Geek-Guy.com

Cybersecurity, Exploits, Global Security News

22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed

Read more →

AI, Global Security News, Risk Management

BeyondTrust’s 13th Annual Microsoft Vulnerabilities Report Reveals Drop in Total Volume, But Surge in Critical Risk

GUEST RESEARCH:  Critical vulnerabilities doubled year-over-year, signalling rising risk severity as AI-driven discovery and expanding attack surfaces reshape the Microsoft security landscape Elevation of Privilege vulnerabilities accounted for 40% of all flaws, continuing to dominate threat actor pathways and reinforcing identity as the primary attack vector Azure and Dynamics 365, saw a 9x increase in…

Read more →

AI, Global Security News

PCI SSC Launches Enhanced Language Microsites for Global Audience

  The PCI Security Standards Council (PCI SSC) has announced the launch of newly redesigned language microsites, delivering a more accessible, structured, and user-friendly experience for global stakeholders. These updates mark a significant step forward in making PCI resources more readily available to non-English-speaking audiences by providing a consistent user experience across languages. 

Read more →

AI, Cybersecurity, Global Security News

Ransomware negotiator admits role in attacks he was hired to resolve

A Florida man, formerly employed as a ransomware negotiator, pleaded guilty to conspiring to carry out ransomware attacks against US companies. Prosecutors say Angelo Martino, 41, used his position at DigitalMint, a crypto broker that helps victims negotiate and pay ransomware demands, to pass sensitive information to attackers. Alongside Martino, two more individuals were involved…

Read more →

AI, Global Security News

Snowflake Expands Snowflake Intelligence and Cortex Code to Power the Control Plane for the Agentic Enterprise

COMPANY NEWS: Snowflake delivers agentic AI for both business users and builders on a single platform with Snowflake Intelligence and Cortex Code Snowflake Intelligence transforms how business users turn insights into action through a personalised, context-aware AI agent grounded in enterprise data Cortex Code enables builders to move faster from code to production with AI-powered…

Read more →

AI, Endpoint, Global Security News

GitLab Collaborates with AWS to Bring Agentic DevSecOps to Enterprise Teams Using Their Existing Amazon Bedrock Accounts and Spend

COMPANY NEWS: Customers can route GitLab Duo Agent Platform inference through Amazon Bedrock models already running in their AWS accounts without new vendor onboarding or model endpoints. GitLab Credits purchased through AWS Marketplace count toward existing AWS spending commitments. GitLab’s Bring Your Own Model (BYOM) capability for Self-Managed customers lets teams connect their self-hosted AI…

Read more →

AI, Global Security News

Entrust Integrates Australia’s Document Verification Service (DVS) to Support AML/CFT-Ready Identity Verification

News Summary: Under Tranche 2 reforms, Australia’s AML/CTF regime will undergo its most significant expansion in nearly two decades.  All reporting entities will need to strengthen identity verification and customer due diligence processes. Entrust Identity Verification unifies Australia DVS checks, biometrics, and AI‑driven fraud controls for all‑in‑one Australia-ready identity verification.

Read more →

Uncategorized

Top 10 Tech Gadgets for April 2026

As of April 2026, the tech landscape is dominated by a shift toward highly specific, problem-solving gadgets rather than general-purpose devices. Here are 10 of the most noteworthy gadgets gaining traction this month: Gadget Category Why It’s Notable O-Boy Satellite Smartwatch Wearable A satellite-connected watch built for true off-grid emergencies where cell service is non-existent.…

Read more →

AI, Compliance, Global Security News, Government & Policy

Kamiwaza Expands ARIA Through TD SYNNEX, HPE Channel

Kamiwaza AI is bringing its ARIA accessibility remediation platform to the TD SYNNEX channel alongside HPE, positioning MSPs and resellers to help public sector customers meet fast-approaching digital accessibility deadlines, including the April 24, 2026 ADA Title II compliance requirement. Channel opportunity tied to accessibility mandates for government websites The timing is notable for partners…

Read more →

Deeper Network Promo Deeper Network Promo Deeper Network Promo Image

AI, Global Security News, Risk Management

Ivanti Neurons AI automates IT operations, reducing manual work and security risk

Ivanti has revealed new solution capabilities, focusing on enabling autonomous IT operations and organizations to secure their environments more efficiently at scale. With these advancements, Ivanti enables IT and security operations to detect, decide, and act autonomously without sacrificing trust, governance, or control. AI capabilities and the threat landscape are changing quickly, and IT and…

Read more →

AI, Global Security News

Silobreaker Mimir adds agentic AI to intelligence workflows with governance and transparency

Silobreaker has announced new agentic AI capabilities that combine faster research and deeper contextual analysis with built-in governance and transparency to ensure trusted intelligence can be safely consumed across the wider enterprise. Silobreaker Mimir is an embedded agentic capability for intelligence operations, working directly within the analyst workflow. It helps teams retrieve evidence, deepen analysis,…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security

Azure SRE Agent flaw let outsiders silently eavesdrop on enterprise cloud operations

A high-severity authentication flaw in Microsoft’s Azure SRE Agent exposed sensitive agent data to unauthorized network access, according to a confirmed vulnerability disclosure. The issue was identified by Enclave AI researcher Yanir Tsarimi, who detailed the findings in a blog post describing how agent interactions could be accessed without proper authentication controls. The vulnerability has…

Read more →

AI, Global Security News, privacy

OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns

OpenAI’s Chronicle is a feature designed to help Codex, an AI-powered coding assistant, better understand what users are working on by capturing context directly from their screens. It uses recent screen activity to build memories, allowing Codex to interpret references, identify relevant sources, and pick up on the tools and workflows users rely on, without…

Read more →

AI, Exploits, Global Security News, Network Security

Prompt injection turned Google’s Antigravity file search into RCE

Security researchers have revealed a prompt injection flaw in Google’s Antigravity IDE that could be weaponized to bypass its sandbox protections and achieve remote code execution (RCE). The issue came from Antigravity’s ability to allow AI agents to invoke native functions, like searching files, on behalf of the user. Designed to kill complexity, the feature…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials. Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing

Read more →

Exploits, Global Security News

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)

CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including a Cisco Catalyst SD-WAN Manager vulnerability (CVE-2026-20133) that Cisco has yet to flag as exploited. Three Cisco Catalyst SD-WAN Manager vulnerabilities Alongside CVE-2026-20133, CISA has also listed CVE-2026-20128 and CVE-2026-20122 – two other Catalyst SD-WAN Manager vulnerabilities – as being leveraged in…

Read more →

AI, Apps, Cybersecurity, Global Security News, malware

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated,” ESET security researcher Lukáš…

Read more →

AI, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management

The US NSA is using Anthropic’s Claude Mythos despite supply chain risk

Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by the U.S. National Security Agency is a reminder that the line between AI as a defensive tool and AI as a security risk is getting harder…

Read more →

Cybersecurity, Exploits, Global Security News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted file-creation capabilities with an insufficient input sanitization in Antigravity’s native file-searching tool, find_by_name, to bypass the program’s Strict

Read more →

AI, Apps, Cybersecurity, Europe, Global Security News, Risk Management

Report: Enterprises Rely on Managed Services to Scale AI

New research has found that an overwhelming majority of executives view managed services as essential for the delivery of agentic AI. Boosting AI with managed services According to the global KPMG Managed Services Outlook Survey 2026, more than 90 percent of executives believe managed services are essential to their agentic AI journeys, and 87 percent…

Read more →

AI, Apps, Global Security News, Network Security, privacy, Risk Management

Why identity is the driving force behind digital transformation

Identity centric technologies have undergone a significant transformation in recent times. Gone are the days when it was all about logging in and out of any given system. Today, identity has become the backbone of all digital enterprises. It’s the ‘invisible engine’ that powers everything. From security to how modern-day products are sold. Today’s Identity…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Mythos can find the vulnerability. It can’t tell you what to do about it.

