Apache Hadoop Flaw Could Trigger System Crashes or Data Corruption
A moderate out-of-bounds write vulnerability in Apache Hadoop’s HDFS native client that could allow attackers to trigger system crashes or cause data corruption in production…
Category: GBHackers
SyncFuture Campaign Abuses Enterprise Security Tools to Deploy Malware
A sophisticated, multi-stage espionage campaign targeting Indian residents through phishing emails impersonating the Income Tax Department. The attack chain, tracked as the “SyncFuture Espionage Campaign,”…
Microsoft Issues KB5078127 OOB Patch After Reports of Outlook Freezing and File System Instability
Microsoft has released two critical out-of-band (OOB) security patches targeting widespread issues affecting Windows 11 users following January’s monthly security updates. The emergency patches, KB5078127…
NetSupport Manager 0-Day Vulnerabilities Enable Remote Code Execution
Two critical 0-day vulnerabilities in NetSupport Manager that, when chained, allow unauthenticated remote code execution (RCE). The vulnerabilities were discovered during routine security assessments of…
New DPRK Interview Campaign Uses Fake Fonts to Deliver Malware
A dangerous new iteration of the “Contagious Interview” campaign that weaponizes Microsoft Visual Studio Code task files to distribute sophisticated malware targeting software developers. This…
New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URL
A dangerous new malware toolkit is being sold on Russian cybercrime forums that can redirect victims to fake websites while keeping the real domain name…
Instagram Investigates Reported Vulnerability Allowing Access to Private Content
A server-side vulnerability in Instagram that allegedly allowed completely unauthenticated access to private account posts. This raises concerns about Meta’s vulnerability disclosure handling and the…
PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain Online
A proof-of-concept exploit for CVE-2026-24061, a critical remote code execution vulnerability in the GNU Inetutils telnetd, has surfaced, with security researchers warning that over 800,000…
Lazarus Hackers Target European Drone Manufacturers in Active Campaign
The North Korean state-sponsored Lazarus hacking group has launched a sophisticated cyberespionage campaign targeting European defense contractors involved in uncrewed aerial vehicle (UAV) manufacturing. The…
Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes Public
The threat actors have begun actively exploiting a critical authentication bypass vulnerability in GNU InetUtils telnetd immediately after proof-of-concept code became publicly available. The flaw…
Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls
Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations, leveraging SharePoint file-sharing services to bypass traditional email security controls…
Microsoft Shared BitLocker Recovery Keys with FBI to Unlock Encrypted Laptop Data
Microsoft has confirmed that it provided BitLocker encryption recovery keys to the FBI following a valid search warrant, marking the first publicly known case of…