GBHackers

New ClickFix Campaign Exploits Fake Verification Pages to Hijack Facebook Sessions

A sophisticated ClickFix campaign targeting Facebook users has been identified, leveraging social engineering to extract live session credentials directly from victims’ browsers. Unlike traditional phishing…

January 22, 2026 Cybernoz 3 min read

GBHackers

Cisco Unified Communications Zero-Day RCE Flaw Actively Exploited For Root Shell Access

Cisco has warned customers of a critical zero-day vulnerability affecting several of its Unified Communications products, including Cisco Unified Communications Manager (Unified CM), Unified Communications…

January 22, 2026 Cybernoz 3 min read

GBHackers

Active Exploitation Of Fortinet SSO Flaw Targets Firewalls For Admin Takeover

Threat actors actively exploit critical Fortinet vulnerabilities CVE-2025-59718 and CVE-2025-59719 to bypass FortiCloud SSO authentication on firewalls and proxies. These flaws allow unauthenticated attackers to…

January 22, 2026 Cybernoz 2 min read

GBHackers

Researchers Expose LockBit 5.0 Affiliate Panel and New Encryption Variants

LockBit 5.0 affiliate panel provide unprecedented visibility into the infrastructure of one of the world’s most notorious ransomware-as-a-service (RaaS) operations. Following the high-profile Operation Cronos…

January 22, 2026 Cybernoz 2 min read

GBHackers

Research Finds 64% of Third-Party Apps Access Sensitive Data

Boston, MA, USA, January 21st, 2026, CyberNewsWire Reflectiz today announced the release of its 2026 State of Web Exposure Research, revealing a sharp escalation in…

January 22, 2026 Cybernoz 2 min read

GBHackers

Weaponized Shipping Documents Spread Remcos RAT in Stealthy Malware Campaign

A sophisticated phishing campaign distributing a fileless variant of Remcos RAT, a commercial remote access tool offering extensive capabilities, including system resource management, remote surveillance,…

January 21, 2026 Cybernoz 2 min read

GBHackers

PURELOGS Payload Hidden in Weaponized PNG Images Used in Stealth Attacks

A sophisticated PURELOGS infostealer campaign that weaponizes PNG image files to evade detection.The attack begins with a phishing email disguised as a pharmaceutical invoice containing…

January 21, 2026 Cybernoz 3 min read

GBHackers

Magecart Hack Injects JavaScript to Steal Online Payment Data

A new Magecart-style campaign is actively targeting e-commerce websites by injecting malicious JavaScript that intercepts and exfiltrates payment card data during checkout. The malicious script…

January 21, 2026 Cybernoz 3 min read

GBHackers

GNU InetUtils Vulnerability Exploited via “-f root” to Achieve Full System Control

A critical authentication bypass vulnerability in GNU InetUtils’ telnetd server allows remote attackers to gain root access without credentials by exploiting improper parameter sanitization. GNU…

January 21, 2026 Cybernoz 2 min read

GNU InetUtils Vulnerability Exploited via “-f root” to Achieve Full System Control

A critical authentication bypass vulnerability in GNU InetUtils’ telnetd server allows remote attackers to gain root access without credentials by exploiting improper parameter sanitization. GNU…

January 21, 2026 Cybernoz 2 min read

GBHackers

Critical Zoom Vulnerability Enables Remote Code Execution via Command Injection

A critical command injection vulnerability in Zoom Node Multimedia Routers (MMRs) has been disclosed, potentially allowing meeting participants to execute arbitrary code on vulnerable systems.…

January 21, 2026 Cybernoz 2 min read

GBHackers

ErrTraffic Exploits Visual Page Breaks to Fuel ClickFix Attacks, Rebranding Exploits as “GlitchFix”

ErrTraffic is a Traffic Distribution System (TDS) designed to power ClickFix social engineering attacks. Unlike traditional fake update prompts, ErrTraffic deliberately breaks website visuals creating garbled text,…

January 21, 2026 Cybernoz 2 min read