Geek-Guy.com

Author: admin

AI, Exploits, Global Security News

Tennessee man linked to 764 accused of series of crimes against children dating back to 2022

A Tennessee man accused of abusing and sexually exploiting children while actively participating in 764, a sprawling online nihilistic violent extremist collective affiliated with The Com, pleaded not guilty Thursday to a series of charges that could keep him locked up for 50 years. Zachary Sweeney has allegedly victimized multiple children, on numerous occasions grooming…

Read more →

AI, Cybersecurity, Global Security News

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant’s implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique has been codenamed ChatGPhish by Permiso Security. “The chatgpt.com response renderer trusts Markdown links and Markdown

Read more →

AI, Compliance, Europe, Global Security News, Government & Policy, malware, Risk Management

AI in the UK: Driving Innovation Without Expanding Cyber Risk

Written by Sean Tilley, Senior Sales Director EMEA at 11:11 Systems  Artificial intelligence is no longer a future ambition for UK organisations. It is already shaping how decisions are made, how services are delivered, and how quickly businesses can respond to change. From automation and analytics to customer engagement and operational optimisation, AI is becoming an integral part of…

Read more →

AI, Apps, Compliance, Europe, Global Security News

Open source Euro-Office productivity suite to launch June 9

The Euro-Office open source productivity app suite will be available with the first stable release of the software on June 9.  Euro-Office was unveiled in March with the aim of providing a modern, open source alternative to Microsoft and Google software for European organizations increasingly wary of a dependence on US-based suppliers.  Euro-Office consists of…

Read more →

AI, Cybersecurity, Europe, Funding, Global Security News, Government & Policy

Federal audit reveals NIST’s NVD is plagued by poor planning and duplication

A Department of Commerce inspector general report released Thursday found that the National Institute of Standards and Technology has mismanaged a critical cybersecurity vulnerability database through poor planning, inefficient operations, duplicate federal programs, and failure to communicate with users. The National Vulnerability Database, maintained by NIST since 2005, collects information about computer security flaws and…

Read more →

AI, APAC, Compliance, Cybersecurity, Global Security News, Government & Policy, Risk Management

AI Growth Exposes Gaps in Governance and Readiness 

Artificial intelligence (AI) adoption continues to grow across industries, but new research from Veeam suggests many organizations are still working through the governance, security, and operational challenges associated with deploying AI at scale. The study, which surveyed 300 technology and business leaders across financial services, healthcare, government, manufacturing, and technology sectors, found that 95% of…

Read more →

AI, Apps, Global Security News, Network Security

Certifiably random: Swiss researchers claim perfect random number source

Researchers in Switzerland claim to have built a perfect random number generator from two quantum superconducting chips, a 30-meter-long pipe, and some software. The resulting device could be used to generate cryptographic keys, or to offer a “public randomness service” for lotteries or blockchain applications, they say. They’re not the first to make the claim.…

Read more →

AI, Apps, Global Security News, Network Security

Certifiably random: Swiss researchers claim perfect random number source

Researchers in Switzerland claim to have built a perfect random number generator from two quantum superconducting chips, a 30-meter-long pipe, and some software. The resulting device could be used to generate cryptographic keys, or to offer a “public randomness service” for lotteries or blockchain applications, they say. They’re not the first to make the claim.…

Read more →

AI, Exploits, Global Security News, Network Security

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability. “The attacker compromised an internet-reachable Marimo notebook via CVE-2026-39987, extracted two cloud credentials from the compromised

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Carnival Data Breach Impacts Nearly 6 Million Customers

A data breach at Carnival Corporation has exposed the personal information of nearly six million individuals, showing the continued effectiveness of social engineering attacks against large enterprises.  The company confirmed that threat actors gained access to portions of its network in Apr. 2026, resulting in the theft of customer data. “On April 14, 2026, the…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, privacy, Risk Management

AI Threats, Data Breaches, and Supply Chain Risks Define This Week of May 2026 in Cybersecurity

Major Threats & Vulnerabilities Data Breaches and Credential Exposures The hacking group ShinyHunters claims responsibility for stealing over 42 million customer records from Charter Communications. The alleged breach, conducted through social engineering and Microsoft Entra compromise, is under investigation. Organizations are urged to review MFA enforcement and monitor SaaS environments for suspicious activity. Read more…

Read more →

Endpoint, Exploits, Global Security News

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” Arctic Wold researchers noted. About CVE-2026-35616 CVE-2026-35616 is an improper access control vulnerability vulnerability in FortiClient EMS,…

