Category: GBHackers

SyncFuture Campaign Abuses Enterprise Security Tools to Deploy Malware
26
Jan
2026

SyncFuture Campaign Abuses Enterprise Security Tools to Deploy Malware

A sophisticated, multi-stage espionage campaign targeting Indian residents through phishing emails impersonating the Income Tax Department. The attack chain, tracked…

Share: X : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy MalwareFacebook : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy MalwareLinkedin : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy MalwareReddit : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy MalwareTelegram : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy MalwareWhatsApp : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy MalwareEmail : SyncFuture Campaign Abuses Enterprise Security Tools to Deploy Malware
Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System Instability
26
Jan
2026

Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System Instability

Microsoft has released two critical out-of-band (OOB) security patches targeting widespread issues affecting Windows 11 users following January’s monthly security…

Share: X : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System InstabilityFacebook : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System InstabilityLinkedin : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System InstabilityReddit : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System InstabilityTelegram : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System InstabilityWhatsApp : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System InstabilityEmail : Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System Instability
NetSupport Manager 0-Day Vulnerabilities Enable Remote Code Execution
26
Jan
2026

NetSupport Manager 0-Day Vulnerabilities Enable Remote Code Execution

Two critical 0-day vulnerabilities in NetSupport Manager that, when chained, allow unauthenticated remote code execution (RCE). The vulnerabilities were discovered…

Share: X : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code ExecutionFacebook : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code ExecutionLinkedin : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code ExecutionReddit : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code ExecutionTelegram : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code ExecutionWhatsApp : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code ExecutionEmail : NetSupport Manager 0-Day Vulnerabilities Enable Remote Code Execution
New DPRK Interview Campaign Uses Fake Fonts to Deliver Malware
26
Jan
2026

New DPRK Interview Campaign Uses Fake Fonts to Deliver Malware

A dangerous new iteration of the “Contagious Interview” campaign that weaponizes Microsoft Visual Studio Code task files to distribute sophisticated…

Share: X : New DPRK Interview Campaign Uses Fake Fonts to Deliver MalwareFacebook : New DPRK Interview Campaign Uses Fake Fonts to Deliver MalwareLinkedin : New DPRK Interview Campaign Uses Fake Fonts to Deliver MalwareReddit : New DPRK Interview Campaign Uses Fake Fonts to Deliver MalwareTelegram : New DPRK Interview Campaign Uses Fake Fonts to Deliver MalwareWhatsApp : New DPRK Interview Campaign Uses Fake Fonts to Deliver MalwareEmail : New DPRK Interview Campaign Uses Fake Fonts to Deliver Malware
The "Stanley" marketplace listing on a Russian cybercrime forum (Source : varonis).
26
Jan
2026

New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URL

A dangerous new malware toolkit is being sold on Russian cybercrime forums that can redirect victims to fake websites while…

Share: X : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URLFacebook : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URLLinkedin : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URLReddit : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URLTelegram : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URLWhatsApp : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URLEmail : New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URL
Instagram Investigates Reported Vulnerability Allowing Access to Private Content
26
Jan
2026

Instagram Investigates Reported Vulnerability Allowing Access to Private Content

A server-side vulnerability in Instagram that allegedly allowed completely unauthenticated access to private account posts. This raises concerns about Meta’s…

Share: X : Instagram Investigates Reported Vulnerability Allowing Access to Private ContentFacebook : Instagram Investigates Reported Vulnerability Allowing Access to Private ContentLinkedin : Instagram Investigates Reported Vulnerability Allowing Access to Private ContentReddit : Instagram Investigates Reported Vulnerability Allowing Access to Private ContentTelegram : Instagram Investigates Reported Vulnerability Allowing Access to Private ContentWhatsApp : Instagram Investigates Reported Vulnerability Allowing Access to Private ContentEmail : Instagram Investigates Reported Vulnerability Allowing Access to Private Content
PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain Online
26
Jan
2026

PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain Online

A proof-of-concept exploit for CVE-2026-24061, a critical remote code execution vulnerability in the GNU Inetutils telnetd, has surfaced, with security…

Share: X : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain OnlineFacebook : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain OnlineLinkedin : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain OnlineReddit : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain OnlineTelegram : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain OnlineWhatsApp : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain OnlineEmail : PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain Online
Lazarus Hackers Target European Drone Manufacturers in Active Campaign
26
Jan
2026

Lazarus Hackers Target European Drone Manufacturers in Active Campaign

The North Korean state-sponsored Lazarus hacking group has launched a sophisticated cyberespionage campaign targeting European defense contractors involved in uncrewed…

Share: X : Lazarus Hackers Target European Drone Manufacturers in Active CampaignFacebook : Lazarus Hackers Target European Drone Manufacturers in Active CampaignLinkedin : Lazarus Hackers Target European Drone Manufacturers in Active CampaignReddit : Lazarus Hackers Target European Drone Manufacturers in Active CampaignTelegram : Lazarus Hackers Target European Drone Manufacturers in Active CampaignWhatsApp : Lazarus Hackers Target European Drone Manufacturers in Active CampaignEmail : Lazarus Hackers Target European Drone Manufacturers in Active Campaign
Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes Public
24
Jan
2026

Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes Public

The threat actors have begun actively exploiting a critical authentication bypass vulnerability in GNU InetUtils telnetd immediately after proof-of-concept code…

Share: X : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes PublicFacebook : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes PublicLinkedin : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes PublicReddit : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes PublicTelegram : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes PublicWhatsApp : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes PublicEmail : Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes Public
Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls
24
Jan
2026

Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls

Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations, leveraging SharePoint file-sharing services to…

Share: X : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security ControlsFacebook : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security ControlsLinkedin : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security ControlsReddit : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security ControlsTelegram : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security ControlsWhatsApp : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security ControlsEmail : Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls
Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop Data
24
Jan
2026

Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop Data

Microsoft has confirmed that it provided BitLocker encryption recovery keys to the FBI following a valid search warrant, marking the…

Share: X : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop DataFacebook : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop DataLinkedin : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop DataReddit : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop DataTelegram : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop DataWhatsApp : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop DataEmail : Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop Data
Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App Development
24
Jan
2026

Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App Development

Microsoft has announced the public preview of the Windows App Development CLI (winapp), a new open-source command-line tool designed to…

Share: X : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App DevelopmentFacebook : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App DevelopmentLinkedin : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App DevelopmentReddit : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App DevelopmentTelegram : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App DevelopmentWhatsApp : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App DevelopmentEmail : Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App Development