-
A new ClickFix scam tricks Windows users into running hidden commands that map hacker-controlled drives and load malware…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phase of the Iran war is unfolding in which ballistic missiles, drones, electronic warfare, and cyber operations are being deployed in parallel, with cyber activity increasingly tied to kinetic targeting, damage assessment, and strategic messaging. Iran’s leadership has framed retaliation as a duty following the death of Ayatollah Ali Khamenei, while President Donald […]
The post Iran Cyber Ops Merge With PsyOps and EW Amid Escalating Conflict appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Qualys Threat Research Unit (TRU) has disclosed a critical Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24.04 and later. Tracked as CVE-2026-3888, this high-severity flaw carries a CVSS v3.1 score of 7.8 and allows unprivileged local attackers to completely compromise the host system by escalating their privileges to full […]
The post Ubuntu Desktop Vulnerability Lets Attackers Escalate Privileges to Full Root Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly relying on social engineering rather than complex software vulnerabilities to breach corporate networks. In November 2025, Microsoft’s Detection and Response Team (DART) investigated a notable identity-first intrusion where attackers successfully used Microsoft Teams voice phishing (vishing) to compromise a corporate device via Quick Assist. This incident, detailed in Microsoft’s latest Cyberattack […]
The post Microsoft Teams-Based Vishing Attack Tricks Victims Into Quick Assist Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Large‑scale campaigns abusing GitHub and Reddit to spread Vidar Stealer 2.0 through fake “free game cheats,” targeting players of popular online titles across the board. The operation shows how the takedown of other infostealers has shifted criminal demand toward Vidar, while gaming communities remain a lucrative and under‑reported target. Attackers hide download links behind images […]
The post Vidar Stealer 2.0 Spreads via Fake Game Cheats Shared on GitHub and Reddit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level. Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system. “This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Boggy Serpens, also known as MuddyWater, has escalated its cyberespionage operations over the past year, focusing on diplomats and critical infrastructure organizations in a coordinated, multi-wave campaign. Boggy Serpens has moved beyond its earlier noisy, high-volume phishing style to prioritize persistence and stealth in campaigns across the Middle East, Europe, the Caucasus, Central and Western […]
The post Boggy Serpens Hits Diplomats, Critical Infrastructure in Espionage Waves appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage servers to unauthorized directory modification and deletion. Tracked as CVE-2026-3864 with a medium-severity CVSS v3.1 score of 6.5, this vulnerability was discovered by SentinelOne researcher Shaul Ben Hai. The flaw impacts all versions of the […]
The post New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at MDSec have disclosed a newly patched Elevation of Privilege vulnerability in Microsoft Windows, known as “RegPwn”. Tracked as CVE-2026-24291, this flaw allows a low-privileged user to gain full SYSTEM access by exploiting how Windows handles registry configurations for its built-in Accessibility features. Windows Accessibility features, such as the On-Screen Keyboard and Narrator, run […]
The post Researchers Disclose ‘RegPwn,’ a Windows Registry Weakness Allowing SYSTEM Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit’s Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted web content. The
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
