Geek-Guy.com

Category: malware

Stay ahead of cyber threats with the latest malware news, ransomware alerts, and virus analysis. Geek-Guy tracks emerging infections and removal trends.

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security

Can Zero Trust survive the AI era?

For the past decade, cybersecurity experts in the federal government have argued that trust, or a lack of it, was key to developing effective security policies for agency systems and data. But today, cybercriminals and state-sponsored hackers are using artificial intelligence to develop and launch cyberattacks more quickly and efficiently. Governments and businesses are facing…

Read more →

Cybersecurity, Global Security News, malware

Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers

Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate program called Cobra DocGuard. “Speagle is designed to surreptitiously harvest sensitive information from infected computers and transmit it to a Cobra DocGuard server that has been compromised by the attackers, masking the data exfiltration process as legitimate

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared

One of the world’s most active ransomware groups, Interlock, started exploiting a critical-rated Cisco firewall vulnerability as a zero day weeks before it was patched in early March, Amazon has revealed. The vulnerability in question is CVE-2026-20131, a remotely exploitable deserialization flaw in Cisco Secure Firewall Management Center (FMC) Software which was given a maximum…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware

News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks

AUSTIN, Texas, Mar. 19, 2026, CyberNewswire—SpyCloud, the leader in identity threat protection, today released its annual 2026 Identity Exposure Report, one of the most comprehensive analyses of stolen credentials and identity exposure data circulating in the criminal underground and highlighting a sharp expansion in non-human identity (NHI) exposure. Last year, SpyCloud saw a 23% increase…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score…

Read more →

AI, APAC, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

9 Best Next-Generation Firewall (NGFW) Solutions in 2026

This guide is for IT leaders, network administrators, and security teams evaluating next-generation firewalls (NGFWs), and it covers how they work, key features, and what to look for in 2026 solutions.  NGFWs have evolved beyond traditional firewalls to deliver deep packet inspection, application awareness, and integrated threat prevention, helping organizations defend against increasingly sophisticated attacks.…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management

Top 25 Cybersecurity Companies in 2026

This guide is for IT leaders, security professionals, and decision-makers looking to explore leading cybersecurity companies in 2026 and evaluate vendors across key areas of modern security. Cybersecurity has become one of the most critical priorities for organizations operating in today’s world.  As businesses adopt cloud computing, remote work, artificial intelligence (AI), and increasingly complex…

Read more →

AI, Global Security News, malware, Risk Management

Flare Foretrace helps employees detect and fix identity risks to strengthen enterprise security

Flare has unveiled the general availability of Foretrace, a new business-to-business-to-employee (B2B2E) product that delivers enterprise-grade identity protection directly to employees. Built on the same threat intelligence infrastructure used by security teams to defend their organizations, Foretrace allows individuals to monitor and remediate their personal digital identity exposures. The spread of infostealer malware and the…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia

DarkSword emerges as powerful iOS exploit tool in global attacks

DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit called DarkSword that has been used since late 2025 by multiple threat actors, including surveillance vendors and likely nation-state actors. The toolkit enables…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Risk Management

Ready for macOS Threats: Expanding Your SOC’s Cross-Platform Analysis with ANY.RUN 

Enterprise security teams are no longer defending a single-platform environment. They are expected to investigate threats across multiple platforms every day, often under constant pressure to move faster and make the right call early. When analysis workflows are split across different tools and environments, triage slows down, investigations take longer, and business risks grow.  To help SOC and MSSP teams handle cross-platform threats…

Read more →

AI, Apps, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management

5 Best Rootkit Scanners and Removers: Anti-Rootkit Tools in 2026

This guide is for IT professionals, security teams, and everyday users who want to detect and remove stealthy rootkit malware, and it covers the best rootkit scanners and removal tools available today.  Rootkits are particularly dangerous because they embed deep within an operating system, allowing attackers to hide malicious activity and maintain persistent access without…

Read more →

AI, Cybersecurity, Global Security News, malware

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have disclosed a new Android malware family called Perseus that’s being actively distributed in the wild with an aim to conduct device takeover (DTO) and financial fraud. Perseus is built upon the foundations of Cerberus and Phoenix, at the same time evolving into a “more flexible and capable platform” for compromising Android devices…

Read more →

AI, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Risk Management

Iran war set to hit global IT spending, IDC warns

The conflict in the Middle East threatens to weigh heavily on the global economy, with soaring oil prices expected to dampen GDP growth and prompt businesses and consumers to reduce technology spending, according to analysts at IDC. The key question – and one with few answers – is how long the fighting will continue.  The…

