-
·
A new phishing campaign is spreading XWorm 7.2 via malicious Excel files, hiding the malware in Windows processes, and using AES encryption to steal passwords and Wi-Fi keys.¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New phishing framework Starkiller is enabling more convincing, scalable credential theft by proxying real login pages and bypassing multi-factor authentication (MFA), significantly raising the bar for defenders. Traditional phishing kits typically serve static HTML clones of popular login portals, which quickly become outdated when brands update their interfaces, creating telltale visual discrepancies. Starkiller takes a […]
The post Starkiller Phishing Kit Clones Real Login Pages to Evade MFA Protections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft. The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious code embedded
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A General Atomics MQ-20 drone took orders from an F-22 pilot during a recent mock mission that demonstrated robot-wingman concepts, company officials said in a Monday statement.
During a test flight earlier this month at Edwards Air Force Base in California, the pilot used Autonodyne’s Bashi pilot-vehicle interface to order the autonomous drone to “execute tactical maneuvers,” move waypoints, conduct combat patrols, and take on “threat engagement tasks,” the statement said.
“We appreciate the flawless execution of this mission using the government’s advanced autonomous systems,” said GA-ASI President David R. Alexander. “This demo featured the integration of mission elements and the ability of autonomy to utilize onboard sensors to make independent decisions and execute commands from the F-22.”
The flight followed a November demo in which an F-22 pilot used a tablet to control an MQ-20 using L3Harris datalinks and software radios with Lockheed Martin’s open radio architectures.
General Atomics, Anduril, and Northrop Grumman are all in the running to build the Air Force’s first collaborative combat aircraft. Earlier this month, the service announced that it had used the government-owned Autonomy Government Reference Architecture, or A-GRA, to integrate RTX Collins software aboard General Atomics’ YFQ-42 CCA aircraft and Shield AI’s technology on Anduril's YFQ-44 CCA.
General Atomics has since said it had logged another semi-autonomous flight on its YFQ-42 drone wingman with RTX Collins’ autonomy software onboard. Anduril and Shield AI, as of last week, had not had a joint CCA flight together. Northrop plans a first flight for its drone wingman this year.
In a separate Monday statement, General Atomics said it had given the name “Dark Merlin” to the YFQ-42—a reference, it said, to deadly falcons and “the wizardry of Merlin from Arthurian legend.”
Anduril, whose company takes its name from a sword from J.R.R. Tolkien's “The Lord of The Rings” fantasy books, calls its CCA offering “Fury”—the original name given to the aircraft by Blue Force Technologies, which was acquired by Anduril in 2023. Northrop’s “Project Talon” CCA is reportedly a nod to the Air Force’s T-38 trainer.
“Dark merlins are hunting machines, built for speed and aerodynamics,” Alexander said in an emailed statement. “They harass other falcons for fun, and they eat what they kill. The name sums up our new uncrewed fighter perfectly.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in Roundcube Webmail. These vulnerabilities, CVE-2025-49113 and CVE-2025-68461, are being actively exploited by threat actors. Roundcube, a popular open-source webmail client used by organizations worldwide, now faces heightened risks as attackers target […]
The post CISA Warns of Actively Exploited Roundcube Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious security flaw in jsPDF, a widely used JavaScript library for generating PDFs in web browsers, puts millions of developers and their users at risk. CVE-2026-25755 allows attackers to perform PDF Object Injection through the library’s addJS method. This vulnerability affects countless web applications that rely on jsPDF to create dynamic PDF documents from […]
The post jsPDF Flaw Exposes Millions of Developers to Object Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hewlett Packard Enterprise (HPE) has issued a security bulletin warning customers of a serious vulnerability in its Telco Service Activator product that could allow attackers to remotely bypass access restrictions. The vulnerability, identified as CVE-2025-12543, carries a CVSS base score of 9.6 (Critical) and affects versions prior to 10.5.0. This improper input validation could enable attackers to manipulate the server’s handling […]
The post HPE Telco Service Activator Vulnerability Allows Attackers to Bypass Access Controls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and individuals mainly located across the Middle East and North Africa (MENA) region as part of a new campaign codenamed Operation Olalampo. The activity, first observed on January 26, 2026, has resulted in the deployment of new malware families that share
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean state-backed hackers are running large-scale fake IT worker and “Contagious Interview” campaigns that abuse developer hiring workflows to deliver JavaScript-based malware, steal code and credentials, and covertly generate revenue for the regime. Since at least 2022, North Korean threat actors have impersonated recruiters and hiring managers, luring software developers into executing booby-trapped code […]
The post North Korean Hackers Exploit Fake IT Worker Schemes and Malicious Interview Lures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DPRK-linked operators are maintaining a relentless focus on the crypto sector, with activity accelerating rather than slowing in the year since the record-breaking Bybit breach. On 21 February 2025, threat actors linked to North Korea stole around 1.46 billion dollars in cryptoassets from Dubai-based exchange Bybit, in what remains the largest confirmed crypto theft to date. By […]
The post DPRK-Linked Hackers Continue Aggressive Crypto Attacks One Year After Bybit Breach appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
