-
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26 countries,
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A deceptive website is circulating online that claims to offer an official “Notepad++ for Mac” download, and it has already misled some users and even tech media outlets into believing that Notepad++ has finally launched a native macOS version. The site operates under the domain notepad-plus-plus-mac[.]org. It is branded to look like an official extension […]
The post Fake “Notepad++ for Mac” Site May Pose Malware Risk for Mac Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new security finding reveals that Microsoft Edge loads every saved password into its process memory as cleartext the moment the browser launches. Even more surprising to security professionals is Microsoft’s official response to the disclosure, which states that this insecure behavior is entirely “by design.” How the Memory Flaw Works According to a recent […]
The post Microsoft Edge Found Storing Saved Passwords in Cleartext Memory at Startup appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Apache Software Foundation has released an urgent security update for the Apache HTTP Server to patch a severe vulnerability. Tracked as CVE-2026-23918, this flaw could allow attackers to execute malicious code remotely on affected web servers, putting millions of websites at risk. Understanding the Vulnerability The newly discovered security flaw is classified as a […]
The post Apache HTTP Server Vulnerability Exposes Millions to Remote Code Execution Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
pnpm 11 has been released with a strong focus on reducing software supply chain risk, introducing security-first defaults that directly address modern package ecosystem threats. The most significant change in pnpm 11 is the introduction of a default Minimum Release Age of 24 hours (1440 minutes). This means newly published package versions are not eligible […]
The post pnpm 11 Enables Default Release-Age Guard to Curb npm Supply Chain Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DigiCert, a major Certificate Authority, recently suffered a significant security breach where hackers used a malicious screensaver file to steal 60 Extended Validation (EV) Code Signing certificates. These highly trusted certificates were subsequently used to sign the “Zhong Stealer” malware, allowing the malicious files to bypass security warnings by appearing as legitimate software. The incident […]
The post DigiCert Hacked in Screensaver-Based Attack to Fraudulently Obtain EV Code Signing Certificates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two requests to industry may help the Pentagon address one of the emerging challenges of warfare: enabling a relatively small number of human operators to direct a far larger number of robots.
The Materials for Physical Compute in Untethered Robotics effort seeks to make autonomous systems more intelligent, while Decentralized Artificial Intelligence through Controlled Emergence aims to help robots form teams and carry out missions. These DARPA projects may feed ideas to the Defense Autonomous Working Group, the lead Pentagon office for drone warfare, whose budget would soar from $226 million this year to $54 billion under the new 2027 spending proposal.
Much of that huge sum will be wasted if the military spends it before establishing a clear understanding of how operators will buy, train on, use, and maintain autonomous weapons, according to a recent commentary piece by David Petraeus, the retired Army general and former CIA director, and scholar Isaac Flanagan. Writing for The Hill, they argue that the lack of such understanding constrained the use of drones during the past decade of U.S. wars in the Middle East.
“Each Predator combat air patrol of continuous surveillance required nearly 150 personnel,” they write. “As demand for drone coverage surged, the limiting factor was not the number of aircraft but of the trained personnel and the organizational structure to enable them.”
Until the military fixes this, they write, any new drone is “not a weapons system at all—it is an asset on a spreadsheet.”
The new DARPA efforts aim to help change that.
Materials for Physical Compute in Untethered Robotics seeks to help robots think and reason without relying on connections to vulnerable data centers and without using valuable battery life to upload video and receive commands. Even the most advanced robotics “still require constant internal data processing, with either the end-users or data centers, creating delayed actions through latency and consuming power for data transmission,” the request for information says.
The RFI also urges industry to move beyond the conception of autonomous systems as assemblages of wire, metal frames, and motors. This mindset has been “yielding a robot with small behavior diversity. Therefore, current robot capabilities are limited in ever-changing and contact-rich environments.” It seeks new concepts at the “material, component, and kernel level”—down to chemistry and physics—that can change the very nature of machine intelligence.
DICE aims to enable machines to talk and collaborate with each other, to “dynamically form teams using peer-to-peer coordination to execute complex missions.”
The two DARPA projects are hardly the Pentagon’s only efforts to answer fundamental questions about robots. A contest run by DIU, the Defense Department’s innovation arm, seeks ways to control drones with plain language commands, as one might direct a soldier or a large-language-model tool.
The problem that Petraeus and Flanagan discuss is not as simple as it seems. Technology is moving faster than doctrine. So should doctrine come first? Or the other way around?
U.S. Southern Command is moving to answer that sort of question. Last week, Gen. Frank Donovan announced the SOUTHCOM Autonomous Warfare Command to “maximize the efficient fielding of autonomous systems.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two B-52 bombers will head back to their manufacturer for new engines this year, kicking off a long-awaited upgrade meant to help keep flying the Stratofortress until nearly their 100th birthday.
On Monday, Air Force officials announced that the Commercial Engine Replacement Program had passed a critical design review originally scheduled for 2023. That clears Boeing to begin replacing the B-52’s 1960s-era Pratt & Whitney TF33-PW-103 engines with new Rolls-Royce F130s.
The first re-engined B-52s will be tested at Edwards Air Force Base, California, before the go-ahead is given for the rest of the fleet. As the 76 B-52H bombers receive their new powerplants and a radar upgrade, they will be redesignated B-52Js.
