Geek-Guy.com

Category: Global Security News

Cybersecurity, Global Security News

6 Best IoT Connectivity Distributors for System Integrators

Want the best IoT connectivity distributors for system integrators? Read on. Choosing an IoT SIM distributor can make—or break—your deployment. Pick well and every sensor stays online; pick poorly and field devices rack up fees or fall silent. After stress-testing 12 globally active distributors between 2023 and 2026, interviewing integration engineers, and scoring each vendor…

Read more →

AI, Exploits, Global Security News

Microsoft breaks Patch Tuesday record with 206 vulnerabilities

Microsoft addressed a whopping 206 vulnerabilities lurking in its vast portfolio of business products and foundational systems in this month’s Patch Tuesday update, marking the vendor’s largest monthly batch of security patches on record, according to researchers. The massive assortment of vulnerabilities in Microsoft’s latest defect dump accentuates an alarming trend across technology — fears…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Anthropic releases Mythos-class Fable 5 model with safeguards for cyber risks

Anthropic unveiled two new powerful AI models built on its previously restricted Mythos architecture: Claude Fable 5, which is being made broadly available, and Claude Mythos 5, which remains limited to a small group of cybersecurity and infrastructure partners. Anthropic describes Fable 5 as the most capable model it has ever released to the public,…

Read more →

AI, Apps, Compliance, Europe, Global Security News, Government & Policy

Nextcloud adds Euro-Office to Hub workplace suite, expands AI assistant

MUNICH — Nextcloud has integrated Euro-Office into its workplace application suite, one of several updates to Nextcloud Hub unveiled on Tuesday that include a new compliance app for large organizations and a program to support developers building for its platform. The announcements came during the company’s Nextcloud Summit 2026 here. Euro-Office, announced in March, is…

Read more →

AI, Endpoint, Exploits, Global Security News, Risk Management

CVE-2026-11645: Chrome Zero-Day Vulnerability Exploited in the Wild

Google has released emergency Chrome updates to address a Chrome zero-day vulnerability, a high-severity out-of-bounds read/write issue in the V8 JavaScript engine. Google says an exploit exists in the wild, and the patched Stable builds are rolling out as 149.0.7827.102.103 for Windows and Mac and 149.0.7827.102 for Linux. Public reporting says the flaw can be…

Read more →

AI, Exploits, Global Security News, Risk Management

CVE-2026-50751: Check Point VPN Authentication Bypass Exploited in Targeted Attacks

Organizations continue to face elevated risk from edge-device flaws that can hand attackers an initial foothold without valid credentials. CVE-2026-50751 is a critical authentication bypass issue in Check Point VPN Remote Access and Mobile Access that allows a remote, unauthenticated attacker to establish a VPN session without a valid user password. According to public reporting,…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Network Security

Microsoft June 2026 Patch Tuesday, (Tue, Jun 9th)

Microsoft today released patches for 204 vulnerabilities. 38 of these vulnerabilities are considered critical, and three have been disclosed before today. Six of the vulnerabilities affect Microsoft cloud solutions and do not require any user action. In addition, Microsoft incorporated 360 different vulnerabilities affecting Chromium into its Edge browser. This is certainly a busier-than-usual patch…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Rubrik Brings Claude-Focused Tooling, Partner Program to Market

Rubrik, a security and AI operations company, has announced a new partner program and enhancements to bolster AI resilience and recovery. Rubrik Agent Cloud for Anthropic’s Claude Code and Claude Cowork will enable organizations to deploy Claude-powered agents at scale with observability, control, and agent rewind. Rubrik’s new cross-platform Rubrik AI automates and accelerates response…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Anthropic’s new model is Mythos on a leash

Earlier this year, Anthropic executives said that their new AI model, Claude Mythos, had such powerful capabilities for harm that they would not release it publicly. On Tuesday, the company said it was making an altered version of Mythos available to the public, promising “new guardrails” that thwart the model’s best-in-class performance in hacking and…

