Geek-Guy.com

AI, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Risk Management

GitHub says internal repositories were taken in poisoned VS Code extension attack

GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing software development platforms and the ecosystems built around third-party developer tools. The Microsoft-owned company said in posts on X that it detected and contained the…

Read more →

AI, Global Security News, malware, Network Security

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the…

Read more →

AI, china, Europe, Global Security News, Government & Policy

Webworm APT targets European government organizations with new backdoors

ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, the group initially focused on targets in Asia, but has recently expanded its operations into Europe. ESET observed Webworm targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain…

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector

Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report. This is the first time credential theft has been knocked off the top spot in the report’s 19-year history, the company noted. Known initial access vectors over time…

Read more →

Funding, Global Security News, Venture

NanoCo lands $12 million seed funding, launches enterprise assistant built on NanoClaw

NanoCo announced a $12 million seed round, alongside the commercial launch of a professional assistant built on its open-source agent framework NanoClaw. Valley Capital Partners led the round. Docker, Vercel, monday.com, Slow Ventures, Clutch Capital, Factorial Capital, and Hugging Face CEO Clem Delangue participated. NanoCo founders (Photo by Ran Bergman) From open source traction to…

Read more →

AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Agentic AI Security Risks Increase Governance Demands for MSPs

BYOD was a headache. AI agents are an existential crisis. Advanced AI models pose a massive security and governance challenge for the channel, forcing managed service providers (MSPs) and tech partners to rethink how they protect corporate data. Agentic AI adoption exposes governance gaps The shift from passive, generative AI chatbots to fully autonomous agents…

Read more →

AI, Apps, Cybersecurity, Global Security News, Risk Management

Google talks ‘singularity’ while scaling up agentic AI for enterprises

Google is recasting its enterprise AI roadmap around autonomous systems and AGI, with DeepMind CEO Demis Hassabis telling I/O attendees the industry now sits at the “foothills of the singularity.” “When we look back at this time, I think we all realise that we were standing in the foothills of the singularity,” Hassabis said in his…

Read more →

china, Cybersecurity, Global Security News, Government & Policy

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications. Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies

Read more →

AI, APAC, Compliance, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Risk Management

How Can MSSPs Scale Threat Detection Without Burning Out Their Analysts?

Scaling threat detection as an MSSP doesn’t mean hiring more analysts — it means enabling the analysts you already have to handle more clients, more alerts, and more complex threats without burning out. The practical path forward combines three capabilities: continuous real-time intelligence that keeps detection systems current automatically, instant IOC investigation that cuts triage…

Read more →

AI, Global Security News

Agent AI is Coming. Are You Ready?

New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results of our Identity Gap: Snapshot 2026. Among the findings, “identity dark matter” (the unseen, unmanaged elements of identity) now overshadows the visible elements 57% vs. 43%. And it couldn’t have occurred at a worse time, with enterprises embracing Agent…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses.  Researchers at SentinelOne have detailed a new variant of the SHub malware family, dubbed “Reaper,” that impersonates Apple, Google, and Microsoft at different stages of a single attack chain targeting Mac users. The…

Read more →

AI, Compliance, Global Security News, Risk Management

ArmorCode gives security teams AI workers for exposure and remediation

ArmorCode has announced Anya Agents, a new agentic AI framework delivered on the patented ArmorCode Agentic AI Platform that enables organizations to operationalize AI-driven security workflows at enterprise scale. Built on ArmorCode’s Context Risk Graph, Anya Agents help security teams move beyond generic AI assistants by turning unified security and business context into purpose-built AI…

Read more →

AI, Global Security News, Risk Management

Novata uses AI to map risk across portfolios and supply chains

Novata has announced the launch of Risk Atlas, a new AI-powered risk monitoring tool designed to help organizations identify, compare, and prioritize risks across portfolios and supply chains. Framework for comparative risk visibility Risk Atlas provides a single, customizable framework for comparing risk across entities, normalizing diverse risk signals into a comparable view across portfolios…

Read more →

AI, Data Breaches, Global Security News

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension

Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far,” GitHub stated. The source of the…

Read more →

AI, Apps, Global Security News, Risk Management

Trust3 AI focuses on AI agent risks with MCP Security layer

Trust3 AI has announced the launch of Model Context Protocol (MCP) Security, establishing a new standard for safeguarding enterprise agentic AI workloads. This solution forms a key capability within Trust3 AI’s enterprise agent control plane, empowering security and governance teams with a unified trust layer to seamlessly and safely connect AI agents with vital business…

Read more →

Global Security News

Encryption Consulting launches CertSecure Manager v3.3 with zero-touch certificate renewals

Encryption Consulting has released CertSecure Manager v3.3, which automates zero-touch certificate renewal across all major enterprise server platforms and extends CA support to 11 providers, including Google Public CA and AWS. Certificate-related outages can cost enterprises millions in unplanned downtime, and expired or misconfigured certificates often cause serious security incidents. CertSecure Manager v3.3 closes both…

