-
Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt — and how fast attackers try to stay ahead. This week’s recap brings you the
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A previously unknown threat actor calling itself Punishing Owl has claimed responsibility for breaching a Russian government security agency, marking the emergence of what cybersecurity researchers believe is a new politically motivated hacktivist collective. The attack demonstrated sophisticated operational security capabilities beyond typical data exfiltration campaigns. On the same day as the breach announcement, Punishing […]
The post New “Punishing Owl” Hacker Group Targets Networks Linked to Russian Security Agency appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done. The challenge is that many security tools add complexity and cost that most mid-market businesses
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft disclosed a critical zero-day vulnerability in Office products on January 26, 2026, tracked as CVE-2026-21509, with active exploitation in the wild confirmed. The vulnerability enables attackers to deploy sophisticated malware through malicious document files, targeting government organizations and critical infrastructure. Indicator Type Value CVE CVE-2026-21509 Malicious Domains freefoodaid[.]com, wellnesscaremed[.]com, wellnessmedcare[.]org C2 Infrastructure *.filen.net, *.filen.io […]
The post Zero-Day in Microsoft Office Enables Stealthy Malware Infections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated multi-stage malware campaign leveraging living-off-the-land techniques and in-memory payload delivery has been discovered targeting Windows systems. The attack employs Pulsar RAT, a full-featured remote access trojan combined with advanced stealer capabilities, using evasion techniques designed to bypass traditional security controls and maintain persistent access. The infection chain begins with a hidden batch file […]
The post Pulsar RAT Targets Windows Systems via Per-User Run Key, Exfiltrates Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As of February 2026, enterprise defenders are no longer just battling human-operated ransomware groups or credential thieves. The frontline has shifted to a new class of threat: autonomous AI agents that plan, execute, adapt, and even reinvest their own criminal profits without direct human oversight. The convergence of OpenClaw (local runtime), Moltbook (agent collaboration network), […]
The post Cybercrime Enters a New Era as Autonomous AI Agents Take Center Stage appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead. “The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org,” developer Don Ho said. “The compromise occurred at the hosting
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls. Recent research reveals that opportunistic threat actors are leveraging automated scripts to wipe databases and demand Bitcoin ransoms, turning configuration negligence into a scalable extortion operation. Attack Resurfaces After Years […]
The post Hackers Target MongoDB Instances to Delete Databases and Plant Ransom Notes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated JScript-based command-and-control framework, PeckBirdy, since 2023, exploiting living-off-the-land binaries (LOLBins) to deliver modular backdoors across diverse execution environments. The framework has been observed in two coordinated campaigns, SHADOW-VOID-044 and SHADOW-EARTH-045, targeting Chinese gambling industries, Asian government entities, and private organizations with advanced malware, including HOLODONUT and MKDOOR backdoors. PeckBirdy distinguishes itself through its […]
The post PeckBirdy Hackers Abuse LOLBins Across Environments to Deploy Advanced Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Notepad++ fell victim to a sophisticated supply chain attack orchestrated by state-sponsored threat actors who compromised its update infrastructure over a six-month campaign. Security experts have attributed the attack to a Chinese state-backed group based on the highly selective targeting and technical sophistication demonstrated throughout the incident. Attack Timeline and Scope The compromise began in […]
The post Notepad++ Users Targeted After State-Backed Attackers Hijack Update Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