Read more →

AI, Global Security News, Russia

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone, with the activities aligning with Kremlin state interests, specifically when it comes to

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Russia

DIL Observatory: when the World Escalates, the Underground Responds

Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the connection between real-world events and cyber activity is no longer a theoretical framework. It is a documented pattern, traceable across months and geographies. This new…

Read more →

Apps, Global Security News

Websites can spy on user activity by analyzing SSD behavior

Websites have spent years collecting information about visitors through browser fingerprinting, tracking scripts, and other techniques designed to identify devices and monitor behavior. Researchers have demonstrated another method that relies on something most users would never expect a website to observe: activity on their SSD (Solid-State Drive), the storage device where applications and files are…

Read more →

AI, Exploits, Global Security News, Risk Management

Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.

A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild. Microsoft is angry. The researcher says Microsoft ignored them first. Over the past month, a researcher going by Chaotic Eclipse, also known as Nightmare-Eclipse, publicly released details of six unpatched vulnerabilities in Windows components including Defender and BitLocker. No…

Read more →

AI, Apps, china, Funding, Global Security News, Government & Policy, Politics, Venture

The Race to Build AI Data Centers — Before the People Can Protest

Shark Tank’s Kevin O’Leary has been making the media rounds defending the 40,000-acre data center project he’s backing in northern Utah. Dismissing residents’ concerns over the environmental impacts and water demands of the proposed project in the drought-stricken Great Salt Lake region, O’Leary has claimed protesters are “bused in,” “misinformed,” and alleged that China has…

Read more →

AI, Endpoint, Exploits, Global Security News, malware

Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems

Two arbitrary code execution vulnerabilities in Notepad++ let local attackers run commands of their choice on Windows machines by tampering with the editor’s XML configuration files, with both flaws rated High at CVSS 7.8. The flaws, tracked as CVE-2026-48778 and CVE-2026-48800, affect every version of the editor up to and including 8.9.6, Notepad++ said in…

Read more →

AI, Cybersecurity, Global Security News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil’s largest cooperative financial systems, to siphon client IDs and PFX certificates. According to Socket, versions 2.0.0 through 2.0.4 of “Sicoob.Sdk” contain functionality to exfiltrate sensitive information, including PFX certificates that are used to

Read more →

AI, Data Breaches, Europe, Global Security News, malware, Network Security, Risk Management

The Gentlemen are coming for your files, and then your network

Ransomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first. Microsoft’s recent warning of the Gentlemen ransomware revealed its operators using a self-propagating Go-based encryptor capable of moving laterally through compromised environments and deploying itself across additional systems. “Modern ransomware…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Cybersecurity trends in SEC filings

In 2023, the Securities and Exchange Commission (SEC) required public companies to include a new section in their 10-K annual filings that is devoted to cybersecurity. This section is meant to address “cybersecurity risk management, strategy, governance and incidents.” I got curious as to what senior cybersecurity executives are conveying about their companies in these…

Read more →

Compliance, Global Security News, Network Security

Netskope extends data localization capabilities with NewEdge updates

Netskope has enhanced its NewEdge Network infrastructure, expanding data sovereignty capabilities to more regions than any other SASE cloud provider. The NewEdge Network architecture provides national data localization features that address requirements for network transport, data processing, and metadata governance in major regions worldwide, while enabling Netskope to extend this coverage to additional countries. The…

Read more →

AI, Global Security News, Risk Management

Claroty targets cyber-physical system risks with AI-powered security agent

Claroty has launched Claroty Claire, a CPS-native AI security agent designed to help organizations defend mission-critical infrastructure. Claire is powered by a CPS language model trained on more than a decade of industry expertise and CPS-related data. The launch expands organizations’ capabilities for supporting the safety, uptime, and availability of cyber-physical systems. Defending a rapidly…

Read more →

Data Breaches, Global Security News

Humanix expands detection to identify live violations of security procedures

Humanix has announced a capability to identify live violations of organization-defined procedures governing IT support workflows. Designed to prevent unauthorized access, these procedures typically require help desk and service desk agents to follow identity verification steps before fulfilling sensitive requests, such as credential resets. Attackers have learned that pressuring agents to bypass these safeguards is…

Read more →

AI, Global Security News

Why AI can’t match human creative work

It’s hard for people to tell the difference between AI-generated advertising and writing. So why do they respond better to the human-made stuff? AI vs. Mad Men Ipsos, along with faculty members from Syracuse University’s S.I. Newhouse School of Public Communications, just published a unique advertising study. They took 20 real ads from major brands,…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Risk Management