Read more →

AI, Apps, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Top 8 Endpoint Detection & Response (EDR) Solutions in 2026

This guide is for IT and security teams evaluating the best endpoint detection and response (EDR) solutions in 2026, covering top platforms and the features that matter most for threat detection and response.  EDR tools play a critical role in identifying and stopping threats at the device level by continuously monitoring endpoint activity and enabling…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Network Security, Risk Management

6 Best Digital Forensics Tools Used in 2026

This guide is for security professionals, IT teams, and investigators evaluating the best digital forensics tools in 2026, covering top platforms and how they support modern investigations.  As cyber incidents, insider threats, and legal disputes become more complex, organizations need reliable tools to collect, analyze, and preserve digital evidence across endpoints, networks, and cloud environments.…

Read more →

AI, Exploits, Global Security News, malware, Risk Management

Are you ready for shape-shifting apps?

With a 60% surge in App Store submissions as developers embrace vibe coding and AI-assisted development tools, Apple’s App Store team has identified an emerging security challenge: what happens when an app you download later evolves into something fundamentally different — without Apple having a chance to review those changes.  Vibe coding the new attack surface…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, malware, Network Security

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls

Amazon threat intelligence has identified an active Interlock ransomware campaign exploiting CVE-2026-20131, a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device, which was disclosed by Cisco on March 4, 2026. After Cisco’s disclosure, Amazon threat…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Exploits, Funding, Global Security News, malware, Network Security, Risk Management, Venture

Meet the 2026 Cybersecurity Startups Beating Hackers at Their Own Game

Cyber threats are advancing fast in 2026… and startups are leading the charge to stop them. Startups are racing to counter new threats like AI-powered phishing, deepfake fraud, ransomware-as-a-service, and supply-chain attacks. At the same time, venture capital is returning to cybersecurity, AI is reshaping both offense and defense, and regulators are raising the bar…

Read more →

AI, Cybersecurity, Global Security News, malware, Network Security, privacy, Risk Management

Free Antivirus Software Face-Off: Which One Protects Best?

Free antivirus software isn’t what it used to be. It’s better. In 2025, some of the most respected names in cybersecurity are offering powerful tools at no cost. If you’re looking for solid protection without opening your wallet, you’re in the right place. I tested and reviewed the top free antivirus products available today, focusing…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Top 6 Network Access Control (NAC) Solutions in 2026

This guide is for IT leaders and security teams evaluating the best network access control (NAC) solutions in 2026, highlighting top platforms and what they do best. Choosing the right NAC tool is critical for securing modern networks, managing device access, and maintaining compliance across increasingly complex environments. Below, we break down six leading solutions—each…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

How to Reduce MTTR in Your SOC with Better Threat Intelligence

MTTR is where strategy meets reality. In security operations, it is the margin between a contained incident and a catastrophic breach.  You can have perfect detection coverage, cutting-edge telemetry, and a wall of dashboards glowing like a spaceship cockpit. But if your team takes too long to respond, the attacker still wins the clock. Reducing Mean Time to Respond is not about shaving seconds for vanity metrics. It is about compressing the window in which damage happens. And the fastest way to do that is not more alerts, but better intelligence.  Key Takeaways  MTTR is…

Read more →

AI, Exploits, Global Security News, malware

ClickFix treibt neue Infostealer-Kampagnen an

ClickFix-Kampagnen werden immer raffinierter und zielen verstärkt auf WordPress-Webseiten. Gorodenkoff | shutterstock.com Cyberkriminelle kombinieren kompromittierte Websites mit immer raffinierteren Social-Engineering-Köder-Methoden, um neue Infostealer-Malware zu verbreiten. Bekannt ist das Ganze unter dem Namen ClickFix – und zudem effektiv: In einer einzigen Kampagne wurden über 250 WordPress-Websites in zwölf Ländern infiziert. Während diese Kampagne zu unauffälligen, im…

Read more →

AI, Cybersecurity, Global Security News, malware, Network Security, privacy

Surfshark vs NordVPN (2026): Which VPN Wins? Full Breakdown

This guide is for anyone comparing Surfshark vs. NordVPN in 2026, breaking down their features, performance, pricing, and real-world use cases to help you choose the right VPN. On paper, Surfshark and NordVPN look almost identical, offering fast speeds, airtight security, and worldwide streaming access. But when I tested them, the results revealed a clear…

