New AI-Powered Threat Allows Hackers to Gain AWS Admin Access in Minutes
A highly sophisticated offensive cloud operation targeting an AWS environment.The attack was notable for its extreme speed taking less than 10 minutes to go from…
Category: GBHackers
Interlock Ransomware Exploits Zero-Day in Gaming Anti-Cheat Driver to Disable EDR, AV
Interlock ransomware operators have been observed using a new process‑killing tool that abuses a zero‑day flaw in a gaming anti‑cheat kernel driver to try to…
PhantomVAI Custom Loader Abuses RunPE Utility to Launch Stealthy Attacks on Users
A new threat called PhantomVAI, a custom “loader” used to launch cyberattacks worldwide. A loader is a type of malicious software designed to secretly download…
Critical ASUSTOR NAS Security Flaw Enables Complete Device Takeover
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked…
One Identity Names Gihan Munasinghe as CTO
Alisa Viejo, United States, February 4th, 2026, CyberNewsWire One Identity, a leader in unified identity security, today announced the appointment of Gihan Munasinghe as Chief Technology…
CISA Warns of Exploited GitLab Community and Enterprise SSRF Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions to its Known…
Threat Actors Conduct Widespread Scanning for Exposed Citrix NetScaler Login Pages
A coordinated reconnaissance campaign targeting Citrix ADC (NetScaler) Gateway infrastructure worldwide. The operation used over 63,000 residential proxy IPs and AWS cloud infrastructure to map…
CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The…
ValleyRAT Masquerades as LINE Installer to Target Users and Harvest Login Credentials
A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have…
Microsoft and Google Platforms Abused in New Enterprise Cyberattacks
A dangerous shift in phishing tactics, with threat actors increasingly hosting malicious infrastructure on trusted cloud platforms like Microsoft Azure, Google Firebase, and AWS CloudFront.…
Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks
A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and potentially compromise entire clusters. Tracked as CVE-2026-24512,…
Critical Django Flaw Allows DoS and SQL Injection Attacks
The Django Software Foundation has issued emergency security patches addressing six critical vulnerabilities affecting multiple versions of the popular Python web framework. Released on February…