-
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google’s DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT. “Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick, a legitimate Google-owned domain that many security tools are less likely to treat as
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps. Any other app on the same phone could ask for the signed-in user’s token and get it, then read email, open files, browse the calendar, and send messages as that user. No password, no login screen, no permission prompt.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases. Tracked as CVE-2026-23479, the flaw was introduced in Redis 7.2.0 and remained in every stable branch until the May 5 fixes, unnoticed for over two years.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware campaigns.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale smishing and phishing campaign argeting mobile users worldwide by impersonating more than 260 brands across 72 countries, leveraging a sophisticated evasion technique built around fake Cloudflare “Error 524” pages. Active since the second half of 2025, the operation primarily focuses on Latin America but has expanded into Europe, APAC, and North America, highlighting […]
The post Error 524 Decoy Campaign Uses Brand Impersonation to Phish Mobile Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub token. “Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones,” security researcher Ammar Askar said. GitHub supports a feature called GitHub.dev that runs as
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly analyzed leak tied to The Gentlemen ransomware group reveals how modern ransomware operations are evolving in structure and tooling while relying on the same proven intrusion techniques seen over the past four years. The leak also highlights operator continuity across major ransomware brands. A threat actor known as “Tinker” appears across Conti (2022), […]
The post Gentlemen Ransomware Exploits Fortinet Flaws, AI, and Custom C2 Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Jun. 3, 2026– Read the full story from Bright Defense
Ransomware has existed for more than 35 years and remains the fastest-growing category of cybercrime, showing no signs of slowing down, according to Cybersecurity Ventures, who predicts that the global cost of ransomware will reach $275 billion annually by 2031, highlighting the escalating financial toll of this long-running cyber threat.
The total estimated damage costs include not only ransom payments and negotiation expenses, but also the damage or destruction of data, theft of money, operational downtime, and lost productivity.
Los Angeles-based cybersecurity company Bright Defense has updated its list of 500 ransomware statistics for 2026, containing data from trusted industry leaders. The list culls through ransomware facts, predictions and statistics from 2024 to present, and the sources are mainly cybersecurity vendors.
One figure that jumped out to the editors at Cybercrime Magazine: 29 percent of ransom-paying organizations in 2025 paid exactly the amount first demanded, and 18 percent of ransom-paying organizations in 2025 ended up paying more than the original demand, according to the Sophos State of Ransomware 2025.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post 500 Ransomware Statistics For 2026 appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in the Kirki – Freeform Page Builder, Website Builder & Customizer WordPress plugin is exposing sites to account takeover and privilege escalation attacks, with roughly 150,000 estimated to be running vulnerable versions introduced in the 6.0 release. Tracked as CVE-2026-8206 and rated 9.8 (Critical), the bug affects Kirki versions 6.0.0 through […]
The post WordPress Plugin Flaw Opens Door to Privilege Escalation Attacks Across 500,000+ Sites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Expiring Microsoft Secure Boot keys will not brick unmigrated systems on June 27, 2026. However, they will silently freeze DB/DBX updates and lock affected Windows and Linux fleets out of future boot‑level protections. On June 27, 2026, the Microsoft Corporation KEK CA 2011 used to authorize DB/DBX updates via Windows Update reaches its end of […]
The post Expiring Microsoft Secure Boot Keys May Block DBX Updates on Legacy Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
