Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms
A sharp rise in campaigns targeting macOS users, while attackers also ramp up Python‑based stealers and abuse trusted platforms like WhatsApp and popular PDF utilities.…
Category: GBHackers
GlassWorm Infiltrates VSX Extensions With 22,000+ Downloads to Target Developers
A new GlassWorm-linked supply chain attack abusing the Open VSX Registry, this time via a suspected compromise of a legitimate publisher’s credentials rather than typosquatted…
Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs
A complex espionage campaign attributed to Chinese APT group Lotus Blossom, active since 2009. The investigation uncovered a sophisticated compromise of Notepad++ distribution infrastructure that…
Apache Syncope Vulnerability Allows Attackers to Hijack Active User Sessions
Apache Syncope, a popular open-source identity and access management platform, has disclosed a critical XML External Entity (XXE) vulnerability in its Console component. The vulnerability,…
Critical Flaws in KiloView Devices Enable Complete Admin Takeover
The Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a critical vulnerability affecting multiple versions of KiloView Encoder Series devices, warning that unauthenticated attackers could…
APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware
The Russia-linked advanced persistent threat group APT28 has been observed actively exploiting a zero-day vulnerability in Microsoft Office to deliver malware through a sophisticated multi-stage…
Hikvision Wireless AP Flaw Could Let Attackers Run Arbitrary Commands
Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute arbitrary commands on affected devices.…
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
A malicious application on the Google Play Store masquerading as a legitimate document reader. The deceptive application, which has accumulated over 50,000 downloads, functions as…
Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
Hundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are…
GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration
A new Android spyware campaign that uses romance scams and fake chat profiles to spy on users in Pakistan. The malicious app, named GhostChat and…
Mozilla Introduces Global Kill Switch for Firefox AI Capabilities
Mozilla has rolled out comprehensive AI controls in Firefox 148, launching February 24, 2026, allowing users to globally disable all generative AI features across the…
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
In March 2025, the Ricochet Chollima APT group, widely recognized as APT37 and linked to North Korean state-sponsored operations, launched a targeted spear-phishing campaign against…