Category: GBHackers

Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data
04
Feb
2026

Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data

A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data….

Share: X : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive DataFacebook : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive DataLinkedin : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive DataReddit : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive DataTelegram : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive DataWhatsApp : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive DataEmail : Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
04
Feb
2026

Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials

A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted…

Share: X : Fake Dropbox Phishing Campaign Targets Users, Steals Login CredentialsFacebook : Fake Dropbox Phishing Campaign Targets Users, Steals Login CredentialsLinkedin : Fake Dropbox Phishing Campaign Targets Users, Steals Login CredentialsReddit : Fake Dropbox Phishing Campaign Targets Users, Steals Login CredentialsTelegram : Fake Dropbox Phishing Campaign Targets Users, Steals Login CredentialsWhatsApp : Fake Dropbox Phishing Campaign Targets Users, Steals Login CredentialsEmail : Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms
04
Feb
2026

Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms

A sharp rise in campaigns targeting macOS users, while attackers also ramp up Python‑based stealers and abuse trusted platforms like…

Share: X : Infostealer Attacks Hit macOS, Abusing Python and Trusted PlatformsFacebook : Infostealer Attacks Hit macOS, Abusing Python and Trusted PlatformsLinkedin : Infostealer Attacks Hit macOS, Abusing Python and Trusted PlatformsReddit : Infostealer Attacks Hit macOS, Abusing Python and Trusted PlatformsTelegram : Infostealer Attacks Hit macOS, Abusing Python and Trusted PlatformsWhatsApp : Infostealer Attacks Hit macOS, Abusing Python and Trusted PlatformsEmail : Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms
GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target Developers
04
Feb
2026

GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target Developers

A new GlassWorm-linked supply chain attack abusing the Open VSX Registry, this time via a suspected compromise of a legitimate…

Share: X : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target DevelopersFacebook : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target DevelopersLinkedin : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target DevelopersReddit : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target DevelopersTelegram : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target DevelopersWhatsApp : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target DevelopersEmail : GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target Developers
Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs
03
Feb
2026

Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs

A complex espionage campaign attributed to Chinese APT group Lotus Blossom, active since 2009. The investigation uncovered a sophisticated compromise…

Share: X : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCsFacebook : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCsLinkedin : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCsReddit : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCsTelegram : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCsWhatsApp : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCsEmail : Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs
Apache Syncope Vulnerability Allows Attackers to Hijack Active User Sessions
03
Feb
2026

Apache Syncope Vulnerability Allows Attackers to Hijack Active User Sessions

Apache Syncope, a popular open-source identity and access management platform, has disclosed a critical XML External Entity (XXE) vulnerability in…

Share: X : Apache Syncope Vulnerability Allows Attackers to Hijack Active User SessionsFacebook : Apache Syncope Vulnerability Allows Attackers to Hijack Active User SessionsLinkedin : Apache Syncope Vulnerability Allows Attackers to Hijack Active User SessionsReddit : Apache Syncope Vulnerability Allows Attackers to Hijack Active User SessionsTelegram : Apache Syncope Vulnerability Allows Attackers to Hijack Active User SessionsWhatsApp : Apache Syncope Vulnerability Allows Attackers to Hijack Active User SessionsEmail : Apache Syncope Vulnerability Allows Attackers to Hijack Active User Sessions
Critical Flaws in KiloView Devices Enable Complete Admin Takeover
03
Feb
2026

Critical Flaws in KiloView Devices Enable Complete Admin Takeover

The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a critical vulnerability affecting multiple versions of KiloView Encoder Series devices,…

Share: X : Critical Flaws in KiloView Devices Enable Complete Admin TakeoverFacebook : Critical Flaws in KiloView Devices Enable Complete Admin TakeoverLinkedin : Critical Flaws in KiloView Devices Enable Complete Admin TakeoverReddit : Critical Flaws in KiloView Devices Enable Complete Admin TakeoverTelegram : Critical Flaws in KiloView Devices Enable Complete Admin TakeoverWhatsApp : Critical Flaws in KiloView Devices Enable Complete Admin TakeoverEmail : Critical Flaws in KiloView Devices Enable Complete Admin Takeover
APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware
03
Feb
2026

APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware

The Russia-linked advanced persistent threat group APT28 has been observed actively exploiting a zero-day vulnerability in Microsoft Office to deliver…

Share: X : APT28 Exploits Active Microsoft Office Zero-Day to Deliver MalwareFacebook : APT28 Exploits Active Microsoft Office Zero-Day to Deliver MalwareLinkedin : APT28 Exploits Active Microsoft Office Zero-Day to Deliver MalwareReddit : APT28 Exploits Active Microsoft Office Zero-Day to Deliver MalwareTelegram : APT28 Exploits Active Microsoft Office Zero-Day to Deliver MalwareWhatsApp : APT28 Exploits Active Microsoft Office Zero-Day to Deliver MalwareEmail : APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware
Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary Commands
03
Feb
2026

Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary Commands

Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute…

Share: X : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary CommandsFacebook : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary CommandsLinkedin : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary CommandsReddit : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary CommandsTelegram : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary CommandsWhatsApp : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary CommandsEmail : Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary Commands
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
03
Feb
2026

Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan

A malicious application on the Google Play Store masquerading as a legitimate document reader. The deceptive application, which has accumulated…

Share: X : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking TrojanFacebook : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking TrojanLinkedin : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking TrojanReddit : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking TrojanTelegram : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking TrojanWhatsApp : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking TrojanEmail : Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
03
Feb
2026

Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns

Hundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain…

Share: X : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware CampaignsFacebook : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware CampaignsLinkedin : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware CampaignsReddit : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware CampaignsTelegram : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware CampaignsWhatsApp : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware CampaignsEmail : Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration
03
Feb
2026

GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration

A new Android spyware campaign that uses romance scams and fake chat profiles to spy on users in Pakistan. The…

Share: X : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for RestorationFacebook : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for RestorationLinkedin : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for RestorationReddit : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for RestorationTelegram : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for RestorationWhatsApp : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for RestorationEmail : GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration