Google API Keys Leak Sensitive Data Without Warning via Gemini
Security researchers at Truffle Security discovered that legacy public-facing Google API keys can silently gain unauthorized access to Google’s sensitive Gemini AI endpoints. This flaw…
Category: GBHackers
Government Data Stolen After Hacker Jailbreaks Claude AI to Write Malicious Exploit Code
A hacker successfully manipulated Anthropic’s Claude AI to launch a sophisticated month-long cyberattack against Mexican government agencies. Between December 2025 and January 2026, the attacker…
Zyxel Vulnerabilities Allow Remote Attackers to Execute Commands via Command Injection
Zyxel has rolled out critical security patches for multiple vulnerabilities affecting its 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, Security Routers, and Wireless Extenders.…
Wireshark 4.6.4 Released to Patch Multiple Security Vulnerabilities
Wireshark has released version 4.6.4, delivering security and stability fixes that address several denial‑of‑service risks and multiple crashes in protocol dissectors and tools. The update…
Marquis Takes Legal Action Against SonicWall Over Ransomware Attack from Backup Breach
Marquis Software Solutions has filed a lawsuit against cybersecurity firm SonicWall, claiming a vulnerability in SonicWall’s cloud backup service led directly to a ransomware attack…
Phishing‑Led Agent Tesla Campaign Uses Process Hollowing and Anti‑Analysis to Evade Detection
Agent Tesla continues to cement its status as one of the most persistent remote access trojans (RATs) in the global threat landscape. Known for its…
Zoom Update Scam Infects 1,437 Users in 12 Days to Deploy Surveillance Tools
A dangerous new scam is targeting Zoom users by exploiting their trust in video meeting invites. Over just twelve days, 1,437 Windows users unknowingly installed a malicious…
OpenAI Confirms Chinese Hackers Used ChatGPT in Cyberattack Campaign
OpenAI has confirmed that Chinese-linked operators misused ChatGPT as part of a broader campaign that blended cyber operations, online harassment, and covert influence tactics, according…
Malicious Ads Bypass Google Ads Screening via New Campaign Platform Exploit
A sophisticated cloaking platform called 1Campaign, designed to help attackers run malicious Google Ads campaigns while evading detection. The service acts as a full‑service infrastructure…
ServiceNow AI Platform Vulnerability Allows Remote Code Execution
ServiceNow has disclosed a critical security vulnerability in its AI Platform that could allow unauthenticated attackers to remotely execute code within the ServiceNow Sandbox environment.…
ResidentBat Android Malware Grants Belarusian KGB Ongoing Mobile Access
ResidentBat is a custom Android spyware implant used by the Belarusian KGB to turn seized smartphones into long‑lived surveillance platforms against journalists and civil society…
Hydra Saiga Espionage Campaign Targets Critical Utilities Using Telegram C2 for Data Theft
Hydra Saiga is running a long-running espionage campaign that abuses Telegram as command-and-control (C2) to infiltrate critical utilities in Central Asia and exfiltrate sensitive data…