchers Expose DigitStealer C2 Infrastructure Targeting macOS Users
DigitStealer’s expanding command-and-control (C2) footprint is exposing more of its backend than its operators likely intended, giving defenders fresh opportunities to track and block new…
Critical MCP Server Enables Arbitrary Code Execution and Sensitive Data Exfiltration
MCP servers can silently turn AI assistants into powerful attack platforms, enabling arbitrary code execution, large‑scale data exfiltration, and stealthy user manipulation across both local…
CISA Flags Actively Exploited Windows Video ActiveX Control RCE in KEV List
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog. This specific…
Palo Alto Networks to Acquire Koi Security for Enhanced Agentic Endpoint Security
Palo Alto Networks announced on February 17, 2026, that it has entered a definitive agreement to acquire Koi Security, a pioneer in Agentic Endpoint Security.…
Cryptocurrency Scams in Asia Combine Malvertising and Pig Butchering, Causing Losses Up to ¥10 Million
A rising wave of cryptocurrency scams sweeping across Asia is blending two major fraud techniques malvertising and pig butchering to create a more deceptive and scalable attack…
OpenClaw AI Framework v2026.2.17 Adds Anthropic Model Support Amid Credential Theft Bug Concerns
OpenClaw, the open-source autonomous AI assistant that has gained widespread adoption in early 2026, released version v2026.2.17 on February 17, 2026, introducing support for Anthropic’s…
Critical Ivanti EPMM Zero-Day Vulnerabilities Exploited in the Wild, Targeting Corporate Networks
Two critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, are being actively exploited to compromise enterprise mobile fleets and…
Fake CAPTCHA Attack Chain Triggers Enterprise-Wide Malware Infection in Organizations
Fake CAPTCHA (ClickFix) pages are enabling threat actors to turn a single user click into an enterprise‑wide compromise, as seen in a recent incident affecting…