Read more →

AI, Exploits, Global Security News, malware, Risk Management

RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to 15,000 daily exploitation attempts in a more focused and strategic campaign, Bitsight reported. “We gathered all these exploit attempts (identifiable by indicators like the User-Agent and…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Global Security News, malware, Network Security, Risk Management, Venture

Every significant B2B company is becoming a security company

Every platform giant is becoming a security company. As every enterprise is becoming more and more tech-enabled, the responsibility for protecting data, identities, and infrastructure starts to fall on the platforms where that work happens. Over the past several years, I have come to a simple realization: that every platform vendor eventually becomes a security…

Read more →

AI, china, Endpoint, Global Security News, malware, Network Security

CL-STA-1087 targets military capabilities since 2020

China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted Southeast Asian military organizations since at least 2020, using AppleChris and MemFun malware. “The activity demonstrated strategic operational patience and a focus on highly targeted intelligence collection, rather than bulk…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security

AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch

AWS’ promise of “complete isolation” for agentic AI workflows on Bedrock is facing scrutiny after researchers found its sandbox mode isn’t as sealed as advertised. In a recent disclosure, BeyondTrust detailed how the “Sandbox” mode in AWS Bedrock AgentCore’s Code Interpreter can be abused to break isolation boundaries using DNS queries. While the sandbox blocks…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Lazarus, AI, and Trust Abuse: Top Enterprise Cybersecurity Risks 2026 

As part of a recent live expert panel, ANY.RUN together with threat researcher and ethical hacker Mauro Eldritch explored biggest security risks companies should be prepared for in 2026.  The discussion covered several relevant cases, from the Lazarus IT Workers operation to the rapid rise of AI-driven phishing attacks, and examined the common thread behind them: trust abuse.  Below are the key takeaways for those seeking a clearer view of…

Read more →

AI, Apps, Exploits, Global Security News, malware

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

ClickFix campaigns are evolving, with attackers increasingly targeting macOS users and deploying more advanced infostealers, according to Sophos researchers. ClickFix is a growing social engineering technique that tricks users into manually executing malicious commands, bypassing traditional protections. Once mainly targeting Windows, it is now increasingly affecting macOS, with recent campaigns deploying infostealers like AMOS and…

Read more →

AI, Data Breaches, Global Security News, malware

Attack on Stryker’s Microsoft environment wiped employee devices without malware

The recent cyberattack on Stryker wiped tens of thousands of employee devices through its Microsoft environment, and systems are still offline. A recent cyberattack on medical technology giant Stryker targeted its internal Microsoft environment and remotely wiped tens of thousands of employee devices without using malware. The company confirmed that its medical devices were not…

Read more →

AI, Global Security News, malware, Russia

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

Russia-linked threat actors target Ukrainian entities with DRILLAPP backdoor and use Edge debugging for stealth. A new DRILLAPP backdoor campaign targets Ukrainian organizations, abusing Microsoft Edge debugging to evade detection. Observed in February 2026, it shows links to previous Russian-aligned operations by Laundry Bear APT group (aka UAC-0190, Void Blizzard) using the PLUGGYAPE malware family…

Read more →

AI, Global Security News, malware

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. “The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,”…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Microsoft Issues Hotpatch for Windows 11 RRAS RCE Bugs

Microsoft has issued an out-of-band security update to address several critical vulnerabilities in Windows 11 that could allow attackers to execute malicious code through the system’s remote access management tools.  The patch targets flaws in the Windows Routing and Remote Access Service (RRAS) and is being delivered as a hotpatch, allowing systems to receive the…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia

Former Germany’s foreign intelligence VP hit in Signal account takeover campaign

Former BND VP Arndt Freytag von Loringhoven was targeted in a Signal cyberattack, part of a wave hitting officials and politicians in Germany. A cyberattack targeting Signal and WhatsApp users has hit high-ranking German officials, including former BND Vice President Arndt Freytag von Loringhoven. The official reported being contacted by someone posing as Signal support…

Read more →

AI, Exploits, Global Security News, malware, Network Security

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are abusing extension dependency relationships in the Open VSX registry to indirectly deliver malware in a new phase of the GlassWorm supply-chain campaign. Researchers at Socket said they have identified at least 72 additional malicious Open VSX extensions linked to the campaign since January 31, 2026. The extensions appear to target developers by…

Read more →

AI, Compliance, Cybersecurity, Europe, Global Security News, malware

ANY.RUN at RootedCON 2026: Meeting Security Teams and Showcasing New Capabilities 