Read more →

AI, Global Security News, Network Security

Darwinium updates mobile SDKs to detect remote access scam activity

Darwinium has announced updates to its Android and iOS mobile SDKs. It enables banks, payment providers, and digital businesses to tackle the proliferation of remote access scams, including those that manipulate live sessions and account farming operations that run mule networks. “Most fraud platforms validate trust at a single moment, typically at login or payment,…

Read more →

AI, APAC, Exploits, Global Security News, malware, Network Security, Risk Management

Why some security fixes never reach your vulnerability dashboard

On April 22, for roughly 90 minutes, a malicious version of Bitwarden CLI appeared on npm. Version 2026.4.0 contained a credential-stealing payload that executed an obfuscated loader and harvested AWS, Azure, GCP, GitHub, and npm tokens from any developer machine that ran npm install. The attackers reached Bitwarden’s npm publishing path through a compromised GitHub…

Read more →

AI, Data Breaches, Endpoint, Global Security News, malware

A malicious VS code extension just breached GitHub ‘s internal repositories

One employee installed a trojanized VS Code extension. Result: ~3,800 GitHub internal repositories exfiltrated. TeamPCP claims credit, wants $50K. There is something almost ironic about GitHub, the platform that hosts the code for most of the world’s software, getting breached through a trojanized plugin for a code editor. But that is exactly what happened, and…

Read more →

Exploits, Global Security News

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)

Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the full-disk encryption feature built into Windows, and access users’ data. In the meantime, the company has provided step-by-step mitigation advice to protect affected Windows devices from exploitation. CVE-2026-45585 and the…

Read more →

Global Security News

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. “Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred…

Read more →

AI, Global Security News, Network Security

Virtuozzo CEO: AI Infrastructure Is a Channel Opportunity

Virtuozzo is positioning its new AI infrastructure platform as more than a product launch: CEO Kurt Daniel sees it as a channel opportunity for service providers facing rising hardware costs, GPU demand, and pressure to modernize cloud offerings. The company recently introduced its Virtuozzo Infrastructure System, an integrated platform combining compute, storage, networking, orchestration, automation,…

Read more →

AI, Exploits, Global Security News, Network Security

DirtyDecrypt: PoC Released for yet another Linux flaw

DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root. After Copy Fail, Dirty Frag, and Fragnesia, here comes DirtyDecrypt, another local privilege escalation vulnerability in the kernel, this time with a working proof-of-concept already out in the open. The flaw was discovered and…

Read more →

AI, Cybersecurity, Global Security News, Risk Management

Communicating cyber risk in dollars boards understand

In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of investment have promised. He argues that spending has leaned too heavily on technical controls while neglecting people, processes, and organizational dynamics. He unpacks the gap between security teams and boards, pointing to…

Read more →

AI, Global Security News, Network Security

When your AI assistant has the keys to production

Large language models in operational roles query telemetry, propose configuration changes, and in some deployments execute those changes against live infrastructure. Ticket drafting and alert summarization were the starting point. Vendors describe this work as autonomous remediation or self-healing infrastructure. A recent survey on agentic AI in network and IT operations gives it a more…

Read more →

AI, Exploits, Global Security News, Network Security

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

A Huawei zero-day flaw reportedly caused Luxembourg’s 2025 nationwide outage, disrupting landline, 4G/5G, and emergency services On July 23, 2025, a nationwide telecom outage in Luxembourg was reportedly triggered by a previously undisclosed flaw in Huawei enterprise routers. The attack disrupted landline, 4G, 5G, and emergency communications for more than three hours after specially crafted…

Read more →

AI, Global Security News

7 hard truths security pros should know: 2026 DevOps Threats Report

In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by GitProtect. If you want to effectively counter attacks targeted at your code (and business), you need security measures, good practices, and knowledge. Strengthen your organization’s security posture. Learn about…

Read more →

AI, Global Security News

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

GitHub on Tuesday said it’s investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform’s source code and internal organizations for sale on a cybercrime forum. “While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’…

Read more →

AI, Apps, Cybersecurity, Global Security News, Network Security, Risk Management

EnterpriseClaw wants to bring governance to the OpenClaw era

Autonomous agent orchestration tool OpenClaw hit the scene last November and immediately went viral, but its dramatic flaws were exposed just as quickly. Still, it marked a pivotal step in the agentic AI era, and enterprises have been exploring ways to deploy fleets of autonomous agents safely and securely ever since. Automation Anywhere Tuesday rolled…

Read more →

AI, Apps, Europe, Global Security News, malware

Microsoft disrupts malware code-signing service used by ransomware gangs

Microsoft has disrupted the infrastructure powering the largest malware code-signing service used to help ransomware groups and other cybercriminals make malicious programs harder to detect on Windows. The threat actors behind the service used stolen identities and impersonated legitimate organizations to obtain more than 1,000 code-signing certificates. Microsoft seized the group’s website, signspace[.]cloud, revoked the…

Read more →

AI, Cybersecurity, Data Breaches, Funding, Global Security News, Government & Policy

