News

gbhackers. com
gbhackers. com > jetbrains-patches-critical-hub-authentication-bypass

Jet Brains Patches Critical Hub Authentication Bypass and Account Takeover Vulnerabilities

5+ hour, 14+ min ago  (488+ words) Jet Brains has released patches for several critical vulnerabilities in Jet Brains Hub that could allow for full authentication bypass, account takeover, and unauthorized privilege escalation across integrated Jet Brains services. Administrators are urged to update their Hub instances immediately....

gbhackers. com
gbhackers. com > valleyrat-uses-rc4-encryption > amp

Valley RAT Uses RC4 Encryption, Donut Shellcode, and rundll32 Injection for Stealth

5+ hour, 45+ min ago  (535+ words) First named by Proofpoint in 2023, Valley RAT continues to evolve: Level Blue's telemetry shows a marked increase in successful detections beginning May 2025 and accelerating into 2026. The threat now presents through two primary vectors fake installers and malicious email campaigns each…...

gbhackers. com
gbhackers. com > jadepuffer-agentic-ransomware

JADEPUFFER Agentic Ransomware Uses LLM to Automate Database Extortion

7+ hour, 37+ min ago  (383+ words) The actor gained execution on an internet-facing Langflow instance via CVE-2025-3248, used the AI-host environment to harvest cloud and API credentials, and pivoted into a production My SQL/Nacos deployment to carry out a destructive, database-focused extortion playbook without a…...

Symbols: btc-usd,^n2250,eth-usd
Google News
gbhackers. com > ousaban-banking-trojan > amp

Hackers Use Geofenced Webpages to Deliver Ousaban Banking Trojan in Spain and Portugal

4+ hour, 59+ min ago  (546+ words) A targeted phishing campaign delivering the Ousaban banking Trojan to users in Spain and Portugal, notable for its use of geofenced webpages, layered evasion techniques, and a modular delivery chain. The threat actor repurposes a playbook seen previously in Brazil…...

gbhackers. com
gbhackers. com > phishing-campaign-uses-fake-invoice-pdf

Phishing Campaign Uses Fake Invoice PDF to Drop Async RAT, Venom RAT, and XWorm

3+ hour, 6+ min ago  (448+ words) A sophisticated phishing campaign that uses a fake invoice PDF to mask the delivery of multiple remote access trojans primarily Async RAT, but also Venom RAT and XWorm via layered shortcuts. Try Cloudflare quick tunnels, and disguised Python packages. The…...

Symbols: cert-ua
gbhackers. com
gbhackers. com > lshiy-password-spray-attack-hits-microsoft-365-accounts > amp

LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts

9+ hour, 29+ min ago  (617+ words) A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million login attempts. This campaign has led to at least 78 confirmed account compromises across 64 organizations between June 12 and June 26, 2026. According to…...

gbhackers. com
gbhackers. com > scattered-spider-hacker-arrested-in-finland

Scattered Spider Hacker Arrested in Finland and Extradited to U. S. Over Cyber Intrusion Charges

10+ hour, 24+ min ago  (458+ words) U. S. authorities have announced federal charges against an alleged member of the notorious cybercriminal group Scattered Spider, following his arrest in Finland and extradition to the United States. The defendant, identified as 19-year-old Peter Stokes, a dual national of the U. S. and…...

gbhackers. com
gbhackers. com > browser-only-ransomware-uses-file-system > amp

Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation

9+ hour, 51+ min ago  (500+ words) A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level malicious ideas into operational attack chains without any native payload. The proof-of-concept leverages a social engineering…...

Symbols: btc-usd,^n2250,eth-usd
gbhackers. com
gbhackers. com > turning-indicators-into-intelligence-in-opencti-with-criminal-ip

Turning Indicators into Intelligence in Open CTI with Criminal IP

23+ hour, 27+ min ago  (307+ words) Torrance, California, USA, July 1st, 2026, Cyber Newswire Cyber threat intelligence becomes more valuable when indicators are enriched with context that supports investigation, correlation, and decision-making. Through the Criminal IP integration with Open CTI, security teams can transform IP addresses, domains, and…...

Symbols: btc-usd
gbhackers. com
gbhackers. com > rustduck-botnet-targets-iot-devices

New Rust Duck Botnet Targets Io T Devices and Servers With Weak Passwords and RCE Exploits

1+ day, 7+ hour ago  (331+ words) A sophisticated new botnet family dubbed Rust Duck emerged in early 2026, leveraging a two-stage Loader and Core architecture to compromise Io T devices, routers, and enterprise servers through brute-force credential attacks and remote code execution vulnerabilities. Rust Duck employs a…...