Read more →

AI, Exploits, Global Security News, Network Security

Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers

Veeam addressed a critical RCE vulnerability flaw in Backup & Replication that lets low-privileged domain users take control of backup servers. Veeam has patched a critical remote code execution vulnerability, tracked as CVE-2026-44963 (CVSS v4 Score of 9.4), affecting Backup & Replication version 12.x. The flaw could allow a low-privileged domain user to execute code on…

Read more →

AI, Global Security News

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code. “Our priority is to protect customers and the broader ecosystem,” a Microsoft spokesperson told The Hacker News via email.…

Read more →

AI, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Risk Management

CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector

The Cybersecurity and Infrastructure Agency wants to fundamentally reevaluate how it prioritizes risks and vulnerabilities, both for privately-owned critical infrastructure and within the federal government, acting director Nick Andersen said Tuesday. The plans include a binding operational directive for federal agencies set to be published Wednesday and getting more specific with critical infrastructure owners and…

Read more →

AI, Data Breaches, Global Security News, malware

Miasma Worm Compromises 73 Microsoft GitHub Repositories

The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family…

Read more →

AI, Data Breaches, Global Security News, Government & Policy

French government messaging platform breached through account hijacking

French authorities are investigating a compromise of Tchap, the government’s secure messaging platform, after hackers hijacked a user account and gained access to public chat rooms. Tchap is the French government’s messaging platform for civil servants, ministries, and public agencies. Built on the open-source Matrix protocol, it was developed to keep government communications on infrastructure…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Cisco customers encounter another SD-WAN zero-day under attack

Cisco customers are confronting yet another actively exploited zero-day vulnerability affecting the vendor’s SD-WAN management software, reinforcing pressure on organizations that have experienced rare breaks from active threats this year. The vulnerability — CVE-2026-20245 — marks the seventh actively exploited zero-day in Cisco SD-WANs this year. Cisco said it first became aware of active exploitation…

Read more →

AI, Global Security News

Elastic brings AI-driven incident investigation to Kubernetes and observability tools

Elastic has introduced an agentic Kubernetes investigation workflow and MCP-based observability skills that diagnose incidents the moment an alert fires. By the time an SRE opens the alert, the root cause has already been identified, evidence has been assembled, and recommended next steps have been surfaced. For teams running Kubernetes at scale, the gap between…

Read more →

AI, Global Security News

Filigran launches XTM One to automate CTEM with AI agents

Filigran has announced XTM One, an AI-native agentic layer that automates Continuous Threat Exposure Management (CTEM) workflows across the Filigran XTM Platform. XTM One introduces a dedicated AI orchestration layer that connects OpenCTI and OpenAEV into a single, continuous workflow. Security teams move manually between tools, ingesting threat intelligence in one system, building attack scenarios…

Read more →

AI, Cybersecurity, Global Security News

Rockwell Automation adds AI-powered security tools to SecureOT Suite

Rockwell Automation has announced the launch of three enhanced offerings within the SecureOT solution suite: OT Cybersecurity Assessment Suite, SecureOT Platform Managed Services and Managed Secure Remote Access (MSRA). Facing an increasing volume of alerts and limited visibility into operational technology (OT) assets, cybersecurity teams are under pressure to detect and respond quickly. SecureOT’s industrial…

Read more →

AI, Global Security News

FlexPoint Intros AI Agents to Automate MSP Invoicing

FlexPoint has launched a new suite of AI-powered accounts receivable (AR) agents designed specifically for managed service providers (MSPs) to automate collections, payment follow-up, and other financial workflows that traditionally require hours of manual work each month. The company says its new AR Agents automate the entire invoice-to-cash lifecycle, bringing autonomous AI capabilities to an…

Read more →

AI, Exploits, Global Security News, Russia

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw…

Read more →

AI, Apps, Exploits, Global Security News, Network Security, Risk Management

Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol

Check Point has issued emergency hotfixes for a pair of vulnerabilities affecting VPN deployments that still use the deprecated Internet Key Exchange version 1 (IKEv1) protocol, warning that one of the flaws is already being exploited in the wild. The more serious issue allows attackers to establish VPN sessions without a valid password, potentially giving…

