News Feed imported from gbhackers.
GBHackers Security | #1 Globally Trusted Cyber Security News Platform GBhackers Offering Exclusive Cyber Security News Coverage, New Research papers & Technology Updates.
- LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access
by Eswar on May 23, 2026 at 9:17 AMA critical zero-day privilege escalation vulnerability in the LiteSpeed User-End cPanel plugin is being actively exploited in the wild, enabling any authenticated cPanel user to execute arbitrary scripts as root and gain full server control. Tracked as CVE-2026-48172 with a maximum CVSS score of 10.0, the flaw has been patched as of May 21, 2026. The root cause is a logic The post LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
- Ubiquiti Patches Critical UniFi OS Privilege Escalation Flawsby Eswar on May 23, 2026 at 8:44 AM
Ubiquiti has released urgent security patches for five critical and high-severity vulnerabilities across its UniFi OS platform, addressing flaws that could allow remote attackers to execute arbitrary commands and escalate privileges on a wide range of UniFi devices. The flaws also span improper access control and path traversal, affecting a broad range of UniFi OS The post Ubiquiti Patches Critical UniFi OS Privilege Escalation Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
- Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installersby Eswar on May 23, 2026 at 8:13 AM
Financially motivated threat actors are running an active campaign that impersonates Google’s Gemini CLI and Anthropic’s Claude Code, using SEO poisoning to deliver a fileless PowerShell infostealer to developer workstations worldwide. First identified in early March 2026 by EclecticIQ researchers, the campaign represents a calculated escalation in supply-chain-focused eCrime targeting AI developer tooling. The infection The post Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
- Hackers Compromise Laravel-Lang Packages via 700 GitHub Reposby Eswar on May 23, 2026 at 7:22 AM
A sophisticated and active supply chain attack has struck the Laravel-Lang open-source organization, compromising over 700 historical package versions across four widely used PHP localization repositories. The attack, detected on May 22, 2026, and reported by both Aikido Security and the Socket Research Team, introduces a fully functional remote code execution (RCE) backdoor that executes automatically via Composer’s The post Hackers Compromise Laravel-Lang Packages via 700 GitHub Repos appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
- Claude Mythos Preview Discovers 10,000+ 0-Days in Glasswingby Eswar on May 23, 2026 at 5:54 AM
Anthropic has published an update on Project Glasswing, its collaborative AI-powered vulnerability discovery initiative launched last month, revealing that Claude Mythos, the company’s most capable and tightly restricted model, has already surfaced more than 10,000 high- or critical-severity zero-day vulnerabilities across the world’s most systemically important software. The findings represent one of the most significant The post Claude Mythos Preview Discovers 10,000+ 0-Days in Glasswing appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
