Geek-Guy.com

Category: AI

Explore the latest in Artificial Intelligence at Geek Guy. From deep-dive AI tool reviews to practical tutorials and news, stay ahead of the curve with our expert guides.

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were limited, but with this information now public, a larger wave of opportunistic attacks may be expected. From…

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security, the attack can be triggered by means of a fake error report crafted using Sentry, an open-source error-tracking and performance-monitoring platform. “The…

CyberCorps is adapting to AI. The budget isn’t keeping up.

The digital battlefield is expanding and changing faster than ever before. Washington must confront mounting threats to critical networks and systems. But there’s one challenge that stands out above the rest: artificial intelligence. The nation’s cyber experts need to be ready to face this new reality. The CyberCorps: Scholarship for Service program is a federal…

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…

Prompt injection breaks today’s AI agents, study warns

Today’s AI web agents have no dependable defenses against prompt injection, according to new research showing that not a single attack scenario was consistently blocked across leading systems powered by GPT‑5 and Gemini. The findings come from StakeBench, a stakeholder-centric benchmark developed by researchers from Nanyang Technological University, ST Engineering, IBM Research, and the University of Illinois…

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source framework created by LangChain to build complex, stateful, and multi-agent artificial intelligence (AI) agentic applications. “An SQL injection in LangGraph’s function could

Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree

A newly disclosed Oracle PeopleSoft zero-day became the weapon of choice in a recent ShinyHunters extortion campaign that primarily targeted universities and other educational institutes. Attackers exploited the critical remote code execution (RCE) flaw in PeopleSoft’s Environment Management component that Oracle started warning customers about on June 10, 2026. In an advisory, the company urged…

AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!

For 30 years, cybersecurity has operated like an emergency room. Reactive. Crisis-driven. Always triaging. We are extraordinarily good at it — our detection is faster, our response playbooks are sharper, our incident teams are more capable than they have ever been. When something goes wrong, the modern security organization runs toward the fire with real…

INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator

An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and saw authorities from 13 countries in the Middle East and North Africa (MENA) region making 201 arrests. Included among them was…

Optiv Consulting Targets Secure Agentic AI

Optiv has sold its advisory, consulting, and transformation project-based services business to Vobis Ventures, creating a newly independent Optiv Consulting business focused on helping enterprises securely adopt agentic AI at scale. The deal closed on June 1, with Optiv Consulting initially operating under its current name and serving as Optiv’s priority services partner for the…

Reinvent Launches Managed Security for MSP Partners

Reinvent Telecom has launched MyCloud Managed Security, a fully managed cybersecurity offering built to help MSPs, VARs, and resellers expand into security services without building their own infrastructure. The new service combines Guided Vulnerability Management and Managed XDR to provide continuous monitoring, threat detection and response, asset discovery, endpoint detection and response, SIEM, SOAR, dark…

21,786 Home Cameras, No Password, No Warning

21,786 live cameras stream with zero authentication. Cheap gear is the real risk, webcamXP open 46% of the time. Your home router is the broadcast tower. In May 2026, Mysterium VPN queried a public internet-wide device index to count every camera and recorder that answers the open internet. They found more than three million reachable…

Zebra Repco Rollout Signals ANZ Channel Services Shift

Back in April, Zebra Technologies Corporation, a company specializing in digitizing and automating workflows to deliver intelligent operations, announced that Repco, the largest reseller and supplier in the automotive aftermarket parts sector across Australia and New Zealand (ANZ), had digitized its last-mile delivery operations with Zebra’s TC5 series mobile computers. The deployment highlights a broader…

Pax8 Beyond 2026 Vendors Target MSP AI and Security

At this year’s Pax8 Beyond 2026 conference, vendors across the channel unveiled new products, partnerships, and investments focused on helping managed service providers improve operations and scale more efficiently. Several announcements centered on security, documentation, and service delivery, reflecting the challenges MSPs continue to face as customer expectations rise and operational demands increase.  Read our…

MSP Compliance Services Shift to Continuous Monitoring

As enterprises accelerate AI adoption and face an increasingly complex web of cybersecurity and data protection requirements, managed service providers are finding new opportunities to expand beyond traditional IT support and into continuous compliance services. Brian Harmison, CEO of Corsica Technologies, says customers are no longer looking for occasional audit preparation or checkbox exercises.  Instead,…

Authorities dismantle crypto laundering service that moved €336 million for cybercriminals

An international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than €336 million in illicit funds. The domain seizure notice (Source: Europol) Europol said the service, known as AudiA6, is suspected of laundering cryptocurrency obtained through ransomware attacks and other forms of cybercrime between…

‘Harvest now, decipher later’: The quantum threat few are preparing for

Quantum technology may feel far off but certain risks are already with us in the form of “harvest now, decrypt later” — an attack vector in which malicious actors steal data now for a future in which they have access to quantum computational tools capable of breaking encryption deployed by most companies today to protect their data.…

Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs

Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a “key financial pipeline used to wash hundreds of millions in illicit profits.” The service is estimated to have been used to launder more than…

Comcast Business SecurityEdge Preferred strengthens security for small businesses

Comcast Business announced SecurityEdge Preferred, its most advanced network-native cybersecurity solution for small businesses. Because SecurityEdge Preferred is built directly into the Comcast Business network, security can be activated in minutes without deploying additional hardware, managing multiple vendors, or maintaining complex security tools. Rather than adding another layer on top of existing infrastructure, it lives…

How to use NIST and ISO frameworks to govern AI agents

Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke internal APIs, trigger workflows, and make decisions that still require human judgment. From a security perspective, the most…

AI sovereignty makes data centers strategic targets for cyber operations

Data centers built for frontier AI draw hundreds of megawatts of electricity and large volumes of cooling water from fixed locations with known addresses. Each one concentrates tens of thousands of graphics processors, liquid cooling systems, and high-density power equipment inside a single building. This physical footprint turns a nation’s AI capability into something an…

New infosec products of the week: June 12, 2026

Here’s a look at the most interesting products from the past week, featuring releases from AISLE, Drata, Elastic, Filigran, IDnow, and Ridge Security. RidgeBot 7.0 automates Active Directory attack simulations for security validation Ridge Security has announced the release of RidgeBot 7.0, an update to its automated security validation platform that introduces automated Windows Active…

Antidetect Browser Technology: The Future of Secure Online Management

In this post, I will talk about the Antidetect Browser technology and the future of secure online management. Online accounts are now part of daily life. Whether someone is managing ads, handling multiple projects, logging into services from different devices, or running automated workflows, they expect one thing: smooth account operation without unnecessary friction. But…

CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release

Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a maximum-severity OS command injection flaw in Ivanti Sentry, tracked as CVE-2026-10520, that allows remote code execution with root privileges. “An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote…

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets

Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs. Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built…

Ticket Scams to Infrastructure Attacks: FIFA World Cup Cyber Risks

One of fútbol’s premier events is about to hit North America this summer with the FIFA World Cup 2026 stretching across the U.S., Canada, and Mexico. The tournament will feature 48 national teams competing to become champions – up from 32 in previous tournaments – across 16 host cities. It will be the first time…

Russian national charged in connection with Void Blizzard espionage campaign

Federal prosecutors have charged a Russian national with conspiracy to commit unauthorized computer access in connection with a sprawling cyber-espionage campaign linked to the Russia-aligned threat group Void Blizzard, according to a criminal complaint filed in federal court this week. Denis Nikolayevich Obrezko, a Russian citizen, is accused of breaking into systems owned by companies…

WWDC: What IT admins need to know

Under-the-hood AI changes and efficiency improvements at the OS layer across Apple’s platforms are certainly the highlights at WWDC 2026. But there have also been significant changes IT admins will need to prepare for, particularly around Declarative Device Management (DDM).  The Intel age is over Apple warned us this was coming, but macOS 27 will not support Intel at all.…

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis). According to a detailed report

CISA orders federal agencies to “patch smarter”

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearly unmanageable, driven by a surge in newly published vulnerabilities and by AI tools that are accelerating both security research and…

Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes

Proxmox Mail Gateway 9.1 adds updated system components, changes to the spam quarantine interface, and encryption for backups. It works as a mail proxy positioned between the firewall and internal mail servers, screening incoming and outgoing traffic for spam, viruses, Trojans, and phishing attempts. Updated system components Version 9.1 runs on Debian 13.5 Trixie and…

Team Cymru Expands APJ Operations With New Sydney Hub

External threat intelligence provider Team Cymru has announced the expansion of its Asia-Pacific and Japan (APJ) operations, with Sydney serving as the company’s regional operational hub.  The announcement follows RISEx Sydney, where Team Cymru leadership met with customers, partners, and public-sector stakeholders from across the region.  Expansion responds to regional cyber visibility demand According to…

Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware

Cybercriminals are using TikTok and Instagram Reels videos to spread Vidar, an infostealer malware, through fake downloads for popular paid software, according to ReversingLabs. The researchers uncovered two campaigns behind the activity, each using a different approach to draw in viewers before sending them to external download sites. One campaign centered on fake software installation…

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials. The bigger problem is how polished…

ServiceNow fixes API issue after reports of suspicious tenant activity

ServiceNow is notifying customers after discovering and remediating a vulnerability that could have exposed data via an unauthenticated API endpoint on affected instances. The issue emerged publicly after customers began discussing security notifications from ServiceNow and reports of suspicious activity linked to their environments. According to the company’s advisory, the vulnerability was initially reported through…

