Geek-Guy.com

Category: Network Security

Auto Added by WPeMatico

Top 25 Cybersecurity Companies in 2026

This guide is for IT leaders, security professionals, and decision-makers looking to explore leading cybersecurity companies in 2026 and evaluate vendors across key areas of modern security. Cybersecurity has become one of the most critical priorities for organizations operating in today’s world.  As businesses adopt cloud computing, remote work, artificial intelligence (AI), and increasingly complex…

Top 6 XDR Solutions & Vendors in 2026

This guide is for security leaders, IT administrators, and growing businesses evaluating extended detection and response (XDR) platforms, and it covers the top solutions available today along with key features and buying considerations.  XDR tools provide centralized visibility and threat detection across endpoints, networks, cloud workloads, and email systems, helping organizations respond to increasingly complex…

Telnet vulnerability opens door to remote code execution as root

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have warned. Tracked as CVE-2026-32746, the vulnerability is in GNU inetutils telnetd, is a widely deployed implementation of the Telnet remote access protocol found across legacy…

5 Best Rootkit Scanners and Removers: Anti-Rootkit Tools in 2026

This guide is for IT professionals, security teams, and everyday users who want to detect and remove stealthy rootkit malware, and it covers the best rootkit scanners and removal tools available today.  Rootkits are particularly dangerous because they embed deep within an operating system, allowing attackers to hide malicious activity and maintain persistent access without…

Bot Traffic, Click Farms, and Ad Fraud: The Cyber Threats Marketers Keep Ignoring

Bot traffic and click farms are draining ad budgets worldwide. Discover why ad fraud is a cybersecurity problem and how businesses can fight back. When cybersecurity professionals think about threats, they usually focus on ransomware, phishing, data breaches, and network intrusions. Rarely does ad fraud make the list. Yet this overlooked category of cybercrime is…

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…

Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference

Multi-factor authentication was supposed to be the solution. For years, security teams have told employees that MFA would keep them safe. Password stolen? No problem — attackers still need that second factor. But adversary-in-the-middle (AiTM) phishing has changed everything. These attacks do not try to steal passwords and MFA codes separately. They capture the entire…

Java 26 ships with new cryptography API and HTTP/3 support

Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement Proposals spanning language changes, garbage collection improvements, cryptographic tooling, and network protocol support. PEM encoding API targets cryptographic integration JEP 524 introduces a second preview of a PEM encoding API…

Iran war set to hit global IT spending, IDC warns

The conflict in the Middle East threatens to weigh heavily on the global economy, with soaring oil prices expected to dampen GDP growth and prompt businesses and consumers to reduce technology spending, according to analysts at IDC. The key question – and one with few answers – is how long the fighting will continue.  The…

Anthropic ban heralds new era of supply chain risk — with no clear playbook

The Trump administration’s decision to ban AI company Anthropic from Pentagon assets and other government systems as a “supply chain risk” could force CISOs into a position few have faced before: preparing to identify, isolate, and potentially remove a specific AI technology from across their organizations without a clear understanding of where it resides or…

Top 8 Endpoint Detection & Response (EDR) Solutions in 2026

This guide is for IT and security teams evaluating the best endpoint detection and response (EDR) solutions in 2026, covering top platforms and the features that matter most for threat detection and response.  EDR tools play a critical role in identifying and stopping threats at the device level by continuously monitoring endpoint activity and enabling…

Cisco’s latest vulnerability spree has a more troubling pattern underneath

Cisco customers have confronted a flood of actively exploited vulnerabilities affecting the vendor’s network edge software since late February, and researchers say that five of the nine vulnerabilities Cisco disclosed in its firewalls and SD-WAN systems over the past three weeks have already been exploited in the wild.  Attackers exploited a pair of these defects…

U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ([1, 2]) SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2026-20963 (CVSS score of 8.8) – Microsoft SharePoint Deserialization…

6 Best Digital Forensics Tools Used in 2026

This guide is for security professionals, IT teams, and investigators evaluating the best digital forensics tools in 2026, covering top platforms and how they support modern investigations.  As cyber incidents, insider threats, and legal disputes become more complex, organizations need reliable tools to collect, analyze, and preserve digital evidence across endpoints, networks, and cloud environments.…

