Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took credit.

Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report. This is the first time credential theft has been knocked off the top spot in the report’s 19-year history, the company noted. Known initial access vectors over time (Source: Verizon 2026 DBIR) What is Verizon DBIR? Published annually, Verizon’s DBIR is based on the analysis of real-world data … More →

The post Verizon DBIR: Vulnerability exploitation is the dominant initial access vector appeared first on Help Net Security.

Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from […]

The post Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Having receive a ransom payment for its attack on Canvas, ShinyHunters and other extortion gangs are only likely to be further incentivised to launch similar attacks in future. Read more in my article on the Hot for Security blog.

Verizon DBIR finds 31% of data breaches began with software flaws last year

Hackers are actively targeting Windows users with fake Indian Income Tax assessment pages in a campaign tracked as TAX#TRIDENT. The campaign begins with fraudulent tax assessment or penalty pages designed to create urgency. Victims are prompted to download what appears to be an official document, often packaged as a ZIP archive. Once opened, the archive […]

The post Fake Tax Assessment Pages Spread Windows Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.