New Osiris Ransomware Leverages Living Off the Land and Dual-Use Tools in Attacks
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky…
Category: GBHackers
ClearFake malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature
A sophisticated evolution of the ClearFake malware campaign has emerged, deploying advanced evasion techniques that abuse legitimate Windows components to bypass endpoint detection systems. The…
New AI-Powered Android Malware Automatically Clicks Ads on Infected Devices
A sophisticated new Android malware family dubbed “Android.Phantom” that leverages artificial intelligence to automate ad-clicking fraud while establishing a persistent command-and-control infrastructure through dual-mode operation.…
New Multi-Stage Windows Malware Disables Microsoft Defender, Deploys Malicious Payloads
A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting…
Malicious PyPI Package Impersonates sympy-dev, Targeting Millions of Users
A dangerous supply-chain attack targeting the Python Package Index (PyPI) that involves a malicious package named sympy-dev impersonating SymPy, one of the world’s most widely…
New ClickFix Campaign Exploits Fake Verification Pages to Hijack Facebook Sessions
A sophisticated ClickFix campaign targeting Facebook users has been identified, leveraging social engineering to extract live session credentials directly from victims’ browsers. Unlike traditional phishing…
Cisco Unified Communications Zero-Day RCE Flaw Actively Exploited For Root Shell Access
Cisco has warned customers of a critical zero-day vulnerability affecting several of its Unified Communications products, including Cisco Unified Communications Manager (Unified CM), Unified Communications…
Active Exploitation Of Fortinet SSO Flaw Targets Firewalls For Admin Takeover
Threat actors actively exploit critical Fortinet vulnerabilities CVE-2025-59718 and CVE-2025-59719 to bypass FortiCloud SSO authentication on firewalls and proxies. These flaws allow unauthenticated attackers to…
Researchers Expose LockBit 5.0 Affiliate Panel and New Encryption Variants
LockBit 5.0 affiliate panel provide unprecedented visibility into the infrastructure of one of the world’s most notorious ransomware-as-a-service (RaaS) operations. Following the high-profile Operation Cronos…
Research Finds 64% of Third-Party Apps Access Sensitive Data
Boston, MA, USA, January 21st, 2026, CyberNewsWire Reflectiz today announced the release of its 2026 State of Web Exposure Research, revealing a sharp escalation in…
Weaponized Shipping Documents Spread Remcos RAT in Stealthy Malware Campaign
A sophisticated phishing campaign distributing a fileless variant of Remcos RAT, a commercial remote access tool offering extensive capabilities, including system resource management, remote surveillance,…
PURELOGS Payload Hidden in Weaponized PNG Images Used in Stealth Attacks
A sophisticated PURELOGS infostealer campaign that weaponizes PNG image files to evade detection.The attack begins with a phishing email disguised as a pharmaceutical invoice containing…