From March 5 to March 7, the ANY.RUN team attended RootedCON 2026 in Madrid and showcase some of our latest capabilities developed for modern SOC environments at the conference expo.  The event provided a great opportunity to meet our existing clients and connect with security teams exploring advanced threat detection solutions.  Meeting the Community and Partners  RootedCON is one of the largest cybersecurity conferences in Europe, bringing together thousands of security researchers, SOC…

Read more →

AI, Apps, Global Security News, malware, privacy, Risk Management

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Android 17 will block non-accessibility apps from using the Accessibility API under Advanced Protection Mode to reduce malware abuse. Android 17 introduces a new security feature in Advanced Protection Mode (AAPM) that blocks apps without accessibility functions from accessing the Accessibility API. The change, first reported by Android Authority and included in Android 17 Beta…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security

The ransomware economy is shifting toward straight-up data extortion

Ransomware remains a scourge that shows some signs of relenting, but incident responders and threat hunters are busier than ever as more financially-motivated attackers lean exclusively on data theft for extortion. Attacks that only involve data theft for extortion may not be more prevalent than traditional ransomware when attackers encrypt systems, but momentum is moving…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

Washington is right: Cybercrime is organized crime. Now we need to shut down the business model

The recently released executive order targeting cybercrime, fraud, and predatory schemes uses language the federal government has often avoided. Now, for the first time, the Trump administration is echoing what the cybersecurity industry has been shouting for years: cyber-enabled fraud is a product of transnational organized crime. That distinction matters because organized crime requires an…

Read more →

AI, Global Security News, malware, Russia

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo’s LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear (aka UAC-0190 or Void Blizzard)…

Read more →

AI, Global Security News, malware, Network Security

45,000 malicious IP addresses taken down, 94 suspects arrested

An international law enforcement operation has taken down more than 45,000 malicious IP addresses and servers linked to phishing, malware, and ransomware activity. The action was carried out as part of Operation Synergia III, an investigation that ran from July 18, 2025 to January 31, 2026. According to INTERPOL, the operation resulted in 94 arrests,…

Read more →

AI, Exploits, Global Security News, malware, Russia

ClickFix techniques evolve in new infostealer campaigns

Cybercriminals are combining compromised websites with increasingly sophisticated ClickFix social engineering lures to deliver new infostealer malware, with one campaign alone weaponizing more than 250 WordPress sites across 12 countries. The campaign leads to stealthy in-memory payloads, while a separate attack detected by Microsoft targets Windows Terminal for payload execution instead of the traditional Run…

Read more →

AI, Exploits, Global Security News, malware, Russia

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript  ClipXDaemon: Autonomous X11 Clipboard Hijacker Delivered via Bincrypter-Based Loader New A0Backdoor Linked to…

Read more →

AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, malware, Network Security, Russia

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate…

Read more →

AI, Cybersecurity, Global Security News, malware

Week in review: AiTM phishing kit used to hijack AWS accounts, year-long malware campaign targets HR

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Turning expertise into opportunity for women in cybersecurity Speaker diversity in cybersecurity has been a talking point for over a decade, with panels, pledges, and dedicated conference tracks failing to produce change. Stages still skew heavily male, even as women…

Read more →

AI, Global Security News, malware

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins

Attackers linked to Storm-2561 use SEO-poisoned search results to lure users to fake Ivanti, Cisco, and Fortinet VPN sites that steal corporate login credentials. In mid-January 2026, Microsoft Defender Experts uncovered a credential-theft campaign attributed to Storm-2561. Threat actor is spreading fake enterprise VPN clients impersonating Ivanti, Cisco, and Fortinet software. By poisoning search engine…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware, Network Security

Interpol – Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwide

INTERPOL dismantled 45,000 malicious IPs and servers and arrested 94 suspects in a global cybercrime operation. INTERPOL announced a global cybercrime operation (codenamed Operation Synergia III) involving 72 countries that dismantled 45,000 malicious IP addresses and servers linked to phishing, malware, and ransomware. The international law enforcement operation led to 94 arrests, 110 ongoing investigations,…

Read more →

AI, Endpoint, Global Security News, malware

SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)

Introduction This diary describes a Remcos RAT infection that I generated in my lab on Thursday, 2026-03-11. This infection was from the SmartApeSG campaign that used a ClickFix-style fake CAPTCHA page. My previous in-depth diary about a SmartApeSG (ZPHP, HANEYMANEY) was in November 2025, when I saw NetSupport Manager RAT. Since then, I’ve fairly consistently seen…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