CISA credential leak raises alarms, and Capitol Hill demands answers

Congressional Democrats want answers from the Cybersecurity and Infrastructure Security Agency about the reported public exposure of sensitive agency credential data on GitHub in an incident that the security researcher who discovered it called one of the worst leaks he’s ever seen. Other security professionals also voiced concern Tuesday about the leak and the potential…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Global Security News, Risk Management

CIRT insights: How to help prevent unauthorized account removals from AWS Organizations

The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team often uncovers new or trending tactics used by various threat actors that take advantage of specific customer configurations and designs. Understanding these tactics can help inform your architecture decisions, improve your…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News

Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches

Attackers couldn’t get enough of the vulnerabilities at their disposal last year, making exploits the top initial access vector across more than 22,000 breaches Verizon analyzed in its latest Data Breach Investigations Report released Tuesday. The massive annual study uncovered a surge of exploited vulnerabilities during a one-year period ending in October 2025. Exploited defects…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy

Contractor’s public GitHub account exposed GovCloud and CISA credentials

Until a few days ago, a publicly-accessible GitHub repository exposed credentials for both US government AWS accounts and internal Cybersecurity and Infrastructure Security Agency (CISA) systems. That’s according to cybersecurity reporter Brian Krebs, who first broke the news over the weekend, acting on a tip from researcher Guillaume Valadon at GitGuardian. Valadon confirmed the information…

Read more →

AI, Apps, Compliance, Europe, Exploits, Global Security News, Risk Management

News alert: Orchid Security study finds invisible identities now outnumber managed accounts

NEW YORK, May 19, 2026, CyberNewswire—Orchid Security, the company solving identity at its core, today released its Identity Gap: 2026 Snapshot report, revealing that the majority of enterprise identity now exists outside the view of identity and access management systems. The report found that invisible identity (“identity dark matter”) now outweighs visible identity across enterprise…

Read more →

AI, Exploits, Global Security News, Government & Policy, Risk Management

Drupal is rolling out an emergency security update on May 20. You cannot miss it

Drupal Is Pushing an Emergency Security Update Tomorrow. If You Run a Drupal Site, This Is Not One to Miss. Something significant is coming out of the Drupal project tomorrow, and the way the announcement is worded should be enough to get any site administrator’s attention. The Drupal Security Team has confirmed it will release…

Read more →

AI, Apps, Europe, Exploits, Global Security News, malware

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used AntV enterprise data visualization tool. Unlike last week’s high-profile npm attack on TanStack, which exploited a complex GitHub Actions cache poisoning weakness, the latest incident early on May 19 took the more conventional…

Read more →

AI, Global Security News

Arxiv: Researchers who submit AI-generated junk could get 1-year suspension

Arxiv, the open-access repository where researchers publish scientific articles before they have undergone formal peer review, is introducing stricter rules against AI-generated articles containing obvious errors and fabricated content. Researchers who submit texts with clear signs of so-called “AI slop” can now be banned from the platform for a year, according to 404 Media. Red…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management

CISA GitHub Leak Exposes AWS GovCloud Secrets 

A public GitHub repository tied to a CISA contractor reportedly exposed sensitive AWS GovCloud credentials, plaintext passwords, and internal deployment files.  Researchers said the exposure may have provided privileged access to multiple internal systems and cloud environments before the repository was removed.  “Passwords stored in plain text in a csv, backups in git, explicit commands…

Read more →

AI, china, Global Security News, Government & Policy, malware, Network Security

Microsoft dismantled malware-signing network Fox Tempest

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation run by a threat actor named Fox Tempest, which helped threat actors sign malware with short-lived certificates to make malicious software appear legitimate. The service abused Microsoft Artifact Signing and supported…

Read more →

AI, APAC, Compliance, Cybersecurity, Europe, Global Security News, Network Security, Risk Management

Westcon-Comstor Launches White-Label OneSOC Service

Westcon-Comstor has launched OneSOC, a vendor-agnostic, white-label security operations service designed to help channel partners offer SOC capabilities under their own brand without upfront investment. The global technology distributor, which specializes in cybersecurity, networking, and hybrid cloud, announced the service on May 19.  OneSOC targets partner barriers to SOC delivery OneSOC is available across Europe,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Risk Management

Splunk: Downtime Costs Hit $600B as Shadow AI Grows

The average cost of downtime has reached $600 billion across the Global 2000, a 50% increase in just two years, according to a newly published report from Splunk. Produced in partnership with Oxford Economics, Splunk’s “The Hidden Costs of Downtime” report highlights the rising financial impact of cyber incidents, outages, and breaches, including a growing…

Read more →

AI, Cybersecurity, Global Security News

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN’s Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud. “Users

Read more →

AI, Apps, Compliance, Global Security News, Network Security, Risk Management

Governing infrastructure as code using pattern-based policy as code

Organizations often struggle to enforce security and compliance requirements consistently across their cloud infrastructure. In one environment, a workload might be deployed in an AWS Region that was never approved for that class of data. In another, a security group might allow broader access than intended. Required tags might be missing. Encryption might be assumed…

Read more →