gbhackers. News Feed

A newly discovered phishing kit called “Bluekit” is reshaping how cybercriminals run phishing campaigns by combining multiple attack stages into a single, centralized platform. Instead, Bluekit integrates these capabilities into one operator panel, streamlining the entire attack lifecycle from setup to data exfiltration. This shift reflects a broader trend toward automation and ease of use The post Bluekit Phishing Kit Streamlines Domains, 2FA Lures, and Session Hijacking appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Artificial intelligence models are integrated into countless enterprise applications, but knowing exactly where these models come from remains a major security hurdle. Cisco recently launched the Model Provenance Kit, an open-source tool for tracing the exact lineage of AI models. This release aims to bring transparency to complex AI supply chains and help organizations meet The post Cisco Launches AI Provenance Tool to Strengthen Security and Compliance appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Instructure, the educational technology company behind the widely used Canvas Learning Management System (LMS), has officially confirmed a major data breach. This confirmation directly follows recent claims made by the notorious threat actor group known as ShinyHunters. Canvas is a critical platform for thousands of universities and K-12 schools, making this breach a significant concern The post Canvas Confirms Data Breach Following ShinyHunters Claim appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A malicious npm package named “tanstack” has been discovered deploying a stealthy data exfiltration campaign, targeting developers through a deceptive naming strategy and a hidden postinstall script. The package, impersonating the well-known TanStack ecosystem, was weaponized to steal sensitive environment files immediately after installation. The attacker registered the unscoped tanstack package name on npm, exploiting confusion with the legitimate @tanstack organization, The post Malicious TanStack Package Abuses Postinstall Script to Steal Developer Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New research has uncovered a Mirai-derived botnet called xlabs_v1 that turns Android devices with exposed Android Debug Bridge (ADB) into a distributed attack platform for knocking Minecraft servers and other game hosts offline. By abusing TCP port 5555 on poorly secured Android-based hardware, the operators are quietly building a rentable DDoS-for-hire service aimed at the gaming ecosystem. The post Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.