Cloud Security Report Highlights Tool Fragmentation Risks
Washington D.C., USA, June 10th, 2026, CyberNewswire The 2026 Cloud Security Report from Cybersecurity Insiders, produced in collaboration with Fortinet, finds that 69% of organizations…
Category: GBHackers
New Windows CTF 0-Day Vulnerability Lets Attackers Gain Elevated Privileges
Microsoft has disclosed a new zero-day vulnerability in the Windows Collaborative Translation Framework (CTFMON) that could allow attackers to gain elevated privileges on affected systems.…
Windows BitLocker 0-Day Flaw Enables Security Feature Bypass Attacks
Microsoft has disclosed a newly identified zero-day vulnerability in Windows BitLocker that could allow attackers to bypass one of the operating system’s core disk encryption…
New BitB Phishing Attack Targets Microsoft 365 Logins
A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass…
LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers
A critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE-2026-42271 and chained to CVE-2026-48710,…
MagicAd Android Malware Bypasses Restrictions to Flood Devices With Ads
Android.MagicAd, a stealthy Android trojan family that circumvents operating-system safeguards to push intrusive ads from the background. The apps were short-lived in the catalogs appearing…
Microsoft Defender Adds Monitoring for RPC Protocol Abuse in Cyberattacks
Microsoft has introduced enhanced monitoring capabilities in Microsoft Defender for Endpoint to detect and disrupt cyberattacks that abuse the Remote Procedure Call (RPC) protocol, a…
Linux Kernel Flaw Allows Local Attackers to Gain Root Privileges
A newly disclosed Linux kernel vulnerability tracked as CVE-2026-23111 allows local attackers to escalate privileges to root by exploiting a use-after-free flaw in the nftables…
OWASP Unveils AI Security Report Highlighting New Tools for Security Teams
OWASP has released a new edition of its AI security report, “State of Agentic AI Security and Governance v2.01,” giving security teams a concrete playbook…
Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs
Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical…
Pink Hacking Group Targets Enterprises to Steal Cloud Passwords
A newly observed extortion brand called Pink (CL-CRI-1147) that is actively targeting enterprise users to harvest cloud storage credentials and bypass multi-factor authentication. The group’s…
Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts
VMware has disclosed multiple high-severity stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation (VCF) Operations, potentially allowing attackers to inject malicious scripts and compromise…