Geek-Guy.com

Category: Global Security News

AI, Global Security News, Government & Policy, Network Security

Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada

Authorities arrested and unsealed charges against a Canadian man accused of running Kimwolf, one of the most far-reaching DDoS botnets on record, the Justice Department said Thursday. Jacob Butler was arrested Wednesday in Ottawa, Canada, and awaits extradition to the United States where he is charged with aiding and abetting computer intrusions and, if convicted,…

Read more →

AI, china, Endpoint, Exploits, Global Security News, Network Security

Critical vulnerability in Cisco Secure Workload rated at maximum severity

A critical vulnerability in the on-premises version of the Cisco Secure Workload security platform could allow a threat actor to obtain the privileges of a site admin, enabling them to compromise endpoints and read or modify configuration data. “CSOs need to drop what they are doing and patch this immediately,” warned consultant Robert Enderle, who…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware

Microsoft patches two zero-day flaws in Defender

Microsoft released emergency fixes for two zero-day vulnerabilities in the malware protection components of Microsoft Defender. The flaws allow local attackers to gain system-level privileges or cause the anti-malware service to stop working correctly. Both conditions are valuable in a malware attack, first to prevent detection if the system relies only on Microsoft endpoint protection…

Read more →

AI, Apps, Europe, Global Security News, Government & Policy, Network Security

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Unpatched ChromaDB flaw leaves servers open to remote code execution

Researchers have published details about a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and access sensitive data on machines running the open-source vector database. The issue, tracked as CVE-2026-45829, is located in ChromaDB’s API server and was published by researchers at HiddenLayer after reportedly failing to get in contact…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability CVE-2009-1537 Microsoft DirectX NULL…

Read more →

AI, APAC, china, Cybersecurity, Funding, Global Security News, Government & Policy, Network Security, Russia

Lawmakers from both parties say CISA cuts have gone too far

Two cybersecurity-focused members of Congress agreed Thursday that reductions to the Cybersecurity and Infrastructure Security Agency have done too much damage to an agency essential to defending civilian networks against foreign adversaries. Rep. Don Bacon, R-Neb., and Rep. James Walkinshaw, D-Va., spoke during a discussion at the National Cyber Innovation Forum. Despite representing different parties,…

Read more →

AI, Compliance, Global Security News, Network Security, privacy, Risk Management

AWS KY3P report now available for third-party supplier due diligence

We’re excited to announce that Amazon Web Services (AWS) has completed the S&P Global Know Your Third Party (KY3P) assessment of its security posture. This assessment demonstrates our continued commitment to meet the heightened expectations of cloud service providers. Customers can now use the AWS KY3P assessment to reduce their supplier due diligence burden. KY3P,…

Read more →

AI, china, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Russia

Trump postpones executive order focused on AI security 

President Donald Trump said he would postpone the release of an executive order that would set up a 90-day testing and vetting regime for frontier AI models, hours before the White House was set to publicly announce the signing.  Speaking to reporters in the Oval Office Thursday, Trump said he opted to delay the order…

Read more →

AI, Europe, Global Security News, Network Security, privacy, Russia

Global law enforcement operation takes First VPN offline

Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First VPN offline, a service that had become a quiet staple for ransomware crews, data thieves, and other cybercriminals trying to hide in plain sight. “The coordinated…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

CISA chief frets about open-source vulnerabilities, delayed security improvements

Securing some of the open-source technology that serves as the backbone for all modern digital infrastructure is going to require some “hard decisions” amid a wave of malware attacks, the leader of the Cybersecurity and Infrastructure Security Agency said Thursday. “The open-source community is one that I’m particularly worried about when we start to think…

Read more →

AI, china, Compliance, Europe, Funding, Global Security News, Government & Policy, Risk Management, Venture

EU moves forward on $5.8B scale-up fund to keep startups from leaving

The European Union has stepped up efforts to grow its homegrown tech sector and reduce dependence on US firms, advancing plans this week for a €5 billion ($5.8 billion) fund to help startups scale in Europe rather than seek capital or buyers abroad. Analysts welcomed the initiative, but said its success will depend on whether…

Read more →

AI, Global Security News

Microsoft open-sources tools for designing and testing AI agents

Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. The release comes from Microsoft’s AI Red Team, the company’s internal unit that stress-tests its own AI systems, and both tools have been used internally before being open-sourced. RAMPART:…

Read more →

AI, Europe, Global Security News, Network Security, Russia

European authorities take down prolific cybercrime VPN service

European authorities took down a prominent virtual private network service and arrested the alleged administrator behind an operation that cybercriminals used to steal data, commit fraud and ransomware attacks, Europol said Thursday.  First VPN, which was promoted on Russian-speaking cybercrime forums, gained popularity for providing services that allowed users to hide their infrastructure and identities.…

Read more →

AI, Apps, Compliance, Global Security News

Automating identity lifecycle and security with AWS Directory Service APIs

Managing identities and access across complex environments has become more critical than ever. AWS Directory Service for Managed Microsoft Active Directory, also known as AWS Managed Microsoft AD, has added new capabilities to manage users and groups. Now, you can perform create, read, update, and delete (CRUD) operations on users and groups directly through AWS…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

7 Best Attack Surface Management Software in 2026

This guide is for IT leaders and security teams looking to improve visibility into organizational risks and reduce their attack surface in 2026. It covers the best attack surface management (ASM) software and the key features businesses should evaluate when selecting the right solution for proactive threat detection and risk mitigation. Key Points on Attack…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

6 Best Vulnerability Management Software & Systems for 2026

This guide is for IT leaders, security teams, and vulnerability management professionals looking to improve security visibility and remediation across their environments in 2026. It covers the best vulnerability management software and systems, along with the key features organizations should evaluate when selecting the right solution for their security operations. Key Takeaways about the Best…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

2026 Verizon DBIR: The New Era of Cyber Threats 

The 2026 Verizon Data Breach Investigations Report (DBIR) paints a clearer picture of today’s cybersecurity landscape: attackers are moving faster, artificial intelligence is accelerating cybercrime, and organizations continue to struggle with foundational security practices.  Key Takeaways from the 2026 Verizon DBIR Report Vulnerability exploitation (31%) overtook credential abuse (13%) as the top initial access vector…

Read more →

AI, Endpoint, Exploits, Global Security News, Network Security

Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catch than an unpatched system: a patched system where the patch did not actually work because nobody followed all the steps. That is…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least mid-2022. “Showboat is a modular post-exploitation framework designed for Linux systems, capable of spawning a remote shell, transferring files, and functioning as a…

Read more →

AI, Apps, china, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management, Venture

AI, Cybersecurity Education, and the Defense of America’s Digital Border

Artificial intelligence (AI) is reshaping cybersecurity at a pace that is forcing educators, businesses, and governments to rethink workforce development and national defense strategies.  During a recent discussion with cybersecurity entrepreneur and ConnectSecure Chairman, Arnie Bellini, key themes emerged around the evolution of cyber threats, the importance of protecting America’s “digital border,” and the urgent…

Read more →

AI, Endpoint, Exploits, Global Security News, Risk Management

Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests. Cisco released patches for a critical vulnerability, tracked as CVE-2026-20223 (CVSS score of 10.0), in Secure Workload. The flaw stems from insufficient validation and authentication in REST API endpoints. According to Cisco, remote attackers could…

Read more →

AI, Cybersecurity, Global Security News, malware, Risk Management

Your AI Agent Doesn’t Care About Your Controls

This is Part 1 of a 2-part series on AI agents and control assurance.  Read Part 2: Controlling AI Agents: Why Detection Is Too Late The cybersecurity industry has spent years investing in visibility. Dashboards have improved, detection tooling has matured, and the volume of telemetry available to security teams has increased significantly. Most organisations…

Read more →

AI, APAC, Apps, Global Security News

AI Demand Pushes Neoclouds into the Channel Conversation

Neocloud providers are gaining momentum as enterprises look for more GPU capacity to support AI training, fine-tuning, and inference. For MSPs, resellers, and system integrators, that shift could expand the cloud infrastructure conversation beyond hypescalers. As AI workloads push customers to compare every available option, partners have an opportunity to advise on cost, capacity, workload…

Read more →

AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Risk Management

SharePoint On-Prem End of Life: 2026 Migration Guide

With Microsoft ending support for SharePoint Server 2016 and 2019 on July 14, 2026, organizations still running on-premises SharePoint face a shrinking window to modernize aging collaboration environments before security updates, bug fixes, and vendor support disappear. SharePoint 2019 On-Prem lives on, but without Microsoft support For over a decade, local SharePoint deployments have served…

Read more →

AI, Exploits, Global Security News, malware

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)

Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware Protection Engine improperly resolving links before accessing files. “An attacker who successfully exploited this vulnerability…

Read more →

AI, Exploits, Global Security News

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges. “Improper link resolution before file access (‘link following’)…

