Geek-Guy.com

Category: Exploits

Explore the latest software exploits, zero-day vulnerabilities, and security PoCs. Geek-Guy provides expert analysis on emerging threats and how to stay protected.

Cybersecurity, Exploits, Global Security News

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a dramatic increase in speed. Speed of attack, speed of exploitation, and speed of change across modern environments. This is the defining challenge of the new era of digital warfare:…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management

Release Notes: Cross-Platform Threat Analysis with macOS, SSL Decryption, and 1,300+ New Detections 

March was a packed month for ANY.RUN. We rolled out major product improvements that help security teams investigate phishing inside encrypted traffic, expand cross-platform analysis with macOS, and bring Windows Server into the sandbox workflow. At the same time, our detection team continued to strengthen threat coverage with new behavior signatures, Suricata rules, and fresh threat intelligence reports focused on active…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management

Release Notes: Cross-Platform Threat Analysis with macOS, SSL Decryption, and 1,300+ New Detections 

March was a packed month for ANY.RUN. We rolled out major product improvements that help security teams investigate phishing inside encrypted traffic, expand cross-platform analysis with macOS, and bring Windows Server into the sandbox workflow. At the same time, our detection team continued to strengthen threat coverage with new behavior signatures, Suricata rules, and fresh threat intelligence reports focused on active…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Citrix NetScaler, tracked as CVE-2026-3055 (CVSS ver. 4.0 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. In March, Citrix issued security updates for two NetScaler vulnerabilities,…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

8 ways to bolster your security posture on the cheap

As every CISO knows, maintaining a strong cybersecurity posture is costly. What’s not so well known is that there are many ways cybersecurity can be enhanced with the help of relatively trivial investments. Simply by thinking creatively, a security leader can substantially boost enterprise protection at a minimal cost. Could your organization benefit from some…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Politics, Risk Management

The external pressures redefining cybersecurity risk

Over the last four years, I’ve watched organizations get blindsided by threats that originated in a third-party network. More than 35% of data breaches are caused by a compromised vendor or partner, not by any failure in the organization’s controls. While many organizations know that the biggest threats to their security come from forces entirely…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security

Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)

In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of control of the stolen data with all the consequences (PII, CC numbers, …). While performing a security assessment of a…

Read more →

AI, Apps, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, privacy, Risk Management, Russia

Fortinet hit by another exploited cybersecurity flaw

Yet another critical flaw in a Fortinet product has come to light as attackers continue to target the company, this time by actively exploiting a critical SQL injection vulnerability in the cybersecurity company’s management server. The vulnerability, (CVE-2026-21643), allows unauthenticated threat actors to execute arbitrary code on unpatched systems via specifically-crafted HTTP requests. These low-complexity…

Read more →

AI, Endpoint, Exploits, Global Security News, Risk Management

Hybrid Vishing Campaigns Abuse Online Services to Evade Anti-Spam Filters

Phone-based fraud never went away. It evolved. Vishing, or voice phishing, is a social engineering technique that uses phone calls to extract money or sensitive information from victims. A few years ago, these attacks typically arrived as unsolicited calls from criminals impersonating the IRS, the FBI, or Microsoft support. The approach was simple and high…

Read more →

AI, china, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security

China-Linked groups target Southeast Asian government with advanced malware in 2025

China-linked groups hit a Southeast Asian government in 2025, deploying multiple malware families in a sophisticated cyber campaign. In 2025, three China-linked threat clusters targeted a Southeast Asian government in a complex, well-funded cyber operation. Threat actors deployed numerous malware types, including HIUPAN, PUBLOAD, EggStremeFuel/Loader, MASOL RAT, PoshRAT, TrackBak Stealer, Hypnosis Loader, and FluffyGh0st, showing…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Risk Management

TeamPCP Supply Chain Campaign: Update 004 – Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)

This is the fourth update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 003 covered developments through March 28, including the first 48-hour pause in new compromises and the campaign’s shift to monetization. This update consolidates intelligence from March 28-30, 2026 — two days…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, privacy, Risk Management

It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulnerability through Zero Day Initiative (ZDI). The vulnerability, tracked as ZDI-CAN-30207 (CVSS score of 9.8) allows attackers to execute code on targeted devices without any user interaction.…

Read more →

Endpoint, Exploits, Global Security News

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and uses them as well to capture real attack attempts and exploits and provide early warning…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management