AiLock Ransomware Claims England Hockey Data Breach

England Hockey is investigating a potential cyberattack after a ransomware group claimed to have stolen sensitive data from its systems and threatened to publish it online.  The AiLock ransomware gang recently listed the organization on its public data leak site, claiming to have exfiltrated large volumes of internal data as part of the attack. “We…

Read more →

AI, Cybersecurity, Global Security News, malware

WatchGuard CEO on 30 Years and the Future of MSP Security

WatchGuard is marking its 30th year in business, a milestone that CEO Joe Smolarski says highlights both the company’s longevity and the continued importance of the IT channel. In an interview with Channel Insider, Smolarski reflected on WatchGuard’s history working with managed service providers (MSPs), the evolving cybersecurity landscape, and why the vendor plans to…

Read more →

AI, Global Security News, malware, Network Security

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency’s ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effort is part of an international law enforcement operation that involved 72 countries…

Read more →

AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Risk Management

US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet

Authorities in the US and Europe disrupted the SocksEscort proxy service, which used the AVrecon botnet and infected about 360,000 devices since 2020. Law enforcement agencies in the US and Europe have disrupted SocksEscort, a malicious proxy service powered by the AVrecon botnet. Active since 2020, the service hijacked roughly 360,000 devices and allowed cybercriminals…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

AI Risks, Critical Vulnerabilities, and Data Breaches Define This Week in Cybersecurity

Major Threats & Vulnerabilities Critical Software and Platform Flaws A SQL injection flaw in Elementor’s Ally accessibility plugin exposed over 400,000 WordPress sites to potential data theft. The vulnerability stemmed from improper input sanitization, allowing attackers to extract sensitive database information. Administrators should update immediately to the patched version. Microsoft’s March Patch Tuesday addressed a…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Risk Management

CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks

Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug…

Read more →

AI, Global Security News, malware, Network Security, Risk Management

AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns

The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

Microsoft has warned enterprises that cybercriminal group Storm-2561 is hijacking search engine results to serve trojanized VPN clients, stealing corporate credentials, and then covering its tracks before victims suspect anything is wrong. The group pushes spoofed websites to the top of results for queries such as “Pulse VPN download” or “Pulse Secure client,” redirecting users…

Read more →

AI, Global Security News, malware

Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. “SocksEscort infected home and small business internet routers with malware,” the U.S. Department of Justice (DoJ) said. “The malware allowed SocksEscort to direct internet

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Telus Digital hit with massive data breach

Telus Digital, which provides business process outsourcing (BPO) services to a range of organizations worldwide, has been hit with a massive cyberattack conducted by extortion group ShinyHunters The group, which has been in operation since 2020, specializes in stealing data from Salesforce and other SaaS vendors, and has also recently been conducting voice phishing (vishing)…

Read more →

AI, Apps, Cybersecurity, Global Security News, malware

Medical giant Stryker crippled after Iranian hackers remotely wipe computers

A major cyberattack on US medical supplies giant Stryker has resulted in thousands of devices being remotely wiped, after a pro-Iranian hacking group may have compromised the company’s Microsoft Intune management system. Details remain sketchy, but what appears to have happened on Wednesday at one of the world’s largest medical supplies companies could, if confirmed,…

Read more →

AI, Cybersecurity, Global Security News, malware

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem. The malware, which is designed to infect Windows systems and was first discovered last month, has been codenamed VENON by Brazilian

Read more →

AI, Cybersecurity, Global Security News, malware

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by a financially motivated threat actor named Hive0163. “Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat actors can weaponize AI to develop new malware frameworks in a fraction of the time it used…

Read more →

AI, Exploits, Global Security News, malware, Network Security

Authorities takedown global proxy network SocksEscort

Authorities from multiple countries dismantled SocksEscort, a residential proxy network cybercriminals used to commit large-scale fraud, claiming access to about 369,000 IP addresses since 2020, the Justice Department said Thursday. Europol, which aided the investigation alongside various law enforcement agencies, Lumen’s Black Lotus Labs and the Shadowserver Foundation, said the malicious proxy service compromised routers…

Read more →

AI, APAC, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, malware, Network Security, Risk Management

Report: AI Accelerates Attacks on Trusted Identities

A recent report from ConnectWise found that attackers are increasingly exploiting trusted identities, along with remote access infrastructure and software supply chains, while AI continues to accelerate in speed and scale. 2026 MSP Threat Report shows trusted identities and legitimate tools are top targets The research, ConnectWise’s 2026 MSP Threat Report, provides global threat intelligence…

Read more →

AI, Exploits, Global Security News, malware

Apple issues emergency fixes for Coruna flaws in older iOS versions

Apple released iOS 16.7.15 and 15.8.7 updates for older iPhones and iPads to patch vulnerabilities linked to the Coruna exploits. Apple has released security updates for legacy devices, rolling out iOS and iPadOS 16.7.15 and 15.8.7 to address vulnerabilities tied to the recently disclosed Coruna exploits. The patches aim to protect older iPhone and iPad…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Network Security

Iran-Linked Hacktivists Claim Wiper Attack on Stryker Systems

A cyberattack has disrupted global operations at medical technology manufacturer Stryker, forcing employees in multiple countries offline and cutting access to core corporate systems.  The incident, which began March 11, triggered widespread outages across the company’s Microsoft environment and left staff temporarily unable to access internal applications and devices.  “When a company the size of…

Read more →

AI, Global Security News, malware, Network Security

PhantomRaven returns to npm with 88 bad packages

Last year’s “PhantomRaven” supply-chain campaign is back, with security researchers uncovering 88 new malicious packages in what they describe as the second, third, and fourth waves of the operation. According to Endor Labs findings, the newly discovered packages were published between November 2025 and February 2026, with 81 of them still available on npm along…

Read more →

AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management

MicroStealer Analysis: A Fast-Spreading Infostealer with Limited Detection 

Security teams depend on early signals to spot and contain new threats. But what happens when a fully capable infostealer spreads while traditional detections stay limited?  In recent investigations, ANY.RUN researchers observed MicroStealer in 40+ sandbox sessions in less than a month, despite low public visibility. Early activity points to distribution through compromised or impersonated accounts,…

Read more →

AI, Global Security News, malware, Network Security

North Korean fake IT worker tradecraft exposed

Research from GitLab has exposed the latest tradecraft behind North Korean fake IT worker scams. GitLab banned 131 North Korean-attributed accounts last year, most of which involved JavaScript repositories that acted as resources in the so-called Contagious Interview campaign. In most cases, GitLab projects acted as obfuscated loaders for malware payloads — such as BeaverTail…

Read more →

Cybersecurity, Global Security News, malware

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to full-fledged remote administration tools such as SURXRAT. PixRevolution, according to

Read more →

AI, Endpoint, Global Security News, malware

“Zombie ZIP”: Neue Angriffstechnik täuscht Virenscanner

Mithilfe sogenannter Zombie-ZIPs lassen sich fast alle Virenscanner austricksen. Pressmaster | shutterstock.com Eine neue Technik mit dem Namen „Zombie ZIP“ ist in der Lage, Payloads in komprimierten Dateien zu verbergen. Sicherheitslösungen wie Antiviren- und EDR-Produkte (Endpoint Detection and Response) können sie nicht entdecken, denn die digitalen Untoten wurden speziell geschaffen, um die Security zu umgehen.…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Government & Policy, malware, Risk Management

Resumés with malicious ISO attachments are circulating, says Aryaka

Threat actors are still having success tricking human resources staff into opening malware-infected phishing emails. The latest example is detailed by researchers at Aryaka, who this week described a campaign by an unnamed threat actor who is distributing resumés containing a malicious ISO file to HR departments. It’s delivered through recruitment channels, and hosted on…

Read more →

AI, Global Security News, Government & Policy, malware, Network Security

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

Pro-Palestinian hacktivist group Handala claims a cyberattack on Stryker, alleging it wiped 200,000 systems and disrupted global operations. Pro-Palestinian hacktivist group Handala claims responsibility for a disruptive cyberattack against medical technology firm Stryker. “Medical technology giant Stryker is experiencing a global outage across its systems after a cyberattack early Wednesday. Staff and contractors report that…

Read more →

AI, Apps, Global Security News, Government & Policy, malware

BeatBanker malware targets Android users with banking Trojan and crypto miner

BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called BeatBanker spreads through fake Starlink apps distributed on websites posing as the Google Play Store. Once installed, it hijacks devices, steals login credentials, tampers with cryptocurrency transactions, and secretly…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Risk Management

AI-Powered Cybercrime Surges 1,500%, Report Finds

Cybercrime is entering a new phase where machines, not humans, increasingly run the attacks. A new 2026 Global Threat Intelligence Report from Flashpoint suggests that threat actors are rapidly adopting AI-powered automated systems to execute entire cyberattack chains with minimal human input. Threat actors adopt AI tools as cyberattacks become cheaper to automate One of…

Read more →