Fake Call History Apps on Google Play Steal Payments, Hit 7.3M+ Downloads
28 fake “call history” utilities on Google Play, collectively installed more than 7.3 million times, have been exposed as subscription scams that generate fabricated logs…
Category: GBHackers
Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks
Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow…
Fake Disk Cleanup Apps Fuel New macOS ClickFix Attack
A wave of ClickFix-style social engineering attacks that specifically target macOS users, using fake disk cleanup and system utility tips hosted on popular content platforms.…
Massive DDoS Attack Generates 2.45 Billion Requests Using 1.2 Million IP Addresses
A distributed denial-of-service attack targeted a major user-generated content platform, generating an astonishing 2.45 billion malicious requests in just 5 hours. Security provider DataDome successfully…
Phishing Attack Weaponizes Calendar Invites to Steal Login Credentials
A new large-scale phishing campaign is abusing fake event invitations to compromise U.S. organizations, combining credential theft, OTP interception, and the deployment of remote monitoring…
Salat Malware Abuses QUIC and WebSockets for Stealthy C2 Control
A powerful new Windows malware family dubbed Salat Stealer, a Go-based Remote Access Trojan (RAT) that blends classic infostealing with a stealthy QUIC/WebSocket command-and-control (C2) channel…
Salesforce Marketing Cloud Vulnerability Exposes Email Data Risk
Salesforce Marketing Cloud (SFMC) recently patched a cluster of high‑impact vulnerabilities that could have allowed attackers to read and enumerate marketing emails and subscriber data…
Vimeo Confirms Breach Exposing 119,000 Unique User Email Addresses
Video hosting platform Vimeo has confirmed a data breach that exposed approximately 119,000 unique user email addresses, attributing the incident to a security compromise at…
ScarCruft Targets Gaming Platform With Windows, Android Backdoors
A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform.…
Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads
A sophisticated supply-chain attack has compromised the official distribution channel for DAEMON Tools, delivering multi-stage malware to users worldwide. Since April 8, 2026, threat actors…
LuxSci Launches HIPAA-Compliant Email Security
Cambridge, MA, May 5th, 2026, CyberNewswire New right-sized offering brings advanced encryption, easy API integration, and HITRUST-certified compliance to the most underserved segment in healthcare…
Code of Conduct Phish Hits 35,000 Users in Multi-Stage AiTM Attack
A highly sophisticated phishing campaign leveraging code-of-conduct-themed lures has targeted more than 35,000 users across 13,000 organizations. The multi-stage attack, observed between April 14 and…