LangChain path traversal bug adds to input validation woes in AI pipelines

Security researchers are warning that applications using AI frameworks without proper safeguards can expose sensitive information in basic, yet critical, non-AI ways. According to a recent Cyera analysis, widely used AI orchestration tools, LangChain and LangGraph, are vulnerable to critical input validation flaws that could allow attackers to access sensitive enterprise data. In a recent…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases

Anthropic didn’t intend to introduce Mythos this way. Details of what it calls its most capable AI model yet surfaced through a data leak in its content management system (CMS), revealing a LLM with sharply improved reasoning and coding skills. The data leak, which was the result of the company’s staffers inadvertently exposing material about…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases

Anthropic didn’t intend to introduce Mythos this way. Details of what it calls its most capable AI model yet surfaced through a data leak in its content management system (CMS), revealing a LLM with sharply improved reasoning and coding skills. The data leak, which was the result of the company’s staffers inadvertently exposing material about…

Read more →

AI, Cybersecurity, Europe, Exploits, Global Security News, malware, Network Security

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet FortiClient EMS vulnerability, tracked as CVE-2026-21643 (CVSS score of 9.1), is now being actively exploited. Defused researchers warn that threat actors are exploiting the vulnerability in Fortinet’s FortiClient EMS platform. “Fortinet Forticlient EMS CVE-2026-21643…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

APIs are the new perimeter: Here’s how CISOs are securing them

Recent breaches suggest attackers are shifting beyond traditional endpoints to target application programming interfaces (APIs). But typical perimeter protections can completely miss this vector. “We used to talk about defense-in-depth and endpoint protection,” says Sean Murphy, CISO at BECU, a nationwide credit union. “That morphed into identity, and now the API is the new perimeter.”…

Read more →

AI, Apps, Compliance, Endpoint, Exploits, Global Security News, malware, Network Security

Why Kubernetes controllers are the perfect backdoor

In my years securing cloud-native environments, I’ve noticed a recurring blind spot. We obsess over the “front doors” such as exposed dashboards, misconfigured RBAC, or unpatched container vulnerabilities. We harden the perimeter, but we often ignore the machinery humming inside.  Sophisticated adversaries have moved beyond simple smash-and-grab tactics. They don’t just want to run a…

Read more →

AI, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave

Russia-linked TA446 is using the DarkSword iOS exploit kit in targeted phishing campaigns to compromise iPhone users. Russia-linked APT group TA446 (aka SEABORGIUM, ColdRiver, Callisto, and Star Blizzard) is using the DarkSword exploit kit in targeted spear-phishing campaigns against iOS devices. The attacks rely on malicious emails to compromise iPhones, highlighting a growing threat from…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security

Hackers Didn’t Hack the FBI Network — They Did Something Smarter

A threat operation attributed to actors aligned with Iran’s Ministry of Intelligence and Security (MOIS) has compromised the personal email account of FBI Director Kash Patel, exposing historical communications and personal data in a campaign that blends espionage, disruption, and information operations. The activity is being conducted under the “Handala Hack Team” persona, which serves…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Urgent Alert: NetScaler bug CVE-2026-3055 probed by attackers could leak sensitive data

Attackers are actively probing a critical Citrix NetScaler flaw (CVE-2026-3055) that can leak sensitive data via a memory overread issue. A critical vulnerability, tracked as CVE-2026-3055 (CVSS score of 9.3), in Citrix NetScaler ADC and Gateway is already being actively probed by attackers. This week, Citrix issued security updates for two NetScaler vulnerabilities, including the critical memory…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra DocGuard Software   Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets   Trivy Supply Chain Attack Expands to Compromised Docker Images   VoidStealer: Debugging Chrome to Steal…

Read more →

AI, Apps, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia

Security Affairs newsletter Round 569 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters claims the hack of the European Commission Iran-linked group Handala hacked FBI Director Kash Patel’s…

Read more →

AI, Exploits, Global Security News, Risk Management

Apple issues urgent lock screen warnings for unpatched iPhones and iPads

Apple is alerting users of outdated iPhones and iPads via lock screen warnings about active web-based exploits, urging immediate software updates. Apple is sending lock screen alerts to users running outdated iOS and iPadOS versions, warning of active web-based attacks targeting their devices. The notifications urge users to install critical updates to stay protected, highlighting…