Read more →

Global Security News

When Identity is the Attack Path

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have…

Read more →

AI, Apps, Global Security News, Risk Management

Microsoft releases open-source tools to operationalize AI agent safety

Microsoft has open-sourced two new tools aimed at bringing AI safety checks much earlier into the agent development lifecycle. The tools, called Rampart and Clarity, were announced this week as part of Microsoft’s broader push to operationalize safety engineering for agentic AI. “We built these tools because we believe that AI safety has to become…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Risk Management

The readiness paradox: Why a false sense of cyber confidence is becoming a liability

There’s this old proverb that’s stuck with me over the years: “Dig the well before you are thirsty.” It really means you should prepare for the crisis before it arrives. In cybersecurity, it’s a mentality that’s long underpinned investment, strategy and board-level conversations. And by many measures, organizations appear to have already ‘dug’ that well.…

Read more →

AI, Global Security News

ASAPP expands adversarial testing for enterprise AI systems

ASAPP has launches Continuous Red Teaming, a new capability that integrates adversarial AI testing directly into ASAPP’s model evaluation framework. The new capability is built on Promptfoo, an AI security platform that helps enterprises detect and address vulnerabilities in AI systems during development. Promptfoo continuously runs automated tests across ASAPP’s AI systems, screening for more…

Read more →

AI, Cybersecurity, Global Security News, Risk Management

Tenable Hexa AI automates remediation across attack surfaces

Tenable has announced the general availability of Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform. Tenable Hexa AI is an advanced agentic AI for cybersecurity solution, equipped with advanced multi-step reasoning and Model Context Protocol (MCP) support, enabling custom agent building and workflows that accelerate risk reduction at machine…

Read more →

Global Security News

Riverbed introduces new Aternity tools for autonomous IT operations

Riverbed has announced new capabilities for Aternity designed to support autonomous IT operations for digital experience management. The updates help digital workplace teams move toward prevention-focused operations through broader visibility, context-aware intelligence, and governance controls that support automated workflows. Organizations are measured by their ability to deliver frictionless digital experiences that keep employees productive and…

Read more →

AI, Global Security News, Network Security

Forward launches Predict to test network changes before deployment

Forward has unveiled Forward Predict, a new capability that allows organizations to evaluate the impact of network changes before deployment. By testing proposed changes against a digital twin of the production network, Forward Predict helps identify potential issues before they reach live environments and supports safer network operations at scale. “When we founded Forward more…

Read more →

AI, Cybersecurity, Global Security News

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several…

Read more →

AI, Global Security News, Risk Management

CTERA brings AI insights and automation for unstructured data

CTERA has announced the launch of CTERA InsightAI, an agentic AI intelligence layer for the CTERA Intelligent Data Platform. The new capability is designed to help enterprises understand, manage, secure, and optimize unstructured data environments. CTERA InsightAI adds AI-driven insights and automation to data operations, expanding traditional data observability capabilities. CTERA InsightAI continuously analyzes enterprise…

Read more →

AI, Apps, Exploits, Global Security News, Network Security

Terra adds continuous network exploitation validation to its platform

Terra Security has announced the public preview of continuous exploitation validation for network infrastructure, now available to all customers through the Terra Platform. The launch expands Terra’s offensive security capabilities from web applications to network infrastructure and extends coverage across three areas: web applications, AI, and network environments. Terra said the update expands its continuous…

Read more →

AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, privacy, Risk Management

AI becoming an SOC imperative for curtailing emerging cyber threats

The cybersecurity profession is on the verge of a sea change, and security pros must begin to master AI tools to combat emerging threats by building more autonomous, real-time protections. Expert panelists at a recent DTX conference session in Manchester, titled “Bot vs Bot: Surviving the Era of Autonomous Cyber Warfare,” highlighted how bringing AI…

Read more →

AI, Global Security News, Network Security, Risk Management

Why AI changed the threat model for travel technology

In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across financial services, hospitality, and travel technology. He discusses why the travel industry’s interconnected ecosystem of identity, payments, loyalty programs, and third-party integrations creates compounding risk, and how…

Read more →

AI, Global Security News

AI red teaming agents change how LLMs get tested

Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source frameworks including Microsoft’s PyRIT, NVIDIA’s Garak, and Promptfoo. The catalog has grown faster than any…

Read more →

Data Breaches, Global Security News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension.  The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its…

Read more →

AI, Exploits, Global Security News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure. The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score of 6.5 out of 10.0, per CVE.org. Drupal said the vulnerability resides in a database…

Read more →