Geek-Guy.com

Author: admin

AI, Cybersecurity, Global Security News, malware, Network Security, Risk Management

Employees are unknowingly inviting tech support impersonators into firms, says FBI

Online or telephone IT support scams have been tricking employees into downloading or clicking on malware for years. But according to the FBI, one group that targets US-based law firms has recently found success in person, by convincing firms to allow a supposed IT support person into the building, where they insert a storage device…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management

Another IT governance headache: AI-enabled sanction evasion

Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns. The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy

Smashing Security podcast #469: What your Oura ring won’t tell you

CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile. Meanwhile, your Oura ring is quietly transmitting some of its data unencrypted – and when one journalist asked the company how often it hands user…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management

Another IT governance headache: AI-enabled sanction evasion

Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns. The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

ShinyHunters Alleges 42M Records Stolen from Charter Communications  

Charter Communications confirmed a cybersecurity incident after the ShinyHunters extortion group claimed it stole customer data and threatened to leak the information unless a ransom was paid.   The company, which operates under the Spectrum brand, said it is investigating the incident and coordinating with authorities.   “The Charter breach is a reminder that the most sophisticated…

Read more →

AI, Global Security News, Risk Management

AI models more vulnerable than claimed when faced with iterative attacks

CISOs relying on LLM runtime guardrails and official safety scores when making security decisions about their organizations’ AI usage and model selection are due for a wakeup call. According to a new study from Cisco, frontier models from OpenAI, Anthropic, Google, xAI, and Amazon have significantly worse risk profiles when pressured in multi-turn attacks compared…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy

OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms

OpenAI on Wednesday hailed its plans to safeguard information and aid cybersecurity defenders in the 2026 midterm elections, including work to combat deepfakes and other forms of artificial intelligence misuse.  The announcement builds on commitments from major tech companies in 2024, including OpenAI, to protect elections from AI-infused election interference — efforts that some thought…

Read more →

Global Security News, AI, Risk Management, Apps

ScalePad CEO Chris Day on MSP & SMB AI Adoption in 2026

ScalePad CEO Chris Day says MSPs are facing mounting pressure to support artificial intelligence as SMB clients adopt AI tools faster than many providers can operationalize, creating new urgency around automation, advisory services, and AI governance. Clients are moving faster than providers MSPs are being pulled into artificial intelligence faster than many expected, as small…

Read more →

AI, Cybersecurity, Global Security News, Risk Management, Russia

FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person

Silent Ransom Group, a long-running data extortion operation, continues to hit U.S.-based law firms by impersonating IT support and, in some cases, visiting victims in person to gain physical access to computers, the FBI said in an alert Tuesday. The closed group, which likely operates from Russia and emerged in 2022 after Conti disbanded, has…

Read more →

Global Security News, AI, Risk Management, Apps, Europe, Endpoint

Dell Leaders on Local AI Reshaping Enterprise Security

At Dell Technologies World 2026, the tech giant announced major changes to its portfolio and to the role security plays in enhancing it, ensuring partners and customers are well protected as cyber threats evolve. Why partner alignment is crucial to customer success Rob Emsley, Director at Dell Technologies, told Channel Insider that Dell Technologies World…

Read more →

AI, china, Cybersecurity, Europe, Global Security News, Government & Policy, Politics, Risk Management, Russia

UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace

Artificial intelligence is an “unstoppable force” that allows tech to be “weaponized just below the threshold of traditional warfare,” including in cyberspace, the head of a U.K. intelligence, security and cybersecurity agency said Wednesday. We live in a world “where the latest frontier AI is rapidly unearthing fault lines in technologies our society relies on…

Read more →

AI, Apps, Global Security News, malware

AI chatbot recommendations lure users to cryptojacking malware sites

Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark, K-Lite Codec Pack, and PDFgear. Screenshot of search engine results showing a malicious source of…

Read more →

AI, Cybersecurity, Global Security News, Network Security

Cisco Live 2026 Preview: AI, Security, and Partner Changes

Ahead of its annual North American conference in Las Vegas, Cisco has spent the last few months rolling out a steady stream of AI-focused announcements touching nearly every corner of its business, from networking and cybersecurity to certifications and channel programs. Recent earnings report shows record revenue due to AI infrastructure demand The company’s latest…

Read more →

AI, Europe, Global Security News, malware

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as…

Read more →

AI, Global Security News

PwC: SAP AI Strategy Shifts Toward Enterprise Execution

SAP’s latest AI announcements at Sapphire are landing as enterprise customers move beyond experimentation and begin demanding measurable returns, stronger governance, and scalable operational outcomes from AI investments. Patrick Pugh, global and U.S. alliances leader at PwC, told Channel Insider that the event reflected a broader shift in the SAP market: enterprises are increasingly embedding…