Mythos matters. It is a significant step forward in AI-assisted vulnerability discovery. But it does not mean cybersecurity changed overnight, nor does it mean enterprises are suddenly facing fully automated exploitation at internet scale tomorrow. It does mean the offensive side of AI is continuing to improve. The defensive side needs to catch up now.…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Top techniques attackers use to infiltrate your systems today

Much of the talk around cybersecurity these days revolves around AI and the threat it poses to corporate systems when used by nefarious actors. But the reality on the ground remains a little more mundane than polymorphic AI malware and criminal masterminds putting machine learning and generative AI to work at scale. Still, keeping on…

Read more →

AI, Apps, Global Security News, malware

NGate NFC malware targets Android users through trojanized payment app

NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the NGate malware family, this time embedded in a trojanized version of HandyPay, a legitimate NFC relay application available on Google Play since 2021. ESET Research identified the campaign and…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Russia, Venture

The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops

On April 7, six US government agencies issued a critical advisory warning domestic private sector organizations of potential infrastructural cyberattacks conducted by Iranian-affiliated Advanced Persistent Threat (APT) actors. The advisory stops short of attributing these threats to a single group but makes reference to 2023 attacks on US water and wastewater facilities linked to the…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses

Editor’s note: The research is authored by Mauro Eldritch, offensive security expert and a founder of BCA LTD, a company dedicated to threat intelligence and hunting. You can find Mauro on X.  The recent wave of ClickFix attacks has introduced several new ways to compromise users, establishing itself as a technique that is likely here to stay. We have observed Lazarus Group using…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Network Security

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut

Read more →

AI, Global Security News

Researchers build an encrypted routing layer for private AI inference

Organizations in healthcare, finance, and other sensitive industries want to use large AI models without exposing private data to the cloud servers running those models. A cryptographic technique called Secure Multi-Party Computation (MPC) makes this possible. It splits data into encrypted fragments, distributes them across two or more servers that do not share information with…

Read more →

AI, Apps, Cybersecurity, Global Security News

Cybersecurity jobs available right now: April 21, 2026

Application Security Engineer (DevSecOps / Azure DevOps) BEWAHARVEST | Philippines | Hybrid – View job details As an Application Security Engineer (DevSecOps / Azure DevOps), you will embed security across the SDLC by working with engineering and DevOps teams to implement automated security controls and testing. You will manage application security programs including SAST, DAST,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution

As organizations consider agentic AI for their business and IT stacks, researchers continue to find bugs and vulnerabilities in major, commercial models  that can significantly expand their attack surface. This week, researchers at Pillar Security disclosed a vulnerability in Antigravity, an AI-powered developer tool for filesystem operations made by Google. The bug, since patched, combined…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy

France’s ANTS ID System website hit by cyberattack, possible data breach

A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which handles applications for passports, ID cards, residence permits, and driver’s licenses. Authorities detected the incident on April 15 and warned it may have exposed personal data from both individuals…

Read more →

AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Risk Management

Cyberattack That Could Have Poisoned a City’s Water Supply by Manipulating Chlorine Levels

In mid-April 2026, researchers at Darktrace published a detailed breakdown of a malware sample that occupies a narrow but alarming niche in the threat landscape: a Windows-based OT weapon apparently designed from the ground up to sabotage Israeli water treatment and desalination infrastructure. The malware identifies itself internally as ZionSiphon — the name appears in a core…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, malware, Risk Management

Vercel’s security breach started with malware disguised as Roblox cheats

Vercel customers are at risk of compromise after an attacker hopped through multiple internal systems to steal credentials and other sensitive data, the company said in a security bulletin Sunday.  The attack, which didn’t originate at Vercel, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.  An attacker traversed third-party…

Read more →

AI, Global Security News, Network Security

Panasonic Connect introduces TOUGHBOOK 56 for Mobile Professionals

Panasonic Connect North America has launched the TOUGHBOOK 56, a modular rugged laptop designed to support mobile workers across a range of industries. The new device delivers high-performance computing, faster connectivity options, improved thermal management, and advanced security features for professionals in public safety, utilities, enterprise, and federal operations. Offering purpose-built machine to frontline professionals…

Read more →

AI, Global Security News, Network Security

Procure IT & NetWolves Target Enterprise IT Expense Visibility

NetWolves has partnered with Procure IT to integrate its Managed Intelligence Platform into the provider’s Site Connectivity as a Service (SCaaS) offering, aiming to give large enterprises greater visibility into IT spending across vendors, contracts, and services. Why Procure IT and NetWolves formed the partnership The goal is to give Fortune 1000 companies and large…

Read more →