The Hidden Backbone of a Ransomware Operation
The leaks tied to the BlackBasta ransomware group and Russian hosting company Media Land pulled back the curtain on something defenders rarely get to see:…
Category: GBHackers
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterprise Remote Desktop infrastructure, triggering widespread credential prompt failures that prevent users from accessing Azure Virtual Desktop and Windows 365 environments. The…
Python-Based Recon Toolkit Aims to Boost Security Intelligence
Security researchers and penetration testers gain a comprehensive open-source reconnaissance platform with the release of Argus v2.0, a Python-based information gathering toolkit that consolidates 135…
Mandiant Publishes Rainbow Tables That Crack NTLMv1 Admin Passwords
Mandiant has publicly released comprehensive rainbow tables designed to crack Net-NTLMv1 authentication hashes, addressing a critical security gap that has persisted for over two decades, despite the…
Five Chrome Extensions Used to Hijack Enterprise HR and ERP Systems
Socket’s Threat Research Team has uncovered a coordinated Chrome extension campaign targeting enterprise HR and ERP platforms, including Workday, NetSuite, and SAP SuccessFactors. Five malicious…
PDFSIDER Malware Actively Exploited to Evade Antivirus and EDR Defenses
Security researchers have identified a sophisticated backdoor malware variant, PDFSIDER, that leverages DLL side-loading to evade endpoint detection and response (EDR) systems. The threat demonstrates…
Researchers Hijack Hacker Domain Using Name Server Delegation
Security researchers from Infoblox have successfully intercepted millions of malicious push notification advertisements by exploiting a DNS misconfiguration technique known as “lame nameserver delegation,” gaining…
New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation
Security researcher has disclosed a critical vulnerability in ServiceNow’s Virtual Agent API and Now Assist AI Agents application, tracked as CVE-2025-12420. Dubbed “BodySnatcher,” this flaw…
Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages
Threat intelligence researchers at Huntress have uncovered a sophisticated browser extension campaign orchestrated by the KongTuke threat actor group, featuring a malicious ad blocker impersonating…
New Kerberos Relay Technique Exploits DNS CNAMEs to Bypass Existing Defenses
A critical vulnerability in Windows Kerberos authentication that enables attackers to conduct credential-relay attacks by exploiting DNS CNAME records. Tracked as CVE-2026-20929, this flaw allows…
GhostPoster Malware Targets Chrome Users via 17 Rogue Extensions
A sophisticated malware campaign has compromised users of Chrome, Firefox, and Edge by deploying 17 malicious extensions that employ advanced steganography techniques to evade detection.…
Google Vertex AI Flaw Lets Low-Privilege Users Escalate to Service Agent Roles
Security researchers have discovered critical privilege escalation vulnerabilities in Google’s Vertex AI platform that allow attackers with minimal permissions to hijack high-privileged Service Agent accounts.…