U.S. robotics companies want federal help to keep Chinese robots out of America’s networks

Executives at top U.S. robotics companies asked Congress for federal dollars, new legislation and a simpler regulatory field, arguing the support is necessary to adapt to the AI era and compete with their well-oiled, state-funded Chinese competitors. The U.S. robotics sector, estimated at $50 billion in value, includes world famous companies like Boston Dynamics. The…

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls

Amazon threat intelligence has identified an active Interlock ransomware campaign exploiting CVE-2026-20131, a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device, which was disclosed by Cisco on March 4, 2026. After Cisco’s disclosure, Amazon threat…

Meet the 2026 Cybersecurity Startups Beating Hackers at Their Own Game

Cyber threats are advancing fast in 2026… and startups are leading the charge to stop them. Startups are racing to counter new threats like AI-powered phishing, deepfake fraud, ransomware-as-a-service, and supply-chain attacks. At the same time, venture capital is returning to cybersecurity, AI is reshaping both offense and defense, and regulators are raising the bar…

Free Antivirus Software Face-Off: Which One Protects Best?

Free antivirus software isn’t what it used to be. It’s better. In 2025, some of the most respected names in cybersecurity are offering powerful tools at no cost. If you’re looking for solid protection without opening your wallet, you’re in the right place. I tested and reviewed the top free antivirus products available today, focusing…

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as CVE-2026-32746 (CVSS score of 9.8), in GNU InetUtils telnetd that lets unauthenticated remote attackers execute code with elevated privileges. The issue stems from an out-of-bounds write in…

8 Best Application Firewall (WAF) Solutions for 2026

This guide is for IT teams, security professionals, and organizations evaluating the best web application firewall (WAF) solutions in 2026, covering top platforms and how they protect modern applications.  A WAF remains a critical component of a strong application security strategy, helping detect and block attacks that target web apps, APIs, and user data. As…

Protect Your Privacy: Best Secure Messaging Apps in 2026

Think your messages are private? Think again. Someone could be reading them. Someone could be listening to your calls. From public Wi-Fi to fake login pages, attackers have countless ways to slip between you and the person you’re communicating with, without you ever knowing. Without a trusted messaging app, you’re leaving the door wide open.…

Top 7 Full Disk Encryption Software Solutions in 2026

This guide is for IT teams, security leaders, and businesses evaluating the best full disk encryption solutions in 2026, covering how they work and why they matter for protecting sensitive data.  Full disk encryption serves as a critical first line of defense by securing hard drives, external storage, and endpoints against unauthorized access. As cyber…

Corelight’s Agentic Triage turns SOC alerts into evidence-backed investigations

Corelight has introduced a new set of agentic AI capabilities aimed at helping security operations centers (SOCs) cut down on repetitive, time-consuming tasks. The updates are designed to boost analyst efficiency, speed up response times, and build trust through greater transparency. The release includes Agentic Triage to streamline SOC workflows, a new suite of machine…

Top 6 Network Access Control (NAC) Solutions in 2026

This guide is for IT leaders and security teams evaluating the best network access control (NAC) solutions in 2026, highlighting top platforms and what they do best. Choosing the right NAC tool is critical for securing modern networks, managing device access, and maintaining compliance across increasingly complex environments. Below, we break down six leading solutions—each…

VIAVI advances NetSecOps with unified threat forensics and retrospective analysis

VIAVI Solutions has announced its Observer Threat Forensics solution with an advanced retrospective analysis capability. The industry is shifting away from siloed network and security operations teams to a converged NetSecOps structure to close critical gaps in incident responses and strengthen resilience. Designed to increase visibility across operational teams, Observer Threat Forensics helps organizations identify…

How to Reduce MTTR in Your SOC with Better Threat Intelligence

MTTR is where strategy meets reality. In security operations, it is the margin between a contained incident and a catastrophic breach.  You can have perfect detection coverage, cutting-edge telemetry, and a wall of dashboards glowing like a spaceship cockpit. But if your team takes too long to respond, the attacker still wins the clock. Reducing Mean Time to Respond is not about shaving seconds for vanity metrics. It is about compressing the window in which damage happens. And the fastest way to do that is not more alerts, but better intelligence.  Key Takeaways  MTTR is…

Island Enterprise Platform delivers unified control for workspaces and AI

Island has launched the Island Enterprise Platform. This unified enterprise environment extends the security, productivity, and user experience of the Island Enterprise Browser to also include consumer browsers, desktop applications, and networks. The Island Enterprise Platform provides universal policies and permissions to networking, AI enablement, application access, data protection, identity, and productivity services. Context such…

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the…

Cybersecurity and privacy priorities for 2026: The legal risk map

Escalating cybersecurity threats and growing privacy concerns lurk around every corner these days. Evolving technology and mounting regulations continue to present both the perils and solutions. All players — public and private, organizations and individuals alike — are to conquer the next quest in this realm. In the most recent Annual Litigation Trends Survey by…

Tufin introduces AI agents to take on network security work

Tufin is launching a new collection of AI agents designed to take on network security tasks for teams that are already stretched thin. This helps free up scarce expertise to focus on higher-level risks, critical decisions, and defending the enterprise. Enterprise infrastructure is becoming more dynamic, decentralized, and harder to secure. Tufin’s Network Connectivity Graph,…

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU countries and partners. “The Council adopted today restrictive measures against three entities and two individuals responsible for cyber-attacks carried…

Trump administration isn’t pushing companies to conduct cyber offense, national cyber director says

National Cyber Director Sean Cairncross said Tuesday that the Trump administration isn’t aspiring to enlist the private sector to conduct offensive cyber operations, but instead to help the government by keeping them abreast of the threats they’re facing. The recently-released national cyber strategy talks about incentivizing companies to disrupt the networks of adversaries. “I’m not…

Ransomware’s Opening Play: Target Identity First

For years, ransomware attacks followed a familiar script.  Threat actors gained entry through a vulnerable server, a phishing email, or malicious software on an endpoint. Once inside, they moved laterally through the network, then encrypted systems and demanded payment. That playbook has changed. Today’s ransomware operators increasingly target identity infrastructure as their first objective.  Active…

Surfshark vs NordVPN (2026): Which VPN Wins? Full Breakdown

This guide is for anyone comparing Surfshark vs. NordVPN in 2026, breaking down their features, performance, pricing, and real-world use cases to help you choose the right VPN. On paper, Surfshark and NordVPN look almost identical, offering fast speeds, airtight security, and worldwide streaming access. But when I tested them, the results revealed a clear…

6 Open-Source Vulnerability Scanners That Actually Work in 2026

This guide is designed for security professionals and IT teams looking to identify and remediate risks, covering the top open-source vulnerability scanners available today and how to use them effectively. Open-source vulnerability scanners offer a cost-effective way to identify security weaknesses before attackers can exploit them. Backed by transparent codebases and active security communities, these…

Indigo Appoints Ilex Content Strategies as its Marketing and Communications Agency of Record

Indigo Telecom Group, a strategic partner for critical digital infrastructure, has appointed  Ilex Content Strategies, a global B2B marketing and communications agency, as its marketing and communications agency of record. Ilex will support brand and messaging development, account-based marketing, content creation, internal communications, and Borderless PR as Indigo drives global growth.      Indigo serves critical digital infrastructure providers, from…

Every significant B2B company is becoming a security company

Every platform giant is becoming a security company. As every enterprise is becoming more and more tech-enabled, the responsibility for protecting data, identities, and infrastructure starts to fall on the platforms where that work happens. Over the past several years, I have come to a simple realization: that every platform vendor eventually becomes a security…

Blumira Intros EDR and ITDR Solutions, Joins Pax8 Marketplace

Blumira, a security operations platform, is releasing enhanced endpoint detection and response (EDR) and identity threat detection and response (ITDR) capabilities. The company also recently joined the Pax8 Marketplace to deliver enterprise security operations to MSPs. Stopping threats at speed These newly expanded capabilities will enable security teams on Blumira Respond and Automate editions to…

GoTo Launches New LogMeIn Partner Network

Cloud communications and IT organization, GoTo, is launching its new LogMeIn Partner Network, a program that supports IT partners and MSPs with solutions, resources, and enablement opportunities for business growth. GSI and MSP support for a competitive landscape The new partner network is designed to maximize partner success and support technology partners, resellers, Global System…