Read more →

AI, Cloud Security, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

TeamPCP Supply Chain Campaign: Update 003 – Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)

This is the third update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 002 covered developments through March 27, including the Telnyx PyPI compromise and Vect ransomware partnership. This update covers developments from March 27-28, 2026. HIGH: First 48-Hour Window Without a New Supply…

Read more →

AI, Exploits, Global Security News

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information. Per

Read more →

Cybersecurity, Data Breaches, Exploits, Global Security News

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)

A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities catalog after F5 updated the related security advisory, The advisory wasinitially published on October 15, 2025,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in F5 BIG-IP AMP, tracked as CVE-2025-53521 (CVSS ver. 3.1 score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability in BIG-IP APM allows…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution.…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Russia

TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as TA446, which is also tracked by the broader cybersecurity community…

Read more →

AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management

A critical Windows security fix puts legacy hardware on borrowed time

Microsoft is finally blocking a long-since retired program that it said led to “abuse and credential theft,” yet remained widely trusted for years. Beginning in April, Redmond will remove trust for kernel drivers that haven’t been vetted through its Windows Hardware Compatibility Program (WHCP). The company is specifically targeting kernel drivers signed by the now…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

RSAC 2026: No easy fixes for expanding AI attack surface, but a coordinated response is emerging

SAN FRANCISCO — Forty-four thousand cybersecurity practitioners converged on Moscone Center this week with an urgent question: how do you secure a network when everything — the technology, the threats, the tools — is changing faster than anyone can govern it? Related: Feds pull back on collaboration Microsoft’s Vasu Jakkal set the scale on day…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Security leaders say the next two years are going to be ‘insane’

SAN FRANCISCO — Every RSA Conference has its buzzwords. Cloud. Ransomware. Zero trust. Plastered across the 87-acre Moscone Center complex on every booth, banner and bar. This year was AI, with vendors pitching AI-powered solutions to every security problem imaginable. But 2026 stood out for a different reason: Industry leaders spent the conference warning about…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw

CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an advisory about a critical vulnerability, tracked as CVE-2026-4681 (CVSS score of 10.0), in PTC’s Windchill and FlexPLM software. At this time, no patches are available, and no active attacks have been…

Read more →

AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

TeamPCP Supply Chain Campaign: Update 002 – Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

This is the second update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026. CRITICAL: Telnyx Python SDK Compromised on PyPI — New WAV Steganography TTP TeamPCP compromised the telnyx Python SDK (670,000+…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management, Russia

Critical Vulnerabilities, Insider Threats, and AI-Driven Cybercrime Define the Week

Major Threats & Vulnerabilities Zero-Day and Critical CVE Exploits Oracle’s emergency patch for CVE-2026-21992 addressed a critical remote code execution flaw in Identity Manager and Web Services Manager with a CVSS score of 9.8. The vulnerability could allow unauthenticated attackers to fully compromise systems. Administrators are urged to patch immediately despite no known active exploitation.…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers have exploited a critical Langflow RCE within hours of disclosure, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) to formally flag it for urgent remediation. The flaw, which allows running arbitrary code on vulnerable Langflow instances without >credentials, was weaponized within 20 hours of the open-source AI-pipeline tool disclosing it. According to a Sysdig report,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an open-source framework for building AI agents and workflows, and CVE-2026-33634, an embedded malicious code vulnerability in Aqua Security’s Trivy security scanner. Their addition to the catalog…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Aquasecurity Trivy flaw, tracked as CVE-2026-33634 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. On March 19, 2026, attackers used compromised credentials to release a malicious…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running a long-term espionage campaign by infiltrating telecom networks, mainly in the Middle East and Asia. Active since at least 2021, the group uses highly…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Politics

ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review

A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps that have undergone a cybersecurity review and more, the Office of the Director of National Intelligence announced Thursday. An unclassified summary of cyber and…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Langflow to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Langflow flaw, tracked as CVE-2026-33017 (CVSS score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. Langflow is a popular tool used for building agentic AI workflows.  CVE-2026-33017 is a…