Read more →

AI, Global Security News, Network Security

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted…

Read more →

Exploits, Global Security News

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now

Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome’s JavaScript and WebAssembly engine. “Out-of-bounds read and write in V8 in Google Chrome prior to…

Read more →

AI, Cybersecurity, Exploits, Global Security News

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is an open-source library that provides a unified interface for calling many different large language…

Read more →

AI, Global Security News, Network Security

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to

Read more →

AI, Exploits, Global Security News

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)

Google has fixed 74 vulnerabilities in Chrome, including a high-severity zero-day (CVE-2026-11645) that has been exploited in the wild. “Google is aware that an exploit for CVE-2026-11645 exists in the wild,” the company said in a Monday security advisory. The fix has been shipped in Chrome 149.0.7827.102/.103 for Windows and macOS and Chrome 149.0.7827.102 for…

Read more →

Data Breaches, Global Security News

Apple Intelligence can now replace weak passwords without user intervention

Apple’s next generation of Apple Intelligence, the company’s personal intelligence system, expands its capabilities and introduces new security features in Passwords. Automatically Fix Passwords (Source: Apple) Introduced as a standalone app in 2024, Passwords gives users a central place to store and access passwords, passkeys, Wi-Fi credentials, and verification codes. It alerts users when a…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, malware

Security shifts to the human layer as AI scams surge

Cybercriminals are increasingly reshaping familiar social-engineering campaigns around the way employees use AI, with separate advisories from Microsoft and Google documenting how attackers are adapting scams to AI-powered tools, trusted digital services, and changing workplace behavior. Microsoft Threat Intelligence, in its advisory, said threat actors are “leveraging the wider global interest around AI itself as…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy

Filigran Debuts XTM One to Automate Threat Exposure Management

Cybersecurity company Filigran has unveiled XTM One, an AI-native agentic layer that automates Continuous Threat Exposure Management (CTEM) workflows across the Filigran XTM Platform.  XTM One automates CTEM handoffs According to Filigran, XTM One was built to address the bottleneck of security teams having to manually move between their tools, particularly when ingesting threat intelligence…

Read more →

AI, Compliance, Cybersecurity, Data Security, Endpoint, Global Security News, malware, Network Security, Risk Management

Protecting 50,000 Users: How ANY.RUN Drives Incident Prevention at UMass Boston

Securing a university means defending a highly open environment, where thousands of users, devices, and external connections create constant exposure to risk. We had a unique opportunity to get an inside look at how these operations are run at a powerhouse R1 institution, the University of Massachusetts Boston.    We sat down with Daniel Mayer, Endpoint…

Read more →

AI, Apps, Cybersecurity, Global Security News, Network Security, Risk Management

NetRise Builds New Partner Program for MSSPs, VARs, More

Security company NetRise is abandoning the go-it-alone strategy in its war against hidden software vulnerabilities. The Austin, Texas-based software supply chain security specialist announced the rollout of its new Discovery Partner Program today.  NetRise bets on the channel to scale software risk management The initiative is a deliberate shift toward a partner-first business model, aiming…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Mythos Preview can weaponize N-day vulnerabilities in hours

Mythos Preview can develop working exploits from newly disclosed software vulnerabilities in hours, cutting down a process that has historically taken days or weeks, according to Anthropic. Anthropic’s recent cybersecurity research has largely focused on zero-days, vulnerabilities unknown to software vendors. The new study examines N-days, vulnerabilities that have already been disclosed and patched but…

Read more →

AI, Global Security News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. “The compromised releases shipped a *-setup.pth file that attempts to…

Read more →

AI, APAC, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security

AI worm prototype shows attackers don’t need Mythos to take over your network

Researchers from the University of Toronto developed a computer worm prototype powered by an AI agent that successfully self-replicated to different systems within a simulated computer network. The worm used a free large language model (LLM) running on local hardware and exploited a combination of older and new vulnerabilities, as well as misconfigurations that remain…

Read more →