OSF Digital Joins Salesforce FDE Partner Network

OSF Digital, a Salesforce-exclusive consulting and services firm, has been chosen to participate in the Salesforce Forward Deployed Engineering (FDE) Partner Network.  Salesforce FDE partner network builds agentic AI skills OSF Digital will join a network of firms adopting deep learning, expert skills, and specialized training from Salesforce’s internal teams to help organizations “turn agentic…

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google Cloud, warned today. The warning comes a day after Oracle published an out-of-band security alert about the flaw, which is remotely exploitable without authentication, may result in remote code execution, and…

AI vendor FDEs: Key considerations and concerns

When it comes to AI deployments, IT leaders are often caught in an awkward middle space, trying to reconcile conflicting directives from senior management with constantly changing AI models, capabilities, and costs; data governance and security needs; and the limitations of their own team. “Very few real benefits can be attained by simply purchasing an…

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

GreatXML bypasses BitLocker via Defender offline scan artifacts, giving SYSTEM shell in Recovery Mode. No patch exists. Any machine that ran an offline scan is vulnerable. On June 10, security researcher Chaotic Eclipse (aka Nightmare Eclipse) published a new working exploit dubbed GreatXML that bypasses BitLocker and opens a command shell with full SYSTEM privileges…

China-linked recon botnet outpaces enterprise defenses

A botnet made up of compromised small office and Internet of Things devices has grown into a larger reconnaissance network capable of rapidly identifying vulnerable internet-facing systems after public vulnerability disclosures, researchers said. The botnet, tracked by Lumen’s Black Lotus Labs as JDY, now comprises more than 1,500 compromised small office and home office, or…

Fortinet patched a new critical FortiSandbox flaw

Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe issue, tracked as CVE-2026-25089 (CVSS score of 9.8), is an OS command injection flaw in FortiSandbox products. The vulnerability could…

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure and transport construction corporation between mid-2024 and February 2026, as well as a supply chain…

Frontier AI models offer sneak peak of seismic cyber shifts ahead

The advent of Claude Mythos combined with the release of OpenAI’s GPT-5.5 have changed the threat model for CISOs. The arrival of those frontier AI models — and the ones soon to follow — makes it much easier to discover and chain vulnerabilities at a speed and scale that will require most cyber departments to…

Aged-domain acquisition: The tradecraft phishing operators are using to bypass your mail filter’s reputation score

I’ve spent the past two years working on incident response and threat intelligence, and the pattern I’m about to describe is one I keep seeing show up in cases that should have been caught at the email gateway. The kit families change. The lure templates change. The constant is that phishing-as-a-service operators are buying aged…

Check Point expands MSP platform with with AI governance and unified security bundles

Check Point has announced a major expansion of its Managed Service Provider (MSP) platform, designed to help MSPs secure AI adoption, streamline operations and simplify managed security delivery. The announcement brings together three strategic innovations under a single MSP vision: Securing AI and AI usage for MSPs A new multi-tenant MSP management platform with Management…

From Infosecurity Europe to CONFidence and C1b3rWall: What Security Teams Are Prioritizing in 2026

Three cities, three cybersecurity conferences, and plenty of conversations with security professionals across Europe.  Over the past few weeks, the ANY.RUN team joined Infosecurity Europe in London, CONFidence Conference in Kraków, and C1b3rWall Congress in Ávila. While every event had its own focus, the discussions pointed in the same direction: security teams need faster investigations,…

IDnow launches Trust Platform to help regulated firms move from KYC to continuous trust

IDnow has announced the launch of the IDnow Trust Platform, designed to help regulated organisations orchestrate identity verification, fraud prevention, biometric authentication, and qualified digital trust services throughout the customer lifecycle. “The identity industry is entering its biggest transformation since onboarding first went digital,” said Andreas Bodczek, CEO of IDnow. “For years, organisations treated identity…

Rubrik Q&A: New Partner Integrations, AI Solutions Launched

Recently, Rubrik, a security and AI operations company, made a series of announcements, including new partner integrations and a new agentic-first AI platform. The announcements represent Rubrik’s ongoing commitment to ensuring enterprises are agentic-ready and resilient. You can read more about the announcements here. In light of these new announcements, below is a Q&A with…

JDY Botnet Evolves After KV Takedown, Targets Military Networks

JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of the JDY botnet, a covert reconnaissance network tied to Chinese state-sponsored hacking groups including Volt Typhoon. The network was first spotted in late 2023 as a cluster inside KV-botnet. The U.S. government…

Organizations can’t see much of their mobile AI activity

Organizations have limited visibility into AI activity on mobile devices despite security leaders expressing confidence in their AI governance, according to Lookout’s “Solving for the Mobile AI Blind Spot: Executive Confidence Meets Technical Reality” report. Mobile AI visibility gaps Enterprises lack visibility into a large share of mobile AI activity taking place on both corporate-owned…