Read more →

AI, Exploits, Global Security News, malware, Risk Management, Russia

Coruna exploit reveals evolution of Triangulation iOS exploitation framework

Kaspersky found Coruna iOS exploits reuse updated code from the 2023 Operation Triangulation attacks, suggesting a possible link. Kaspersky researchers discovered that the Coruna iOS exploit kit uses an updated version of the same kernel exploit seen in the 2023 Operation Triangulation campaign. While early evidence didn’t clearly link the two, the code similarities now…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

FCC pushes new rules to crack down on robocallers, foreign call centers

The Federal Communications Commission is moving to crack down on illegal robocalls and the use of foreign call centers. At a meeting Thursday, the three-member commission unanimously approved a new proposed regulation to increase certification and disclosure requirements for obtaining phone numbers, while also expanding those same requirements to all providers seeking phone numbers from…

Read more →

AI, Endpoint, Exploits, Global Security News

Hexnode CEO: MacBook Neo forces IT to rethink its budget laptop strategy

Apple’s MacBook Neo (reviewed here) challenges what we expect from budget laptops. Accompanied by shrewd enterprise-focused moves, the new model gives Apple a chance to convert hitherto resistant IT purchasers to adopt its platforms. I spoke with Hexnode CEO Apu Pavithran to get some sense of this potential. Apple’s decision to introduce a $599 laptop is hugely significant, said Pavithran.…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware

TeamPCP Supply Chain Campaign: Update 001 ? Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

This is the first update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). That report covers the full campaign from the February 28 initial access through the March 24 LiteLLM PyPI compromise. This update covers developments since publication. Checkmarx ast-github-action: All 91 Tags…

Read more →

AI, Exploits, Global Security News, malware

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Threat actors are actively exploiting OpenClaw’s viral popularity to run a phishing campaign that targets developers on GitHub with lures of free crypto tokens. According to a disclosure by OX Security, the campaign involves fake “CLAW” token airdrops that promise thousands of dollars in rewards. Developers are being tricked into malicious GitHub repositories and discussions,…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Risk Management

Researchers uncover WebRTC skimmer bypassing traditional defenses

Researchers found a new skimmer using WebRTC to steal and send payment data, bypassing traditional security controls. Sansec researchers discovered a new payment skimmer that uses WebRTC data channels instead of typical web requests to load malicious code and exfiltrate stolen payment data. “What sets this attack apart is the skimmer itself. Instead of the usual…

Read more →

AI, APAC, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management

What IT leaders need to know about AI-fueled death fraud

Death is always an unpleasant topic, typically ignored until it is fully upon us. But for IT leaders, fraudsters who use fake death documents generated by AI to steal data and commit a wide range of other crimes are simply too dangerous to ignore. There are two different forms of these death frauds: tricking an…

Read more →

AI, Apps, china, Endpoint, Europe, Exploits, Global Security News, Network Security

New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert

A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immediately, say experts. The hole, CVE-2026-3055, is an out-of-bounds read vulnerability in customer-managed NetScaler ADC and NetScaler Gateway devices configured as SAML IDP for approving identity and authentication. It’s rated at 9.3 in severity on…

Read more →

AI, Exploits, Global Security News, Network Security

Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)

Apple released the next version of its operating system, patching 85 different vulnerabilities across all of them. None of the vulnerabilities are currently being exploited. The last three macOS “generations” are covered, as are the last two versions of iOS/iPadOS. For tvOS, watchOS, and visionOS, only the current version received patches. This update also includes the…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-of-service outage, infrastructure security company Opswat has revealed. The two most operationally significant are CVE-2026-20114 and CVE-2026-20110, which the researchers found could be chained to make possible a dangerous privilege escalation. Opswat’s Unit 515…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware. TP-Link issued security updates for its Archer NX router series to fix multiple vulnerabilities, including CVE-2025-15517 (CVSS score of 8.6), a critical authentication bypass flaw. The vulnerability impacts multiple models, including NX200, NX210, NX500,…

Read more →

AI, Cybersecurity, Data Security, Endpoint, Exploits, Global Security News, Risk Management

Dell Addresses Emerging Quantum Risks, AI Era Resilience

Dell Technologies is taking a step in expanding cybersecurity and resilience for the AI era and emerging quantum threats by introducing new security capabilities to help organizations secure, detect, and recover from next-gen threats. Quantum computing and AI continue to introduce new security threats These latest enhancements address risks from quantum computing and AI by…

