soc

A large-scale phishing campaign is actively targeting developers on GitHub by abusing the platform’s Discussions feature to distribute fake Visual Studio Code (VS Code) security alerts. The campaign appears highly coordinated, with thousands of near-identical posts discovered across multiple repositories, indicating automated mass exploitation rather than isolated abuse. Attackers are creating GitHub Discussions with alarming […]

The post Fake VS Code Security Alerts on GitHub Spread Malware in Massive Phishing Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco has released critical security updates to address a maximum-severity vulnerability affecting its Secure Firewall Management Center (FMC) Software. Tracked under the identifier CVE-2026-20131, this flaw carries a perfect CVSS base score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code. The situation is particularly urgent as the company has confirmed that threat […]

The post Cisco Secure Firewall Vulnerability Exposes Systems to Remote Code Execution by Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Node.js project issued a critical security update for its Long-Term Support (LTS) branch, marking version 20.20.2 ‘Iron’ as a security release. This urgent patch addresses seven distinct vulnerabilities impacting TLS error handling, HTTP/2 flow control, cryptographic timing, and permission models. Several of these issues can be exploited remotely without authentication, posing an immediate risk […]

The post Node.js Releases Urgent Patches for Multiple Vulnerabilities Exposing Systems to DoS and Crashes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The startup will invest in product development and go-to-market efforts as it expands into new sectors.

The post Onit Security Raises $11 Million for Exposure Management Platform appeared first on SecurityWeek.

San Francisco, USA, March 25th, 2026, CyberNewswire Cybersecurity Insiders today announced the winners of the 2026 Cybersecurity Excellence Awards during RSA Conference, recognizing leading cybersecurity companies, products, and professionals. This year’s defining theme was AI security, drawing more nominations and more intense competition than any other, with entries spanning AI governance, agentic security, runtime protection, […]

The post 2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ilya Angelov was a member of the cybercrime group tracked as TA-551, Shathak, Gold Cabin, Monster Libra, and ATK236.

The post Russian Cybercriminal Gets 2-Year Prison Sentence in US  appeared first on SecurityWeek.

PwC finds AI is amplifying speed and scale of attacks, as identity theft evolves into a cybercriminal supply chain.

The post AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link appeared first on SecurityWeek.

China-linked threat actors have been identified targeting Southeast Asian military networks in a long-running cyber espionage campaign focused on intelligence collection and operational surveillance. The activity, tracked as CL-STA-1087, demonstrates a highly disciplined approach that combines custom malware, stealth techniques, and long-term persistence. Rather than large-scale data theft, the attackers focus on high-value intelligence such […]

The post China-Backed Hackers Target Southeast Asian Military Systems in Ongoing Spy Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Apple released security fixes for older devices as well, in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5.

The post iOS, macOS 26.4 Roll Out With Fresh Security Patches appeared first on SecurityWeek.

TeamPCP’s Checkmarx GitHub Actions Attack: What You Need to Know A supply chain incident becomes far more dangerous when it stops looking like a single breach and starts behaving like a multiplier. That is what made the TeamPCP campaign stand out in March 2026. The compromise of Checkmarx GitHub Actions and developer tooling became one […]