Geek-Guy.com

Category: Security

Auto Added by WPeMatico

Android, Breaking News, Exploits, Global Security News, Google, hacking, Security

Google fixed a critical remote code execution in Android

Google’s November 2025 Android update fixes two flaws in the System component, including a critical remote code execution issue. Google’s November 2025 Android security updates addressed two vulnerabilities impacting the System component. The fixes are included in the 2025-11-01 security patch level, the only patch level released this month by the IT giant. “The most…

Read more →

backdoor, Breaking News, Emerging Tech, Global Security News, hacking, malware, Security

SesameOp: New backdoor exploits OpenAI API for covert C2

Microsoft found a new backdoor, SesameOp, using the OpenAI Assistants API for stealthy command-and-control in hacked systems. Microsoft uncovered a new backdoor, named SesameOp, that abuses the OpenAI Assistants API for command-and-control, allowing covert communication within compromised systems. Microsoft Incident Response – Detection and Response Team (DART) researchers discovered the backdoor in July 2025 while…

Read more →

Global Security News, Security

Empower AI Innovation: On-Demand AI Data Center Access With Cisco SD-WAN

AI has transformed everyday experiences—from your phone instantly translating a foreign language to your smart assistant finding the fastest route home. Just as these devices connect you to the world in a split second, businesses now require on-demand, high-performance access to a rapidly expanding global AI ecosystem. This seamless, real-time connectivity is becoming the new…

Read more →

Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, an alleged Jabber Zeus developer, was arrested in Italy, lost his extradition appeal, and has been sent to the US to face cybercrime charges. After a…

Read more →

APT, cyber attack, cyber crime, Global Security News, malware, Security

New Dante Spyware Linked to Rebranded Hacking Team, Now Memento Labs

Kaspersky researchers uncovered Operation ForumTroll, an attack campaign utilising the new ‘Dante’ spyware developed by Memento Labs, the rebranded Hacking Team. The attacks used a Chrome zero-day vulnerability (CVE-2025-2783) and COM hijacking for persistence, confirming the continued deployment of advanced surveillance tools by the controversial Italian firm.

Read more →

Breaking News, Chrome, Exploits, Global Security News, Google, Security

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

Google released Chrome 142, fixing 20 flaws, including two high-severity V8 bugs, and awarded $100,000 in bug bounties. Google addressed 20 flaws in Chrome version 142, including high-severity bugs that impact the V8 engine. The IT giant awarded $100,000 in bounties for two issues in the V8 JavaScript engine. The two vulnerabilities are tracked as…

Read more →

Breaking News, cyber crime, Global Security News, malware, Mobile, Security

Android Apps misusing NFC and HCE to steal payment data on the rise

Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps abusing Near-Field Communication (NFC) and Host Card Emulation (HCE) to steal payment data and commit fraud, showing rapid growth in NFC relay attacks…

Read more →

Breaking News, cyber crime, data breach, Global Security News, Security

Conduent January 2025 breach impacts 10M+ people

Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of over 10M people, including names, addresses, DOBs, SSNs, and health and insurance info. In April 2025, the business services provider Conduent revealed that personal information, including…

Read more →

Breaking News, Cybercrime, data breach, Global Security News, malware, Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases     Mem3nt0 mori – The Hacking Team is back!  Insider Threats Loom…

Read more →

Breaking News, Cybercrime, Exploits, Global Security News, hacking, Security, Uncategorized

Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day…

Read more →

Breaking News, cyber crime, Cybercrime, Global Security News, Security

Ukrainian extradited to US over Conti ransomware involvement

Ukrainian Oleksii Lytvynenko extradited from Ireland to US for alleged role in Conti ransomware after fleeing Ukraine in 2022. Ukrainian national Oleksii Lytvynenko (43) extradited from Ireland to the US, faces charges for alleged involvement in Conti ransomware attacks after fleeing Ukraine in 2022. The man appeared in a US court and was charged with…

Read more →

Breaking News, Exploits, Global Security News, hacking, malware, Security

BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell infections and admin takeover. “Cyber actors are installing an implant dubbed ‘BADCANDY’ on Cisco IOS XE devices that are vulnerable…

Read more →

Exploits, Global Security News, Security

Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server

Cyber agencies from three countries including the US have issued a list of security best practices for protecting Microsoft Exchange Server, a venerable on-premises email server that many IT departments still cling to. The advisory, also endorsed by Australia and Canada, comes at a good time: Threat actors are still poking at holes in Exchange…

