Geek-Guy.com

Category: Security

Auto Added by WPeMatico

bec, Exploits, Global Security News, hacking, information security news, IT Information Security, Security

Misconfigured email routing enables internal-spoofed phishing

Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails appearing internal, using PhaaS platforms like Tycoon2FA to steal credentials. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains…

Read more →

Global Security News, Security

How to eliminate IT blind spots in the modern, AI-driven enterprise

The more organizations lean on artificial intelligence (AI), spread workloads across different environments, and tie systems together, the harder it becomes for traditional security practices to present a complete picture of what’s going on. The result is a growing number of blind spots – hidden misconfigurations, inconsistent controls, and unpredictable behaviors across systems and AI…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security

Veeam resolves CVSS 9.0 RCE flaw and other security issues

Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, including a critical RCE vulnerability tracked as CVE-2025-59470 (CVSS score of 9.0). A Backup or Tape Operator can achieve remote code execution as the postgres user by abusing…

Read more →

Breaking News, Exploits, Global Security News, hacking, internet of things, Security

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625 (CVSS score of 9.3), in legacy D-Link DSL routers. The vulnerability is an improper neutralization of special elements used in an OS Command (‘OS Command Injection’),…

Read more →

Breaking News, ClickFix, cyber crime, Europe, Global Security News, malware, Security

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubbed PHALT#BLYX, targeting European hotels with fake Booking-themed emails. Victims are redirected to bogus BSoD pages using ClickFix-style lures that prompt them to apply “fixes.” The multi-stage attack ultimately…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-2025-65606, in the TOTOLINK EX200 range extender that lets a remote authenticated attacker fully take over the device. The TOTOLINK EX200 is a compact Wi-Fi range extender…

Read more →

Android, Breaking News, Global Security News, Mobile, Security

Google fixes critical Dolby Decoder bug in Android January update

Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the flaw in December 2025 for Pixel phones and has now rolled out the fix to…

Read more →

Global Security News, Security

Why Arbor Edge Defense and CDN-Based DDoS protection are better together

In today’s hyperconnected digital landscape, distributed denial-of-service (DDoS) attacks have evolved into sophisticated, multivector threats capable of crippling even the most resilient infrastructures. While content delivery network (CDN)-based DDoS protection offers scalable mitigation for volumetric attacks, it’s not a silver bullet. To truly safeguard critical services and maintain operational continuity, organizations must adopt a multilayered defense strategy—and…

Read more →

Global Security News, Security

5 myths about DDoS attacks and protection

Distributed denial-of-service (DDoS) attacks come in many shapes and sizes, as do the myths surrounding them. These myths can center on motivations, DDoS attack vectors and techniques, mitigation strategies, and more. DDoS myths are also sometimes more dangerous than the attacks themselves because the misconceptions can leave organizations vulnerable to other types of cyberattacks, misguide mitigation strategies,…

Read more →

Botnet, Breaking News, cyber crime, Exploits, Global Security News, malware, Security

Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices

The Kimwolf botnet has infected over 2 million Android devices, spreading mainly through residential proxy networks, researchers say. The Kimwolf botnet has compromised more than 2 million Android devices, spreading primarily via residential proxy networks, according to cybersecurity firm Synthient. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8…

Read more →

Breaking News, cyber crime, Global Security News, hacking, Security

The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act

Ilya Lichtenstein, who was sentenced to prison for his role in the Bitfinex hack that occurred in 2016, has been released from prison early. Ilya Lichtenstein (38), convicted for the hack of the cryptocurrency stock exchange Bitfinex in 2016, has been released from prison early. A Trump administration official told CNBC that Lichtenstein served significant prison time…

Read more →

Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security

Sedgwick discloses data breach after TridentLocker ransomware attack

Sedgwick confirmed a cyber incident at its federal contractor unit after TridentLocker claimed to steal 3.4GB of data. Sedgwick is a leading global claims management and risk services provider operating in the insurance and risk solutions sector. It employs roughly 33,000 people worldwide, across more than 80 countries. Estimated annual revenue is in the multi-billion…

Read more →

Breaking News, cyber crime, Global Security News, hacking, hacking news, Security

Resecurity Caught ShinyHunters in Honeypot

Resecurity caught ShinyHunters (SLH) using decoy accounts; the group attacked airlines, telecoms, and law enforcement in Sept 2025. In an interesting development, Resecurity has caught actors known as “ShinyHunters” or “Scattered Lapsus$ Hunters” (SLH) leveraging honeypot (decoy) accounts. The company was one of the first to release a public report detailing the group’s activities in September…

Read more →

Breaking News, Cyber warfare, Global Security News, intelligence, Security

What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities?

In light of the tragic events that have occurred in Venezuela, what is happening to the Internet in the country, and how are users accessing it? Yesterday, the United States launched a “large scale strike” in Venezuela, capturing Venezuelan President Nicolas Maduro and his wife.  Former Venezuelan leader Nicolás Maduro and his wife were taken…

Read more →

Breaking News, Cybercrime, data breach, Global Security News, malware, Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Evasive Panda APT poisons DNS requests to deliver MgBot   Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations   EmEditor Supply Chain Incident Details Disclosed: Distribution of Information-Stealing Malware Sweeps…

Read more →

Breaking News, Emcore, Global Security News, intelligence, Laws and regulations, North America, Security

President Trump blocks $2.9M Emcore chip sale over security concerns

Trump ordered the divestment of a $2.9M chip deal, citing U.S. national security risks if HieFo retained control of Emcore ’s technology. President Trump ordered the divestment of a $2.9 million chips deal, citing national security risks tied to HieFo Corp.’s control of Emcore ’s chip technology. HieFo (short for High Efficiency Photonics) is a…

Read more →

Artificial Intelligence, Breaking News, cyber crime, deepfakes, Global Security News, Security

French authorities investigate AI ‘undressing’ deepfakes on X

France will probe AI-generated sexual deepfakes made with Grok on X after hundreds of women and teens reported “undressed” images shared online. French authorities will investigate AI-generated sexually explicit deepfakes created with Grok on X after hundreds of women and teens reported manipulated “undressed” images shared on social media. Grok is an artificial intelligence chatbot…

Read more →

Breaking News, cyber crime, Global Security News, malware, Security

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

Two U.S. cybersecurity professionals pleaded guilty to charges tied to their roles in BlackCat/Alphv ransomware attacks. The U.S. cybersecurity professionals Ryan Goldberg and Kevin Martin pleaded guilty to charges tied to their roles in BlackCat/Alphv ransomware attacks that occurred in 2023. Court records show Ryan Goldberg, Kevin Martin, and a co-conspirator deployed ALPHV BlackCat ransomware…

Read more →

AI, Channel Business, Global IT News, Global Security News, Managed Services, News and Trends, Security

Video: Q4 and 2025 Annual IT Channel Recap: AI, VMware, Security & 2026 Outlook

In this Channel Insider Q4 and 2025 and Annual IT Channel Recap, host Katie Bavoso is joined by the Channel Insider editorial team—Victoria Durgin, Jordan Smith, and Luis Millares—to break down the biggest IT channel stories, trends, and turning points from 2025, plus their early predictions for what’s ahead in 2026. From VMware and Broadcom…

Read more →

Breaking News, cyber crime, data breach, Global Security News, Security

Covenant Health data breach after ransomware attack impacted over 478,000 people

Covenant Health suffered a ransomware attack by the Qilin group in May 2025, compromising data of over 478,000 individuals. Covenant Health, Inc., based in Andover, Massachusetts, is a healthcare organization that provides medical services and patient care. Covenant Health operates hospitals, clinics, or related healthcare facilities in multiple states, including Massachusetts, Maine, New Hampshire, Pennsylvania,…

Read more →

Breaking News, Exploits, Global Security News, hacking, Security

IBM warns of critical API Connect bug enabling remote access

IBM disclosed a critical API Connect flaw (CVE-2025-13915, CVSS 9.8) that allows remote access via an authentication bypass. IBM addressed a critical API Connect vulnerability, tracked as CVE-2025-13915 (CVSS score of 9.8) that allows remote access via an authentication bypass. API Connect is IBM’s API management platform. It’s used by organizations to create, secure, manage,…

Read more →

Breaking News, Crypto, cyber crime, Global Security News, hacking, Security

Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen

Trust Wallet says a second Shai-Hulud supply-chain attack likely compromised its Chrome extension, leading to the theft of about $8.5M in crypto. Trust Wallet linked a second Shai-Hulud supply-chain attack to its Chrome extension hack, which resulted in the theft of about $8.5 million in crypto assets. The investigation reveals that the attacker independently developed…

Read more →

Breaking News, cyber crime, data breach, Europe, Global Security News, hacking, Security

ESA disclosed a data breach, hackers breached external servers

ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The European Space Agency (ESA) disclosed a data breach after a threat actor offered to sell data allegedly stolen from the organization.  A hacker who goes online with the moniker “888” announced on BreachForums the…

Read more →

Asia Pacific, Breaking News, Global Security News, hacking, hacking news, Security

Singapore CSA warns of maximun severity SmarterMail RCE flaw

Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore (CSA) warns of a maximum severity flaw, tracked as CVE-2025-52691 (CVSS score of 10.0), in SmarterMail. The vulnerability enables unauthenticated remote code execution via arbitrary file upload. “Successful exploitation of the…

Read more →

Breaking News, Exploits, Global Security News, hacking, hacking news, Security

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 (MongoBleed), was disclosed right after Christmas, an unwelcome “gift” for the cybersecurity community, impacting MongoDB Server deployments that use zlib network compression. MongoDB is a popular open-source NoSQL database used to store and manage data…

Read more →

Breaking News, Cybercrime, Global Security News, hacking, Security

Coupang announces $1.17B compensation plan for 33.7M data breach victims

Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted. Coupang announced it will spend about $1.17 billion to compensate 33.7 million people affected by a recent data breach, providing purchase vouchers to impacted users. “Coupang plans to provide customers with purchase vouchers worth…

Read more →

APT, Asia Pacific, Breaking News, Global Security News, intelligence, malware, Security

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver

China-linked APT Mustang Panda used a signed kernel-mode rootkit driver to load shellcode and deploy its ToneShell backdoor. China-linked APT Mustang Panda (aka Hive0154, HoneyMyte, Camaro Dragon, RedDelta or Bronze President) was observed using a signed kernel-mode rootkit driver with embedded shellcode to deploy its ToneShell backdoor. Mustang Panda has been active since at least 2012, targeting American and European entities such as…

Read more →

Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems

A Lithuanian national was arrested for allegedly spreading KMSAuto malware that stole clipboard data and infected 2.8 million Windows and Office systems. A Lithuanian man (29) was arrested for allegedly spreading KMSAuto-based clipboard-stealing malware that infected about 2.8 million Windows and Office systems. The man was extradited from Georgia to South Korea under Interpol coordination.…

Read more →

Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a MongoDB Server vulnerability, tracked as CVE-2025-14847 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. The recently disclosed MongoDB vulnerability CVE-2025-14847 (aka MongoBleed) is being actively exploited, with more…

Read more →

Global Security News, Security

Sieben Anzeichen dafür, dass Ihr Cybersecurity-Framework überarbeitet werden muss

Cybersecurity ist kein Nice-to-have, sondern ein Muss. Dennoch vernachlässigen immer noch zu viele Unternehmen seine Pflege. Summit Art Creations – shutterstock.com Cybersicherheits-Frameworks sind die Richtlinien, mit denen sich Unternehmen vor Cyberangriffen schützen. Ein typisches Framework beschreibt die notwendigen Schritte, um verschiedene Cybersicherheitsrisiken zu adressieren, latente Schwachstellen aufzudecken und die digitale Verteidigung des Unternehmens allgemein zu…

Read more →

Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security

Romania’s Oltenia Energy Complex suffers major ransomware attack

A ransomware attack hit Romania’s Oltenia Energy Complex on December 26, knocking out IT systems at the country’s largest coal power producer. A ransomware attack disrupted Oltenia Energy Complex, Romania’s largest coal-based power producer, shutting down its IT systems on December 26. The Oltenia Energy Complex (CE Oltenia) is Romania’s leading state-controlled lignite mining and…

Read more →