Read more →

AI, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security

Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave

What started as a supply chain attack on Trivy, a widely used security scanner, has become a Lapsus$-linked extortion campaign, with more than 1,000 enterprise SaaS environments already compromised. Charles Carmakal, CTO of Mandiant Consulting, made the assessment at a Google-hosted threat briefing held alongside the RSA Conference 2026 in San Francisco on Tuesday. “We…

Read more →

AI, Exploits, Global Security News

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed. This incident is worrying, but there’s a…

Read more →

AI, Exploits, Global Security News

Akamai Brand Guardian detects and removes AI-driven brand impersonation

Akamai has introduced Akamai Brand Guardian, an evolution of Brand Protector that uses AI to identify and manage brand impersonation at scale. Scammers are exploiting the widespread availability of generative AI to deploy sophisticated fake websites and digital identities in seconds, making it nearly impossible for businesses to keep pace using manual discovery methods. For…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

FCC targets foreign router imports amid rising cybersecurity concerns

The FCC will ban new foreign-made routers in the U.S. over security risks, unless approved by DHS or defense authorities. The U.S. FCC announced a ban on importing new foreign-made consumer routers, citing unacceptable cyber and national security risks. The decision, backed by Executive Branch assessments, means such devices can no longer be sold or…

Read more →

AI, Apps, Exploits, Global Security News, malware

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

PyPI is warning of possible credential theft from AI applications and developer pipelines after two malicious versions of the widely used Python middleware for large language models, LiteLLM, were briefly published. “Anyone who has installed and run the project should assume any credentials available to the LiteLLM environment may have been exposed, and revoke/rotate them…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

AI is breaking traditional security models — Here’s where they fail first

Traditionally, enterprise security operating models operated a fixed and regular cycle: Findings surfaced through periodic scans, security teams triaged results and remediation followed through ticket-based workflows. It was almost an SOP of sorts; the accountability existed, but it was often implicit and fragmented. The remediation would travel across tools, teams and handoffs rather than designed…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware

Malicious LiteLLM versions linked to TeamPCP supply chain attack

TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management, Russia

DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses

Leaked iOS spyware has some cybersecurity professionals raising urgent alarms about potential mass iPhone compromises, a development that pairs ominously with the recent discovery of two sophisticated iOS exploit kits. At the same time, some other experts say Apple’s defensive features for iPhones remain elite. But several factors have created unprecedented circumstances: the public accessibility…

Read more →

AI, APAC, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Why Prevention Isn’t Enough: Shifting to True Operational Resilience in 2026

As cyber threats grow in sophistication and scale, traditional prevention-first security models are proving insufficient for modern enterprises.  This article examines the evolution toward operational resilience, emphasizing the protection of identity systems, rapid containment, and recovery as essential capabilities. It explores how organizations can adopt an “assume breach” mindset, strengthen identity infrastructure, and build recovery-focused…

Read more →

AI, Data Breaches, Exploits, Global Security News, Risk Management

Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack

SAN FRANCISCO — Mandiant is responding to a major, ongoing supply-chain attack involving the compromise of Trivy, a widely used open-source tool from Aqua Security that’s designed to find vulnerabilities and misconfigurations in code repositories. The fallout from the attack spree, which was first detected March 19, is extensive and poses substantial risk for follow-on…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management, Russia

Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty

The Federal Communications Commission’s move to ban foreign-made routers touches on a real threat, but critics say the agency rule is overly broad, practically unworkable and doesn’t meaningfully address weaknesses in router security that have led to major breaches on American governments and businesses. Under the Secure Equipment Act and Secure Networks Act, the FCC…

Read more →

AI, Apps, Cybersecurity, Europe, Exploits, Global Security News, Network Security

Exclusive Networks Launches Ignition in North America

Exclusive Networks is expanding its incubation model for emerging cybersecurity vendors into North America, aiming to give MSPs and solution providers earlier access to next-generation, AI-driven technologies while accelerating vendor go-to-market timelines. Exclusive Networks launches Ignition in North America at RSA Conference Exclusive Networks this week announced the North American debut of its “Ignition” program,…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Barracuda Adds to Cybersecurity Platform & Partner Program

Barracuda Networks has announced advancements to its BarracudaONE cybersecurity platform and its Barracuda Partner Success Program. Accelerating innovation to boost cyber resilience The cybersecurity company is strengthening resilience across email, network access, and generative AI usage with the BarracudaONE updates. The platform delivers cyber resilience for MSPs and their customers through an open ecosystem. Among…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Russia

Russian access broker sentenced to over 6 years in prison for ransomware schemes

A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other…

Read more →

AI, Exploits, Global Security News

Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)

Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active session tokens from the memory of affected devices. Anil Shetty, senior VP of Engineering with Cloud Software Group (Citrix’s parent company), stated on Saturday that Cloud Software Group “is not aware of…

Read more →

AI, Compliance, Endpoint, Exploits, Global Security News, Government & Policy, Risk Management

HP launches TPM Guard to help defeat physical TPM attacks

The Trusted Platform Module (TPM), developed by the Trusted Computing Group (TCG), is a mandatory security component in any computer running Windows 11. It stores sensitive information such as encryption keys in a separate, secure chip, passing it to the CPU as required. However, there’s a problem. If an attacker can get physical access to…

Read more →

AI, Compliance, Endpoint, Exploits, Global Security News, Government & Policy, Risk Management

HP launches TPM Guard to help defeat physical TPM attacks

The Trusted Platform Module (TPM), developed by the Trusted Computing Group (TCG), is a mandatory security component in any computer running Windows 11. It stores sensitive information such as encryption keys in a separate, secure chip, passing it to the CPU as required. However, there’s a problem. If an attacker can get physical access to…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Novee introduces autonomous AI red teaming to hunt LLM vulnerabilities

Novee today introduced AI Red Teaming for LLM Applications for its AI penetration testing platform, designed to uncover security vulnerabilities in LLM-powered applications before attackers can exploit them. Enterprises are deploying AI-enabled software, from customer-facing chatbots to internal copilots and autonomous agents, and security teams are now facing a new class of risks, including prompt…

Read more →

Exploits, Global Security News, Risk Management

Detectify uncovers hidden assets and risks across entire IP ranges

Detectify has launched IP Range Scanning, enabling continuous discovery and monitoring of entire IP address blocks to help security teams identify forgotten assets and hidden risks before attackers exploit them. Many organizations are sitting on forgotten IP addresses that have become entry points for cyberattacks. While millions have been spent securing public-facing websites, legacy tools…

Read more →

AI, Exploits, Global Security News

Citrix NetScaler critical flaw could leak data, update now

Citrix warns of a critical NetScaler flaw (CVE-2026-3055) that could leak sensitive data; users are urged to apply security updates immediately. Citrix issued security updates for two NetScaler vulnerabilities, including a critical memory overread, tracked as CVE-2026-3055 (CVSS score of 9.3), that allows unauthenticated attackers to leak sensitive data. The flaw CVE-2026-3055 is an insufficient…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Vulnerabilities from years ago still opening doors for attackers

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined rapid weaponization with long-term exposure spanning infrastructure, identity systems, and user workflows. Top-targeted vulnerabilities show…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Microsoft details AI prompt abuse techniques targeting AI assistants

Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in safety instructions. Prompt injection is also recognized as one of the top risks in the 2025 OWASP guidance for LLM applications. “Detecting abuse is challenging because it exploits natural language, such…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Russia

81-month sentence for Russian hacker behind major ransomware campaigns

U.S. sentences Russian hacker Aleksei Volkov to 81 months in prison for aiding ransomware attacks, causing over $9M in damages. A U.S. court sentenced Aleksei Olegovich Volkov to 81 months in prison for supporting ransomware groups like Yanluowang. He helped carry out dozens of attacks, causing over $9M in losses. Arrested in Italy in 2024…

Read more →

AI, china, Exploits, Global Security News, malware, Network Security, Politics, Risk Management

Caught in the Iranian War crossfire: Big Tech, Microsoft and Windows

Iran’s most potent weapon in the war with the United States is pretty clear: attack the world’s oil and gas infrastructure by closing off access to the Strait of Hormuz. But Big Oil isn’t the only industry Iran is aiming for — it’s also attacking Big Tech. And that includes Microsoft, which is directly in…

Read more →

AI, Exploits, Global Security News

Attackers are handing off access in 22 seconds, Mandiant finds

Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 hours of incident response work conducted in 2025. The data shows attackers speeding up their internal hand-offs, shifting away from email phishing, and targeting backup and virtualization infrastructure with greater…

Read more →