GDPR set the tone for regulatory action — and the AI fine pushback to come

Big tech firms continue to push back against fines levied for alleged violations of European data protection law, in what could be a harbinger for AI regulations to come. While lawyers and experts quizzed by CSO broadly argue that big tech firms contesting data protection rules isn’t a particular cause for concern, the more widespread…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security, privacy, Risk Management

How to protect Windows 10 and 11 PCs from ransomware

CryptoLocker. WannaCry. DarkSide. Conti. MedusaLocker. Qilin. The ransomware threat has exploded over the past decade, and it isn’t going away anytime soon; the news brings constant reports of new waves of this pernicious type of malware washing across the world. Ransomware gained in popularity in large part because of the immediate financial payoff for attackers:…

Read more →

AI, Endpoint, Global Security News, Network Security

New infosec products of the month: May 2026

Here’s a look at the most interesting products from the past month, featuring releases from Alation, AppOmni, Apricorn, ASAPP, Babel Street, Checksum, Cogent, CTERA, Forward, LastPass, Operant AI, Riverbed, Sysdig, Trust3 AI, TrustCloud, VIAVI, Versa Networks, and XM Cyber. Operant AI Endpoint Protector secures AI agents and MCP tools Operant AI has launched Operant Endpoint…

Read more →

AI, Apps, Compliance, Global Security News, Network Security

IBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterprise

Open source code is everywhere in the enterprise; it’s estimated that upwards of 90% of Fortune 500 companies have it in their software supply chains. But open source code is notoriously rife with vulnerabilities, and identifying and patching those bugs can be an endless battle for security teams. IBM and Red Hat are betting that…

Read more →

AI, APAC, Apps, Data Breaches, Exploits, Global Security News, Network Security

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

A newly discovered and so far unpatched critical vulnerability in the open source Gogs Git service not only demands immediate action from developers to secure their code, it also puts a spotlight on the potential issues in using self-hosted code platforms from small maintainers. The hole is a critical argument injection vulnerability, discovered by a…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management, Venture

News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit

NEW YORK, May 28, 2026, CyberNewswire—TVC Analyst Group has released its list of twelve cybersecurity companies identified for their activity and positioning ahead of the Gartner Security & Risk Management Summit 2026, where participating vendors are expected to present product updates, strategic initiatives, and technology developments. The annual Gartner Security & Risk Management Summit, scheduled…

Read more →

AI, Apps, Endpoint, Global Security News, Network Security, Risk Management

Why and how to migrate to a Transit Gateway-attached AWS Network Firewall

AWS Network Firewall now supports native attachment to AWS Transit Gateway. Customers commonly use Transit Gateway to route traffic from Amazon Virtual Private Cloud (Amazon VPC) networks to a centralized inspection VPC (a VPC dedicated to hosting firewall endpoints for traffic inspection) where their network firewall endpoints are deployed. This centralized deployment model reduces the…

Read more →

Global Security News

Coffee with the Council Podcast: Nominate Now for the Global Executive Assessor Roundtable (GEAR)

  Welcome to our podcast series, Coffee with the Council. I’m Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. In today’s episode, I’m excited to announce that the Council will open the nomination period for the next Global Executive Assessor Roundtable on June 1st. This roundtable, or GEAR as…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Risk Management

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed personal information. According to the notification shared with the Maine Attorney General’s Office, the total number of persons affected is 5,995,277. The company said…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

AI Software Supply Chain Threats Escalate in 2026 

Artificial intelligence is rapidly transforming software development, but new research from JFrog suggests security teams are struggling to keep pace with the risks that come with it.  The Software Supply Chain Security State of the Union 2026 report found that AI-driven development is accelerating malicious package activity, insecure AI tooling, and software supply chain governance…

Read more →

AI, Compliance, Europe, Global Security News, Government & Policy, Network Security, Risk Management

HPE Heads to Discover with Wider Networking, Cloud Portfolio

HPE is heading into its annual Discover conference with a broader portfolio than in recent years and a clear push to become a go-to enterprise provider for networking and private cloud operations. The focus will inevitably be on artificial intelligence and the new ways HPE can meet customer demand across the entire networking stack. Its…

Read more →

AI, APAC, Compliance, Global Security News, Network Security

Simplifying policy management with URL and Domain Category filtering on AWS Network Firewall

Network administrators face a persistent challenge: maintaining domain blocklists and allowlists that keep pace with the internet. New websites and services emerge daily, and keeping these lists current requires constant manual updates that leave gaps in coverage. This challenge intensifies when managing access to rapidly evolving categories like AI services, where new tools launch on…

Read more →