Read more →

AI, Cybersecurity, Global Security News

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named “mouse5212-super-formatter,” is designed to upload files from “/mnt/user-data,” a dedicated directory used by Anthropic’s Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. The

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

7 Best Vulnerability Scanning Tools & Software in 2026

This guide is for IT leaders, security teams, and vulnerability management professionals looking to strengthen risk detection and remediation efforts in 2026. It covers the best vulnerability scanning tools and the key capabilities organizations should evaluate to improve visibility across networks, endpoints, cloud environments, and web applications. Key points about vulnerability scanning tools in 2026…

Read more →

AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Global Security News, malware, Network Security, Risk Management

Top 7 Cloud Security Posture Management (CSPM) Tools in 2026

This guide is for IT leaders, cloud security teams, and compliance professionals looking to strengthen cloud security posture and reduce configuration risks in 2026. It covers the top cloud security posture management (CSPM) tools and the key capabilities organizations should evaluate to improve visibility, automate remediation, and enforce compliance across cloud environments. Key Takeaways of…

Read more →

AI, APAC, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

A single malformed character in a web request can let an unauthenticated attacker slip past the access controls that guard applications built on Starlette, the open-source Python framework that powers FastAPI, researchers said. The flaw, tracked as CVE-2026-48710 could allow attackers to bypass host-validation protections using malformed Host headers, according to an advisory from cybersecurity…

Read more →

AI, Cloud Security, Cybersecurity, Exploits, Global Security News

Google AI Threat Defense targets attackers using AI to find flaws faster

Google Cloud introduced AI Threat Defense, an automated cybersecurity platform that combines several of the company’s security assets to find, prioritize, and patch software vulnerabilities at machine speed. The product is aimed at enterprises contending with attackers who use AI to discover and exploit flaws in hours or days, compressing windows that once stretched into…

Read more →

AI, Europe, Global Security News, Network Security, Risk Management

ExtraHop, Ignition Bring Agentic SOC Push to North America

ExtraHop, a modern network detection and response (NDR) provider, has expanded its partnership with Ignition, operating under Exclusive Networks, in North America. Providing the ‘definitive’ intelligence layer for SOCs According to ExtraHop, the expanded partnership with Exclusive Networks will make its NDR platform “more accessible than ever,” giving organizations real-time network traffic insights to strengthen…

Read more →

AI, Data Breaches, Endpoint, Global Security News, malware

The LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On.

Iran’s “hacktivist” group Ababil of Minab, which hit LA Metro and wiped terabytes of data, is forensically linked to Iran’s intelligence service MOIS. In late March, a group calling itself Ababil of Minab posted videos and screenshots online claiming it had broken into the Los Angeles County Metropolitan Transportation Authority, wiped hundreds of terabytes of…

Read more →

AI, Exploits, Global Security News

Cogent targets exploit-to-remediation gap with new AI-powered security capabilities

Cogent has launched two new platform capabilities designed to reduce the time between vulnerability disclosure and confirmed remediation. Zero Day Response identifies exposure within minutes of public disclosure, without waiting for scanner signatures. Autonomous Remediation determines the right fix, assesses business impact before execution, and confirms that the vulnerability has been resolved. The releases arrive…

Read more →

AI, Global Security News, malware, Network Security, Russia

CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain

CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of pieces of open-source software with malware since early 2025, the company said Tuesday.  The coordinated effort involved the simultaneous takedown of four attacker-controlled servers that were designed to…

Read more →

AI, Global Security News

Ping Identity advances agentic security with AI governance and trusted access

Ping Identity announced new capabilities that extend the Ping Identity Platform for the agentic enterprise, where AI agents, automation, and developers increasingly shape how access is managed, governed, and secured across organizations. AI agents are changing both sides of the identity equation. They are new actors that need to be discovered, governed, and managed across…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

10 of the Best Patch Management Service Providers in 2026

This guide is for IT leaders, security teams, and system administrators looking to streamline vulnerability remediation and automate software updates in 2026. It covers the best patch management service providers and the key features organizations should evaluate to improve endpoint security, reduce operational overhead, and strengthen overall IT resilience. Key Points on Patch Management Solutions…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

6 Under-the-Radar Vendors That Supercharge Breach and Attack Simulation in 2026

This guide is for IT leaders and security teams looking to validate their defenses against real-world cyberattacks in 2026. It covers the top breach and attack simulation (BAS) solutions and the key capabilities organizations should evaluate to strengthen endpoint, cloud, and network security resilience. Key Takeaways of BAS Solutions in 2026 Breach and attack simulation…

Read more →

AI, Global Security News

eSentire launches new Atlas AI Operatives for autonomous threat detection and response

eSentire has unveiled new preempt, detect, and respond capabilities within the Atlas Platform, a unified agentic AI platform with purpose-built AI Operatives that work together in a continuous security lifecycle. Controlled autonomy SecOps The Atlas Platform delivers purpose-built and adaptive AI operative infrastructure in a continuous closed loop across autonomous AI offensive security, exposure management,…

Read more →

AI, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security, privacy, Risk Management

6 Best Identity & Access Management (IAM) Software Solutions in 2026

This guide is for IT leaders, security teams, and identity administrators looking to improve access control and secure distributed workforces in 2026. It covers the best identity and access management (IAM) software solutions and the key features organizations should evaluate when choosing the right platform for cloud, SaaS, and remote access security. Key Takeaways of…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, privacy, Risk Management

The 6 Best Email Security Software & Solutions in 2026 (Compared and Reviewed)

This guide is for IT leaders, security teams, and business decision-makers looking to strengthen email protection against phishing, malware, and business email compromise attacks. It covers the best email security software solutions in 2026, along with the key features, pricing considerations, and deployment factors to evaluate before choosing a platform. Key Takeaways for Email Security…

Read more →

Global Security News, malware

Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware

Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan built on the Deno JavaScript runtime, according to Malwarebytes. Compromised YouTube channels push victims toward…

Read more →

AI, Global Security News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. “Since at least early 2025, GlassWorm operators have systematically targeted software developers, a

Read more →

AI, Global Security News, malware, Network Security, Risk Management, Russia

How cybersecurity firms took down Glassworm botnet in one shot

Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, at 14:00 UTC, CrowdStrike Counter Adversary Operations team, working with Google and the Shadowserver Foundation, killed all four command-and-control channels of the Glassworm botnet at the same time. The timing…

Read more →

AI, Compliance, Cybersecurity, Global Security News, malware, Risk Management

Inside ANY.RUN’s 10-Year Evolution: An Interview with CEO Aleksey Lapshin

What happens when a malware analyst decides to build a product he always wished he had? The case of ANY.RUN tells us that ten years later it may turn into an industry-standard solution, adopted by 74 Fortune 100 companies.  Celebrating a decade of ANY.RUN, CEO Aleksey Lapshin shared his perspective on the evolution of the company,…

Read more →

Global Security News

Apple makes its quantum-resistant encryption open source

Apple has published its post-quantum cryptography implementations in corecrypto, together with mathematical proofs and verification tools for independent expert evaluation, allowing external researchers to review the work and reproduce the company’s analysis. Post-quantum cryptography is designed to protect encrypted data from future quantum computers that could break widely used public-key encryption algorithms. A new approach…

Read more →

AI, Cybersecurity, Global Security News

Gitea Vulnerability Exposes Private Container Images without Authentication

Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials. The vulnerability, tracked as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea prior to 1.26.2

Read more →

AI, APAC, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

The NSA, ‘Mythos’ and the quiet emergence of AI cyber doctrine

For most of my career running security operations, the shape of cyber conflict has been defined by who could move faster than the other side. Faster at identifying a vulnerability, faster at patching, faster at detecting, faster at responding. The last few months have made me reevaluate that framing. Speed still matters. It just no…

Read more →

AI, Cybersecurity, Global Security News, Network Security

DXC, WWT on Dell’s Partner Program & Enterprise AI Growth

At Dell Technologies World 2026, much of the conference focused on partner program enhancements the organization recently made. For partners like DXC and World Wide Technologies (WWT), these enhancements provide even greater opportunities to provide strong customer outcomes.  They reinforce what both DXC and WWT already know: Dell’s Partner Program is a major reason their…

Read more →

AI, Europe, Global Security News, Government & Policy, privacy, Risk Management

Dutch Government just said no to an American firm buying the keys to their digital State

The Dutch government blocked Kyndryl’s €100M bid for Solvinity, citing national security concerns over critical digital infrastructure. Dutch Government told Kyndryl it can’t buy Solvinity. That sentence doesn’t sound dramatic, but what it means is this: a European government just blocked an American IT company from acquiring the firm that runs DigiD, the platform Dutch…

Read more →

AI, Global Security News

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. “This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations,” Microsoft Defender Experts and the Microsoft

Read more →

Global Security News, privacy

Franklin Access adds three-layer security system to Wi-Fi routers

Franklin Access has launched a three-layer security system integrated into its Wi-Fi routers, delivering enterprise-grade protection for consumers and small businesses. The system runs automatically in the background, blocking millions of malicious websites in real time to protect families, children, seniors, and businesses from online threats. Franklin’s Wi-Fi routers include advanced security protocols and privacy…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.

A critical vulnerability, tracked as CVE-2026-45659, in Microsoft SharePoint can allow attackers to achieve remote code execution with little effort. Microsoft released security updates to patch a high-severity SharePoint vulnerability, tracked as CVE-2026-45659 (CVSS score of 8.8), that could allow remote code execution. The flaw does not require complex conditions for exploitation, making it a…

Read more →