Read more →

Breaking News, Exploits, Global Security News, hacking, malware, Security

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-2024-1086, a high-severity Linux kernel flaw introduced in 2014 and patched in January 2024. CISA didn’t provide details about the ransomware attacks exploiting the flaw or name…

Read more →

Global IT News, Global Security News, News and Trends, Security, Tools & Platforms

Cork Marks Three Years Linking MSPs to SMB Cyber Resilience

Cork Protection is celebrating its third anniversary this month, marking three years of growth and innovation in how MSPs support and protect SMB clients across North America. Founded in 2022 with a mission to make financial protection accessible to every business, the company now supports more than eight million endpoints, protects thousands of small businesses,…

Read more →

Asia Pacific, Breaking News, china, Global Security News, hacking, intelligence, Security

Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications

A nation-state actor, likely a China-nexus one, hacked the U.S.-based technology company Ribbon Communications. Ribbon Communications is a U.S.-based technology company that provides telecommunications and networking. Ribbon Communications employs approximately 3,052 people as of December 31, 2024. The company reported annual revenue of US $834 million in 2024. The U.S. telecom provider disclosed a cyberattack…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, information security news, Security

U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…

Read more →

Breaking News, Chrome, Exploits, Global Security News, hacking, Security

Brush exploit can cause any Chromium browser to collapse in 15-60 seconds

“Brash” flaw in Chromium’s Blink engine lets attackers crash browsers instantly via a single malicious URL, researcher Jose Pino revealed. Security researcher Jose Pino found a severe vulnerability, named Brash, in Chromium’s Blink rendering engine that can be exploited to crash many Chromium-based browsers within a few seconds. “Brash is a critical vulnerability in Blink, the rendering engine that…

Read more →

Breaking News, Exploits, Global Security News, hacking, intelligence, Security

Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia

Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter Williams (39) admits stealing US trade secrets and selling cyber exploits to a Russian broker. Williams, an Australian national, pleaded guilty to stealing and selling U.S.…

Read more →

Global Security News, Security

Zehntausende Exchange-Server in Deutschland gefährdet

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?quality=50&strip=all 6240w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=768%2C431&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=1024%2C575&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=1536%2C863&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=2048%2C1150&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2626268707.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”575″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Das BSI warnt vor der weiteren Verwendung von Microsofts Exchange-Server 2016 und 2019. Smile Studio AP – shutterstock.com Der Support für Microsofts Exchange-Server 2016 und 2019 endete…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, Security

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-6204 Dassault Systèmes DELMIA Apriso Code Injection Vulnerability CVE-2025-6205 Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability Dassault Systèmes…

Read more →

Breaking News, cyber crime, Global Security News, malware, Security

Herodotus Android malware mimics human typing to evade detection

Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics human typing by adding random delays to evade detection. Herodotus allows operators to takeover devices and bypass behaviour biometrics detection, it is offered as a malware-as-a-service (MaaS). The researchers…

Read more →

Breaking News, cyber crime, data breach, Europe, Global Security News, malware, Security

Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät

Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected. Hackers breached Sweden’s state-owned power grid operator Svenska kraftnät, stealing data from an isolated file transfer system. The power grid operations were not impacted by the cyber incident. The Swedish company on Monday disclosed…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Critical ASP.NET flaw hits QNAP NetBak PC Agent

QNAP warns of critical ASP.NET flaw (CVE-2025-55315) in NetBak PC Agent, letting attackers hijack credentials or bypass security via HTTP smuggling. QNAP urges users to patch a critical ASP.NET Core vulnerability, tracked as CVE-2025-55315 (CVSS score of 9.9), in its NetBak PC Agent for Windows. The flaw resides in the Kestrel server and lets low-privilege…

Read more →

Breaking News, Global Security News, hacking, hacking news, information security news, Security

X warns users to re-enroll passkeys and YubiKeys for 2FA by Nov 10

X urges users with passkeys or YubiKeys to re-enroll 2FA by Nov 10, 2025, or risk account lockout. Re-enroll, switch 2FA, or disable it. Social media platform X is urging users who use passkeys or hardware security keys like YubiKeys for two-factor authentication (2FA) to re-enroll their keys by November 10, 2025, to keep account…

Read more →