DH2i Enhances SQL Server Resilience Across Hybrid IT

DH2i has released new versions of its clustering and automation software designed to help enterprises maintain SQL Server uptime while modernizing infrastructure across Linux, Windows, and Kubernetes environments. The company announced the general availability of DxEnterprise v26.0 and DxOperator v2, updates that introduce expanded monitoring, automated quorum enforcement, security improvements, and new automation capabilities for…

Chip wafer shortage will run through 2030 as AI demand overwhelms supply: SK Hynix chief

The global shortage of semiconductor wafers will not ease before the end of the decade, SK Group Chairman Chey Tae-won said, delivering one of the most definitive long-range forecasts yet from the executive of the world’s leading supplier of high-bandwidth memory chips. Speaking to reporters on the sidelines of Nvidia’s GTC Conference in San Jose,…

CL-STA-1087 targets military capabilities since 2020

China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted Southeast Asian military organizations since at least 2020, using AppleChris and MemFun malware. “The activity demonstrated strategic operational patience and a focus on highly targeted intelligence collection, rather than bulk…

System-level ‘coopetition’: Why Nvidia’s DGX Rubin NVL8 runs on Intel Xeon 6

Nvidia has selected Intel’s Xeon 6 processors as the host CPUs for its Nvidia DGX Rubin NVL8 systems. The DGX Rubin NVL8 is part of Nvidia’s next flagship AI system portfolio, designed to help companies accelerate agentic AI adoption. The DGX Rubin NVL8 systems are designed for large-scale AI workloads, combining eight Rubin GPUs with…

AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch

AWS’ promise of “complete isolation” for agentic AI workflows on Bedrock is facing scrutiny after researchers found its sandbox mode isn’t as sealed as advertised. In a recent disclosure, BeyondTrust detailed how the “Sandbox” mode in AWS Bedrock AgentCore’s Code Interpreter can be abused to break isolation boundaries using DNS queries. While the sandbox blocks…

Lazarus, AI, and Trust Abuse: Top Enterprise Cybersecurity Risks 2026 

As part of a recent live expert panel, ANY.RUN together with threat researcher and ethical hacker Mauro Eldritch explored biggest security risks companies should be prepared for in 2026.  The discussion covered several relevant cases, from the Lazarus IT Workers operation to the rapid rise of AI-driven phishing attacks, and examined the common thread behind them: trust abuse.  Below are the key takeaways for those seeking a clearer view of…

Runtime: The new frontier of AI agent security

AI agents are already operating inside enterprise networks, quietly doing some of the work employees once handled themselves — writing code, drafting emails, retrieving files, and connecting to internal systems. Sometimes they also make costly mistakes. At Meta, an employee asked an AI assistant to help manage her inbox. It deleted it instead. At Amazon,…

AI Email Summaries Create a New Phishing Attack Surface

Artificial intelligence (AI) assistants are rapidly becoming a core part of workplace productivity, but new research suggests they may also introduce a previously overlooked phishing vector.  Permiso researchers found that attacker-controlled text embedded in emails can manipulate Microsoft Copilot summaries through cross prompt injection attacks (XPIA), potentially inserting deceptive security alerts or malicious prompts into…

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Wing FTP Server flaw, tracked as CVE-2025-47813 (CVSS score of 4.3), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-47813 is an information disclosure vulnerability affecting Wing FTP…

Microsoft Issues Hotpatch for Windows 11 RRAS RCE Bugs

Microsoft has issued an out-of-band security update to address several critical vulnerabilities in Windows 11 that could allow attackers to execute malicious code through the system’s remote access management tools.  The patch targets flaws in the Windows Routing and Remote Access Service (RRAS) and is being delivered as a hotpatch, allowing systems to receive the…

Telstra Health introduces Smart Connect to streamline pathology eRequesting for GPs, patients and pathology providers

COMPANY NEWS:  Telstra Health, Australia’s largest digital health technology company, has today launched Smart Connect, a new pathology eRequesting capability within MedicalDirector Clinical, designed to replace manual, paper-based pathology requests with a fully digital workflow. The feature launches with Healius Pathology Network as its first integrated partner.