“Boeing, the prime contractor for integration, is procuring and manufacturing parts, and will begin modifying the first two B-52H aircraft into the B-52J configuration at its facility in San Antonio, Texas,” the Air Force said in a press release. “The first bomber is scheduled to arrive for modification later this year.”
In 2021, the Air Force awarded Rolls Royce a $2.6 billion contract to build the F130 engines, which passed their own critical design review in late 2024 and completed operability and altitude testing in February, Defense One first reported.
The B-52 upgrade plan received heavy scrutiny last year after Boeing was blamed for F130 integration problems and after radar-upgrade costs triggered a Nunn-McCurdy Act breach.
“This CERP critical design review is the culmination of an enormous amount of engineering and integration work from Boeing, Rolls Royce, and the Air Force that will enable the B-52J to remain in the fight for future generations,” Lt. Col. Tim Cleaver, the CERP program manager, said in the news release.
Air Force officials view the engine upgrades as “crucial for keeping the B-52 Stratofortress a formidable asset in the nation’s long range strike arsenal through 2050 and beyond,” the news release said. The B-52, which entered service in 1955, has flown missions ever since—most recently in the war on Iran.
The Air Force is developing the next-generation B-21 bomber to replace its B-1s and B-2—but not its B-52s. Even defense experts who want the service to double its planned purchase of 100 B-21s agree that the B-52 will remain relevant.
“A future force of 200 B-21s combined with remaining B-52s would more than double the Air Force’s current longrange strike sortie capacity,” a February report from the Mitchell Institute for Aerospace Studies said. “Since more than 70 percent of this force mix would consist of stealthy B-21s, it would also restore the Air Force’s historical capacity to penetrate the most challenging air defenses to deny sanctuaries and attack an adversary’s centers of gravity.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Pentagon is using the Navy’s EA-18G Growlers more than ever in the war on Iran, suggesting more development and a bigger role for aerial electronic attack are on the way.
Flying from the carriers Abraham Lincoln and USS Gerald R. Ford, the Growlers have used jammers and missiles to confuse, suppress, and destroy communications and radar systems and surface-to-air missile batteries.
They were also key to January's seizure of Venezuelan President Nicolas Maduro, when they suppressed and destroyed Russian and Chinese-derived air defenses and other infrastructure to allow the abduction team to reach their Caracas target with virtually no resistance. As usual in these types of operations, Venezuelan air defense operators learned of the attack only when their radar screens went dark.
Development of the electronic warfare variant of the F/A-18F began in earnest in late 2003, when Super Hornet maker Boeing received the system development and demonstration contract. The first Growler was delivered on schedule in 2006. The Navy, which originally planned to buy 90 Growlers, increased its buy to 114, then 135, then 160. The last of the aircraft was delivered in 2018.
Plans call for developing the heart of the aircraft’s electronic attack, the ALQ-249 Next-Generation Jammer pod, in three variants: Increment 1 (Mid-Band), Increment 2 (Low-Band), and Increment 3 (High-Band).
In 2023, Mid-Band prime contractor Raytheon received a $650.4 million contract to make Lot III NGJ-MBs, including a low-rate initial production order for 15 pairs of the pods—including four pairs for the Royal Australian Air Force, which operates a dozen Growlers. Two years later, Raytheon received a three-year, $580 million contract to continue production, including covering pods, spare parts, and support equipment, for the two operators.
Work on development of the Low-Band version is moving ahead. In 2020, L3Harris won a $495.5 million contract award to make and deliver 10 NGJ-LB pod simulators, eight operational prototype pods, four jettison mass model pods, two captive mass models, and other support systems. The company received a further $587.3 million for Low-Band development in 2024. Last year, L3Harris hired Honeywell for undisclosed help in developing the Low-Band variant.
Two months ago, the Navy awarded Boeing a four-year, $489.3 million order for jamming upgrades: four ALQ-264(V) Beowulf A-Kits, four Gunbay Pallet A-Kits, 12 Beowulf B-Kits, 15 sensor control unit B-Kits, and nine power control unit B-Kits, as well as various support equipment.
AI and machine-learning algorithms are said to be a growing element of the aircraft’s electronic attack, enabling faster analysis of hostile signals and production of tailored noise to degrade enemy air defenses. The aircraft’s active electronically scanned arrays, powered by gallium nitride transmitters, can shoot precise, high-powered beams of electronic noise at several targets at once.
The Navy has already spent more than $5 billion to develop the NGJ. The new budget proposal requests $428.6 million for fiscal 2027.
Australia is also working on upgrades for its Growlers. In February 2023, Project AIR 5349 Phase 6 – Advanced Growler awarded CEA Technologies, an Australian radar company, a $277 million contract to improve some fixed and portable emitters.
Andrew Dardine is lead analyst for Forecast International's Defense Electronic Systems group.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An active phishing campaign has been observed targeting multiple vectors since at least April 2025, with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts. The activity, codenamed VENOMOUS#HELPER, has impacted over 80 organizations, most of which are in the U.S., according to Securonix. It shares overlaps with clusters
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
