FreeBSD Vulnerabilities Enable Attackers to Crash Entire System
The FreeBSD Project has disclosed a critical security vulnerability, tracked as CVE-2025-15576, which allows attackers to escape jail environments and gain unauthorized access to the…
Category: GBHackers
Critical Trend Micro Apex One Vulnerabilities Allow Remote Malicious Code Execution
Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to upload…
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments
Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer and…
Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials
The cybersecurity community is witnessing a rise in credential‑stuffing attacks targeting corporate Single Sign‑On (SSO) systems, with recent campaigns focusing on F5 BIG‑IP devices. To…
1 Million Records from Dutch Telco Odido Leaked Online in Massive Data Breach
The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers. The incident, which included an extortion…
Vshell Gains Popularity Among Cybercriminals as Cobalt Strike Alternative
A Go‑based remote administration tool known as Vshell is emerging as a favored alternative to Cobalt Strike among both red teams and threat actors. Though marketed as…
Microsoft Defender Discovers Trojanized Gaming Utility Campaign Stealing Data with RATs
Microsoft Defender researchers have uncovered a new campaign that abuses trojanized gaming utilities to deliver multi‑stage malware with remote access, data theft, and payload delivery…
Google API Keys Leak Sensitive Data Without Warning via Gemini
Security researchers at Truffle Security discovered that legacy public-facing Google API keys can silently gain unauthorized access to Google’s sensitive Gemini AI endpoints. This flaw…
Government Data Stolen After Hacker Jailbreaks Claude AI to Write Malicious Exploit Code
A hacker successfully manipulated Anthropic’s Claude AI to launch a sophisticated month-long cyberattack against Mexican government agencies. Between December 2025 and January 2026, the attacker…
Zyxel Vulnerabilities Allow Remote Attackers to Execute Commands via Command Injection
Zyxel has rolled out critical security patches for multiple vulnerabilities affecting its 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, Security Routers, and Wireless Extenders.…
Wireshark 4.6.4 Released to Patch Multiple Security Vulnerabilities
Wireshark has released version 4.6.4, delivering security and stability fixes that address several denial‑of‑service risks and multiple crashes in protocol dissectors and tools. The update…
Marquis Takes Legal Action Against SonicWall Over Ransomware Attack from Backup Breach
Marquis Software Solutions has filed a lawsuit against cybersecurity firm SonicWall, claiming a vulnerability in SonicWall’s cloud backup service led directly to a ransomware attack…