Fake Employee Performance Reports Deliver Guloader Malware
Organizations are being warned about a new phishing campaign that weaponizes fake employee performance reports to deploy the Guloader malware and ultimately install Remcos RAT…
Category: GBHackers
Critical InputPlumber Flaw Enables UI Input Injection and Denial-of-Service
Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive…
Researchers Uncover 28 Unique IPs and 85 Domains Hosting Carding Markets
Between July and December 2025, cybersecurity firm Team Cymru conducted an extensive analysis of carding infrastructure, revealing a sophisticated network comprising 28 unique IP addresses…
New “Penguin” Platform Sells Pig-Butchering Kits, PII, and Stolen Accounts
The industrialization of pig butchering scams has reached a critical tipping point. A sprawling Pig Butchering-as-a-Service (PBaaS) economy has emerged across Southeast Asia, offering turnkey scam…
Massive Instagram Data Breach Exposes Personal Details of 17.5 Million Users
A staggering cybersecurity incident has come to light, with 17.5 million Instagram users’ personal information exposed in a data breach advertised on dark web marketplaces.…
Cybercriminals Exploit Maduro Arrest News to Spread Backdoor Malware
Cybercriminals are leveraging reports of Venezuelan President Nicolás Maduro’s arrest on January 3, 2025, to distribute backdoor malware through a sophisticated social engineering campaign. Security…
Trend Micro Apex Central Flaw Enable Remote Code Execution Attacks
Trend Micro has issued a critical security update for Apex Central to address multiple remotely exploitable vulnerabilities, including a bug that allows unauthenticated attackers to execute code…
The Role of Initial Access Markets in Ransomware Campaigns Targeting Australia and New Zealand
The cyber threat environment in Australia and New Zealand has entered a critical phase throughout 2025, marked by a dramatic surge in initial access sales,…
CrowdStrike Acquires Identity Security Startup SGNL in $740 Million Deal
CrowdStrike has announced its agreement to acquire SGNL, a leading identity-first security company, for $740 million. The acquisition will strengthen CrowdStrike Falcon® Next-Gen Identity Security…
Attackers Use Over 240 Exploits Ahead of Ransomware Attacks
Ransomware attacks don’t begin with encryption. They start with reconnaissance and security researchers just documented a significant reconnaissance operation that unfolded over the Christmas holiday.…
OWASP CRS Vulnerability Enables Charset Validation Bypass
A newly disclosed vulnerability in the OWASP Core Rule Set (CRS) allows attackers to bypass charset validation in web application firewalls (WAFs), enabling dangerous payloads to reach backend…
Best Ways to Learn Everything About Investing in Bitcoin – GBHackers Security
Bitcoin is a digital asset and a payment system invented by Satoshi Nakamoto. Transactions are verified by network nodes through cryptography and recorded in a…