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are abusing extension dependency relationships in the Open VSX registry to indirectly deliver malware in a new phase of the GlassWorm supply-chain campaign. Researchers at Socket said they have identified at least 72 additional malicious Open VSX extensions linked to the campaign since January 31, 2026. The extensions appear to target developers by…

Microsoft Edge 146 adds IP privacy and local network access controls

Microsoft Edge version 146 (Stable) became available on March 13, 2026, bringing updates to tracking protection, IP privacy, and enterprise network security policies. One change affects tracking prevention in InPrivate browsing. InPrivate windows use the same tracking prevention level configured for standard browsing sessions. The separate option that previously allowed a different tracking setting for…

The ransomware economy is shifting toward straight-up data extortion

Ransomware remains a scourge that shows some signs of relenting, but incident responders and threat hunters are busier than ever as more financially-motivated attackers lean exclusively on data theft for extortion. Attacks that only involve data theft for extortion may not be more prevalent than traditional ransomware when attackers encrypt systems, but momentum is moving…

Washington is right: Cybercrime is organized crime. Now we need to shut down the business model

The recently released executive order targeting cybercrime, fraud, and predatory schemes uses language the federal government has often avoided. Now, for the first time, the Trump administration is echoing what the cybersecurity industry has been shouting for years: cyber-enabled fraud is a product of transnational organized crime. That distinction matters because organized crime requires an…

What it takes to win that CSO role

CSO and CISO roles are among the hardest to fill in IT. Which should be good news for cybersecurity professionals that aspire to leadership positions as the organization’s top security exec. For those that do, the authority, clout, pay, and benefits are increasing significantly. But so too are the responsibility and accountability placed on cybersecurity…

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate…

MY TAKE: The AI magic is back — whether it endured depends on Amazon’s next moves

I ran an experiment this week that I did not expect to be instructive, and it was. Related: How ChatGPT is becoming Microsoft Office The setup was simple. I had been working through a spontaneous personal essay — about cognitive overload, AI, and the specific anxiety of not knowing whether a memory lapse is a…

Deploy AWS applications and access AWS accounts across multiple Regions with IAM Identity Center

If your organization relies on AWS IAM Identity Center for workforce access, you can now extend that access across multiple AWS Regions with multi-Region replication. Previously, AWS access portal was only available in one Region, when you add an additional Region, users get an active access portal endpoint there. If the primary Region experiences a…

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on WeChat, CNCERT noted that the platform’s “inherently weak default security configurations,” coupled with its

Interpol – Operation Synergia III leads to 45,000 malicious IPs dismantled and 94 arrests worldwide

INTERPOL dismantled 45,000 malicious IPs and servers and arrested 94 suspects in a global cybercrime operation. INTERPOL announced a global cybercrime operation (codenamed Operation Synergia III) involving 72 countries that dismantled 45,000 malicious IP addresses and servers linked to phishing, malware, and ransomware. The international law enforcement operation led to 94 arrests, 110 ongoing investigations,…

U.S. CISA adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Google Chrome flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2026-3909 Google Skia Out-of-Bounds Write Vulnerability CVE-2026-3910 Google Chromium V8 Unspecified Vulnerability This…

Data mining? Old servers could become new source of rare earths

The retirement of old server equipment from data center facilities could become an opportunity for enterprises to generate revenue, instead of being an often costly recycling expense. Last year Western Digital announced it was experimenting with new ways to extract valuable rare earth elements and metals from obsolete servers from Microsoft’s US data centers, as…

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

The team at Readiness each month analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. The March release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET — a moderate volume with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in…

AiLock Ransomware Claims England Hockey Data Breach

England Hockey is investigating a potential cyberattack after a ransomware group claimed to have stolen sensitive data from its systems and threatened to publish it online.  The AiLock ransomware gang recently listed the organization on its public data leak site, claiming to have exfiltrated large volumes of internal data as part of the attack. “We…

Starbucks HR Portal Breach Exposes Employee Information

Starbucks has disclosed a data breach affecting hundreds of employees after attackers accessed internal HR accounts through phishing websites impersonating the company’s employee portal.  This incident exposed sensitive personal and financial information, raising concerns about potential identity theft and fraud. “The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts…

