Category: GBHackers

287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million Users
12
Feb
2026

287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million Users

A new security investigation has uncovered 287 Chrome extensions that appear to secretly send users’ browsing data to remote servers, impacting an…

Share: X : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million UsersFacebook : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million UsersLinkedin : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million UsersReddit : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million UsersTelegram : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million UsersWhatsApp : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million UsersEmail : 287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million Users
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
12
Feb
2026

ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks

Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of…

Share: X : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask CyberattacksFacebook : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask CyberattacksLinkedin : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask CyberattacksReddit : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask CyberattacksTelegram : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask CyberattacksWhatsApp : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask CyberattacksEmail : ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage Malware
12
Feb
2026

SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage Malware

A DShield honeypot sensor recently recorded a complete compromise sequence involving a self-replicating SSH worm that exploits weak passwords to…

Share: X : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage MalwareFacebook : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage MalwareLinkedin : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage MalwareReddit : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage MalwareTelegram : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage MalwareWhatsApp : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage MalwareEmail : SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage Malware
Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched Vulnerabilities
12
Feb
2026

Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched Vulnerabilities

Feiniu fnOS network-attached storage (NAS) devices have been pulled into a large Netdragon botnet after attackers exploited still-unpatched vulnerabilities, turning…

Share: X : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched VulnerabilitiesFacebook : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched VulnerabilitiesLinkedin : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched VulnerabilitiesReddit : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched VulnerabilitiesTelegram : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched VulnerabilitiesWhatsApp : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched VulnerabilitiesEmail : Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched Vulnerabilities
Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPs
12
Feb
2026

Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPs

The cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM and activity from the attack…

Share: X : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPsFacebook : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPsLinkedin : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPsReddit : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPsTelegram : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPsWhatsApp : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPsEmail : Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPs
Lazarus Group's 'Graphalgo' Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
12
Feb
2026

Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware

Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to…

Share: X : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread MalwareFacebook : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread MalwareLinkedin : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread MalwareReddit : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread MalwareTelegram : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread MalwareWhatsApp : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread MalwareEmail : Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution Attacks
12
Feb
2026

WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution Attacks

A critical vulnerability in the popular WPvivid Backup & Migration plugin is putting more than 800,000 WordPress websites at risk…

Share: X : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution AttacksFacebook : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution AttacksLinkedin : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution AttacksReddit : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution AttacksTelegram : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution AttacksWhatsApp : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution AttacksEmail : WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution Attacks
Chrome Security Update Released to Address Code Execution Vulnerabilities
12
Feb
2026

Chrome Security Update Released to Address Code Execution Vulnerabilities

Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux systems, addressing 11 security vulnerabilities that…

Share: X : Chrome Security Update Released to Address Code Execution VulnerabilitiesFacebook : Chrome Security Update Released to Address Code Execution VulnerabilitiesLinkedin : Chrome Security Update Released to Address Code Execution VulnerabilitiesReddit : Chrome Security Update Released to Address Code Execution VulnerabilitiesTelegram : Chrome Security Update Released to Address Code Execution VulnerabilitiesWhatsApp : Chrome Security Update Released to Address Code Execution VulnerabilitiesEmail : Chrome Security Update Released to Address Code Execution Vulnerabilities
Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot Loops
12
Feb
2026

Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot Loops

Palo Alto Networks has disclosed a PAN-OS firewall vulnerability that can let remote attackers force repeated reboots, potentially pushing a…

Share: X : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot LoopsFacebook : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot LoopsLinkedin : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot LoopsReddit : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot LoopsTelegram : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot LoopsWhatsApp : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot LoopsEmail : Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot Loops
Malicious 'duer-js' NPM Package Distributes 'Bada Stealer' Malware Targeting Windows and Discord Users
12
Feb
2026

Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users

A newly discovered malicious NPM package, dubbed duer-js , is being used to distribute an advanced information‑stealing malware that primarily targets Windows…

Share: X : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord UsersFacebook : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord UsersLinkedin : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord UsersReddit : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord UsersTelegram : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord UsersWhatsApp : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord UsersEmail : Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
Adblock Filters Expose User Location Even With VPN Protection
12
Feb
2026

Adblock Filters Expose User Location Even With VPN Protection

A new fingerprinting technique called “Adbleed” reveals that VPN users aren’t as anonymous as they think. While VPNs hide your…

Share: X : Adblock Filters Expose User Location Even With VPN ProtectionFacebook : Adblock Filters Expose User Location Even With VPN ProtectionLinkedin : Adblock Filters Expose User Location Even With VPN ProtectionReddit : Adblock Filters Expose User Location Even With VPN ProtectionTelegram : Adblock Filters Expose User Location Even With VPN ProtectionWhatsApp : Adblock Filters Expose User Location Even With VPN ProtectionEmail : Adblock Filters Expose User Location Even With VPN Protection
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
12
Feb
2026

Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers

A dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers….

Share: X : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card NumbersFacebook : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card NumbersLinkedin : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card NumbersReddit : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card NumbersTelegram : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card NumbersWhatsApp : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card NumbersEmail : Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers