• Russian state-sponsored threat actors have been observed leveraging the infamous ClickFix strategy to trick Ukrainian targets into infecting their own machines with data-stealing malware. According to the Computer Emergency Response Team of Ukraine (CERT-UA), the activity has been attributed to UAC-0145, a sub-cluster within Sandworm, an advanced hacking unit affiliated with GRU, Russia’s

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A previously undocumented threat actor has been attributed to the exploitation of recently disclosed SonicWall Secure Mobile Access (SMA) 1000 series VPN appliances as zero-days prior their public disclosure since June 22, 2026. Cybersecurity company Volexity is tracking the activity under the moniker UTA0533. The discovery was made following an incident response investigation earlier this

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A newly disclosed a pre-authentication remote code execution (RCE) vulnerability in WordPress Core, dubbed “wp2shell,” that requires no authentication and affects stock WordPress installations with zero plugins installed. Given that WordPress powers an estimated 500 million websites globally. The flaw represents one of the most significant CMS security disclosures in recent memory. The issue stems […]

    The post Critical WordPress Core Flaw Lets Anonymous Hackers Gain Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Ernst & Young LLP (EY) has confirmed a data security incident in which an unauthorized third party breached a third-party IT service management platform used by its tax practice, exfiltrating documents containing client personal and financial information. The Big Four firm filed formal breach notifications with the California Attorney General’s office on July 15, 2026, […]

    The post EY Data Breach – Hackers Access Third-Party IT Support Platform and Steal Client Tax Documents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A newly disclosed vulnerability reminds us how deeply our digital infrastructure relies on foundational libraries. The Okta Red Team recently discovered “HollowByte,” a Denial of Service (DoS) flaw in OpenSSL that allows a remote, unauthenticated attacker to force a server to allocate disproportionate memory chunks before any security handshake even begins, using a payload just […]

    The post OpenSSL DoS Vulnerability Lets Remote Attackers Exhaust Server Memory With an 11-Byte Payload appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Cloud Software Group has issued a High-severity security bulletin (CTX696734) disclosing two vulnerabilities in the Citrix Secure Access Client for Windows and the Citrix Endpoint Analysis Client for Windows. The more serious of the two, tracked as CVE-2026-53565, allows a standard, low-privileged user on a local system to escalate privileges and gain full SYSTEM access, […]

    The post Citrix Secure Access Client Flaw Lets Low-Privileged Windows Users Gain SYSTEM Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable. Every 6.9 and 7.0 site was in range until Friday, when WordPress shipped 6.9.5 and 7.0.2 and enabled what it calls forced updates through its auto-update system. Adam Kues at Assetnote, Searchlight Cyber’s attack surface management arm, found the flaw and reported

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts. OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta’s Red Team, which reported the denial-of-service bug and named it, published the

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack. The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was observed using an “unprecedented” four-tier blockchain-based command-and-control (C2) infrastructure spanning Tron,

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A little-noticed presidential national security directive is now the legal engine behind a wave of terrorism prosecutions against left-wing protesters. 

    That domestic campaign now has an international dimension, one that American officials had been planning for months, culminating on July 16, 2026, when Secretary of State Marco Rubio’s Ministerial on the Resurgence of Political Terrorism drew representatives from more than 65 countries to Washington. The gathering was informally called the “Antifa summit.” 

    Rubio described antifa-aligned networks as sharing infrastructure across borders and accused Iran and Cuba of helping bankroll the movement, without offering evidence. The White House declared the summit the start of an “unprecedented global offensive” against what it calls “radical left terrorism.” 

    This offensive is built on the same domestic legal architecture that has now sent American activists to prison for decades. 

    That architecture is National Security Presidential Memorandum/NSPM-7, issued on Sept. 25, 2025, which for the first time appeared to authorize preemptive law-enforcement measures against Americans based not on whether they are planning to commit violence but for their political or ideological beliefs.

    Nearly a year later, that blueprint has moved from paper into practice.

    The Justice Department has built task forces staffed by counterterrorism prosecutors. The FBI has set up its own NSPM-7 mission center to oversee investigations into left-wing movements, including a joint effort with the IRS to investigate nonprofit groups. 

    The Justice Department has used this machinery to convict activists and send some of them to prison for decades.

    NSPM-7 was not passed by Congress. It’s a lesser-known tool of executive power: a presidential memorandum. 

    As an international relations scholar who has studied U.S. foreign policy decision-making and national security legislation, I recognize that presidents can take several types of executive actions without legislative involvement: executive ordersmemoranda and proclamations.

    This structure allows the president to direct law enforcement and national security agencies, with little opportunity for congressional oversight. 

    Presidential national security powers

    Executive memorandums direct agencies to prepare reports, implement policies, or align programs with the administration’s priorities. Unlike executive orders, they aren’t required to be published. When they relate to national security, like NSPM-7, they’re called national security directives – many of which stay classified and may not be declassified for years or decades.

    The stated purpose of NSPM-7 is to counter domestic terrorism and organized political violence, focusing mainly on perceived threats from the political left. The memorandum identifies “anti-Christian,” “anti-capitalism” or “anti-American” views as potential indicators that a group or person will commit domestic terrorism. 

    The memorandum claims that political violence originates with “anti-fascist” groups that hold the following views: “support for the overthrow of the United States Government; extremism on migration, race, and gender; and hostility towards those who hold traditional American views on family, religion, and morality.” 

    The strategy includes preemptive measures to disrupt groups before they engage in violent political acts, empowering multiagency task forces to investigate potential federal crimes related to radicalization and the groups’ funders. Former Attorney General Pam Bondi’s December 2025 implementation memo went further, ordering a five-year review of agency files on antifa. A task force staffed with counterterrorism and organized-crime prosecutors is carrying out these investigations.

    ‘Domestic terrorist organizations’

    The memorandum directs the Department of Justice to focus FBI resources from approximately 200 Joint Terrorism Task Forces on investigating “acts of recruiting or radicalizing persons” for the purpose of “political violence, terrorism, or conspiracy against rights; and the violent deprivation of any citizen’s rights.” 

    NSPM-7 also allows the attorney general to propose groups for designation as “domestic terrorist organizations.” That includes groups that engage in “organized doxxing campaigns, swatting, rioting, looting, trespass, assault, destruction of property, threats of violence, and civil disorder.” 

    Existing laws allow the secretary of state to designate groups as “foreign terrorist organizations” that are then subject to financial sanctions. 

    But these laws do not permit the president to label domestic groups this way. 

    That gap hasn’t stopped prosecutions. In Texas, eight defendants tied to a “North Texas Antifa Cell” were sentenced in June 2026 for a 2025 armed confrontation at the Prairieland immigration detention center. One man received 100 years, and others who never fired a weapon still drew decades in prison under terrorism sentencing guidelines. 

    In Minnesota, 15 members and associates of a group called Direct Action Minnesota were indicted in June 2026 on conspiracy and assault charges. A 94-page indictment cited behavior such as wearing an “I’m Antifa!” sweatshirt, possessing a bullhorn or including a devil emoji in a Signal message.

    NSPM-7 marks a major conceptual shift in U.S. counterterrorism policy, departing from approaches that primarily targeted foreign threats. 

    Earlier directives, dating to Ronald Reagan’s presidency, treated terrorism as a global menace countered through military power and diplomacy. In the 1990s, the Clinton administration reframed it as a domestic challenge after the 1993 World Trade Center bombing and 1995 Oklahoma City bombing.

    After 9/11, the Bush administration fused counterterrorism with national defense through the global war on terrorism. The Obama administration later tried to narrow those powers, asking whether targeted individuals “pose a continuing, imminent threat to U.S. persons” — a standard focused on tactics and capture feasibility, not ideology. 

    The first Trump administration used a “travel ban” against several “terror-prone”countries, while President Joe Biden redirected focus toward weapons of mass destruction.

    Notably, the “domestic terrorist” label itself has rarely produced actual charges. The State Department designated four antifa-aligned groups as foreign terrorist organizations. But antifa is a decentralized movement, not a formal group with a roster. 

    This designation lacks any real legal weight because U.S. law has no formal domestic terrorist organization category. Creating one risks infringing on First Amendment protected speech. Domestic terrorism itself is not a chargeable offense. 

    Prosecutors have instead leaned on older statutes such as material support for terrorism and conspiracy laws, tools originally built for cases like the ones above, not protest movements.

    First Amendment rights at risk

    There is no single official definition of terrorism in U.S. law; definitions vary by purpose – criminal law, intelligence collection, civil liability.

    Definitions in all those areas typically focus on identifying violent or dangerous acts done with the intent to intimidate or coerce civilians or influence government policy. 

    But more than redefining terrorism, NSPM-7 reorients the machinery of national security toward the policing of belief.

    The First Amendment generally prevents the government from punishing people for unpopular opinions. It also protects the ability for people to associate to advance public and private ideas in pursuit of political, economic, religious or cultural goals. 

    The directive’s emphasis on ideological orientations – “anti-Christianity,” “anti-capitalism” and “anti-American” views – as indicators of domestic terrorism potentially jeopardizes First Amendment rights

    Thirty-one members of Congress sent a letter to Trump in October 2025expressing “serious concerns” about NSPM-7, warning that it poses “serious constitutional, statutory and civil liberties risks, especially if used to target political dissent, protest or ideological speech.” 

    As the ACLU warns, any definition of terrorism that includes ideological components risks criminalizing people or groups based on belief rather than based on violence or other criminal conduct. 

    Congress has declined to create a domestic complement to the foreign terrorist designation in large part because of the potential for impinging on First Amendment–protected association and speech. 

    But I fear that chilling speech may be the point.

    Silencing dissent

    NSPM-7 does not criminalize previously legal conduct.

    Rather, it states that the Trump administration will focus investigations around the identity and ideology of supposed perpetratorsPrioritizing investigations into this broad swath of ideologies serves to instill fear, silencing anti-fascist and other messages in opposition to the Trump administration.

    Law professor Steve Vladeck frames this chill as “obeying in advance,” in which organizations self-censor rather than risk investigation, prosecution or defending against the “domestic terrorist” label. Federal judges in the Prairieland case have shown little sympathy for that distinction: One judge described the protest itself as “an assault on democracy,” even for defendants who never touched a weapon.

    Although left-wing violence has risen in the past decade, empirical evidenceshows it remains far below historical levels of right-wing or jihadist violence. 

    Most domestic terrorists in the U.S. are politically on the right, accounting for the vast majority of domestic terrorism fatalities.

    Yet NSPM-7 focuses disproportionately on left-wing ideologies. NSPM-7 departs from prior U.S. counterterrorism frameworks by prioritizing the suppression of ideologically motivated dissent, even where, as in Minnesota, judges have already dismissed roughly half of similar federal cases for lack of evidence.

    This is an updated version of a story originally published December 3, 2025.

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