Google warns of two actively exploited Chrome zero days

Threat actors are exploiting two high severity zero day vulnerabilities in the Chrome browser that experts say IT teams must patch immediately. Google has issued emergency patches for the two holes, CVE-2026-3909 and CVE-2026-3910. This comes just days after the release of 29 fixes for holes as part of March Patch Tuesday, and a zero day…

Google warns of two actively exploited Chrome zero days

Threat actors are exploiting two high severity zero day vulnerabilities in the Chrome browser that experts say IT teams must patch immediately. Google has issued emergency patches for the two holes, CVE-2026-3909 and CVE-2026-3910. This comes just days after the release of 29 fixes for holes as part of March Patch Tuesday, and a zero day…

AI Facial Recognition Error Jails Tennessee Grandmother for Months

A Tennessee grandmother spent nearly six months in jail after a facial recognition system incorrectly identified her as a suspect in a bank fraud investigation in North Dakota, more than 1,200 miles from her home.  The case is drawing renewed scrutiny around the risks of relying heavily on artificial intelligence in criminal investigations. “I’ve never…

Google Patches Two Chrome Zero-Day Vulnerabilities Actively Exploited in the Wild

Google has released updates to patch two high-severity zero-day vulnerabilities in the Chrome browser that are already being exploited in the wild..  The flaws affect critical components responsible for rendering web content and executing JavaScript, potentially allowing attackers to crash the browser or execute malicious code on vulnerable systems. One of the vulnerabilities, CVE-2026-3909, allows…

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087, where CL refers to cluster, and STA stands for state-backed motivation. “The activity demonstrated strategic operational…

Cyber criminals too are working from home… your home

The FBI is so concerned about the threat of residential proxy attacks and the dangers posed by cyber criminals using the technique that it has posted guidance on its website. Residential proxies are used by cybercriminals to reroute traffic between individuals and the websites they visit to make it appear to originate elsewhere? By taking…

Cyber criminals too are working from home… your home

The FBI is so concerned about the threat of residential proxy attacks and the dangers posed by cyber criminals using the technique that it has posted guidance on its website. Residential proxies are used by cybercriminals to reroute traffic between individuals and the websites they visit to make it appear to originate elsewhere? By taking…

OT Security: The New Attack Surface of AI-Powered Robots

Humanoid robots are arriving with enterprise-friendly components — Wi-Fi, cameras, onboard compute, and over-the-air software updates — but they behave less like traditional IT devices and more like operational technology (OT) systems. They interact with the physical world, operate under strict latency constraints, and can cause real harm if something goes wrong. That convergence is…

Hack the AI Brain: LangSmith Vulnerability Could Expose Sensitive AI Data

A vulnerability in LangSmith, a widely used AI observability platform, could have allowed attackers to hijack user accounts and access sensitive enterprise data flowing through large language model (LLM) systems. Researchers at Miggo Security discovered the flaw, which could allow token theft and account takeover if a logged-in user visited a malicious webpage.  The vulnerability…

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency’s ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effort is part of an international law enforcement operation that involved 72 countries…

US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet

Authorities in the US and Europe disrupted the SocksEscort proxy service, which used the AVrecon botnet and infected about 360,000 devices since 2020. Law enforcement agencies in the US and Europe have disrupted SocksEscort, a malicious proxy service powered by the AVrecon botnet. Active since 2020, the service hijacked roughly 360,000 devices and allowed cybercriminals…

AWS Leader on Cloud Lessons and AI’s Next Wave

Twenty years after Amazon Web Services began reshaping enterprise infrastructure, the company’s partner ecosystem is entering another major transition—this time driven by artificial intelligence. In an interview with Channel Insider, Brian Bohan, director and global lead of the AWS Consulting Center of Excellence, discussed how lessons from the early cloud era are shaping AWS’s approach…

AI Risks, Critical Vulnerabilities, and Data Breaches Define This Week in Cybersecurity

Major Threats & Vulnerabilities Critical Software and Platform Flaws A SQL injection flaw in Elementor’s Ally accessibility plugin exposed over 400,000 WordPress sites to potential data theft. The vulnerability stemmed from improper input sanitization, allowing attackers to extract sensitive database information. Administrators should update immediately to the patched version. Microsoft’s March Patch Tuesday addressed a…

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. “The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients

AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns

The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor…