Geek-Guy.com

AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

AI Email Summaries Create a New Phishing Attack Surface

Artificial intelligence (AI) assistants are rapidly becoming a core part of workplace productivity, but new research suggests they may also introduce a previously overlooked phishing vector.  Permiso researchers found that attacker-controlled text embedded in emails can manipulate Microsoft Copilot summaries through cross prompt injection attacks (XPIA), potentially inserting deceptive security alerts or malicious prompts into…

Read more →

AI, Global Security News

Zero lessons learned: Convicted scammer allegedly ran another athlete-focused phishing scam from federal prison

Professional NBA and NFL athletes were allegedly deceived and victimized by a 34-year-old Georgia man’s sneaky social-engineering scheme that he ran while impersonating a well-known adult film star, the Justice Department said Monday. Kwamaine Jerell Ford allegedly initiated and committed some of the crimes while incarcerated in federal prison for a similar, widespread phishing scam…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Wing FTP Server flaw, tracked as CVE-2025-47813 (CVSS score of 4.3), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-47813 is an information disclosure vulnerability affecting Wing FTP…

Read more →

AI, Apps, Cloud Security, Cybersecurity, Global Security News, Risk Management

ArmorPoint and Dynascale Partner on Cloud Infrastructure

ArmorPoint, a provider of managed cybersecurity solutions, has announced a partnership with Dynascale Technologies, a provider of private and hybrid cloud and AI-ready infrastructure. Dynascale embeds ArmorPoint SOC and SIEM into managed infrastructure offering The partnership will enable Dynascale to embed ArmorPoint’s 24/7 managed SOC and SIEM capabilities directly into its fully managed cloud infrastructure. …

Read more →

AI, Global Security News, malware, Russia

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

Russia-linked threat actors target Ukrainian entities with DRILLAPP backdoor and use Edge debugging for stealth. A new DRILLAPP backdoor campaign targets Ukrainian organizations, abusing Microsoft Edge debugging to evade detection. Observed in February 2026, it shows links to previous Russian-aligned operations by Laundry Bear APT group (aka UAC-0190, Void Blizzard) using the PLUGGYAPE malware family…

Read more →

AI, APAC, Apps, Global Security News

Vultr Adopts NVIDIA Rubin Platform Along with Dynamo & Nemotron

Cloud infrastructure company Vultr is delivering an optimized inference stack on the NVIDIA Rubin platform and adopting NVIDIA Dynamo and NVIDIA Nemotron. NVIDIA and Vultr continue a long-standing partnership These moves represent a milestone in NVIDIA and Vultr’s long-standing collaboration, providing tokenomics to support enterprises with ready-to-deploy composable cloud infrastructure that leverages NVIDIA-optimized open-source model…

Read more →

AI, Global Security News, malware

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. “The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,”…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Microsoft Issues Hotpatch for Windows 11 RRAS RCE Bugs

Microsoft has issued an out-of-band security update to address several critical vulnerabilities in Windows 11 that could allow attackers to execute malicious code through the system’s remote access management tools.  The patch targets flaws in the Windows Routing and Remote Access Service (RRAS) and is being delivered as a hotpatch, allowing systems to receive the…

Read more →

AI, Data Breaches, Global Security News, Venture

Startups accuse Microsoft of ‘billing trap’ in Azure AI Foundry after unexpected charges

A growing number of startup founders are raising concerns about unexpected charges incurred while experimenting with AI models through Microsoft’s Azure AI Foundry platform, turning what began as an isolated complaint into a broader debate over billing transparency. At least 20 participants in the Microsoft for Startups program have signed a Change.org petition calling on…

Read more →

AI, Global Security News

Stellar Cyber 6.4.0 reduces alert noise and speeds investigations with Autonomous SOC capabilities

Stellar Cyber has announced he general availability of version 6.4.0 of its platform. With this release, Stellar Cyber delivers new Autonomous SOC capabilities designed to reduce alert noise, accelerate investigations, and transform the day-to-day experience of security analysts. Ushering in the human-augmented Autonomous SOC Security teams are overwhelmed by escalating alert volumes and increasingly complex…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia

Former Germany’s foreign intelligence VP hit in Signal account takeover campaign

Former BND VP Arndt Freytag von Loringhoven was targeted in a Signal cyberattack, part of a wave hitting officials and politicians in Germany. A cyberattack targeting Signal and WhatsApp users has hit high-ranking German officials, including former BND Vice President Arndt Freytag von Loringhoven. The official reported being contacted by someone posing as Signal support…

Read more →

AI, Global Security News

NinjaOne Vulnerability Management enables real-time detection and autonomous patching

NinjaOne has unveiled NinjaOne Vulnerability Management, a new solution that helps IT teams identify, prioritize, and remediate vulnerabilities faster, without relying on periodic scans from security teams that often lack context and connection to remediation workflows. Built natively into the NinjaOne platform, the new solution brings together AI-driven real-time vulnerability assessment, patch confidence scoring, and…

Read more →

AI, Global Security News, Risk Management

Orca Platform enhancements use AI to cut cloud alert noise

Orca Security has announced major enhancements to the Orca Platform, introducing new AI-powered security agents, real-time detection of AI usage across cloud environments, remediation-focused workflows, and code reachability analysis. These innovations enable organizations to move beyond fragmented alerts toward faster investigation, clearer prioritization, and measurable risk reduction. As enterprises accelerate AI adoption and scale across…

Read more →

AI, Endpoint, Global Security News, Risk Management

NinjaOne Intros AI-Driven Vulnerability Management Solution

Unified IT management software provider NinjaOne has unveiled NinjaOne Vulnerability Management, a new solution designed to help IT teams identify, prioritize, and remediate vulnerabilities faster, without relying on periodic scans from security teams that often lack context and connection to remediation workflows.  Moving away from traditional vulnerability management Built natively into the platform, NinjaOne says…

Read more →

AI, Cybersecurity, Europe, Global Security News

Sherweb Expands to the UK to Support MSP Growth

Sherweb is expanding into the United Kingdom as the Canadian cloud marketplace and MSP enablement provider looks to grow beyond North America. The move targets one of Europe’s largest managed services markets and builds on Sherweb’s recent acquisition of Ireland-based IT distributor MicroWarehouse. The company says the expansion will focus on helping MSPs navigate rapid…

Read more →

AI, Apps, Compliance, Global Security News

Nutanix Unveils Nutanix Agentic AI, Full Stack Software Solution to Unlock the Potential of Enterprise AI Factories

COMPANY NEWS:  Designed to deliver performance, compliance, and security for Agentic AI applications and help minimise aggregate token costs Empowers enterprise infrastructure and platform teams to simply build, scale, and operate AI factories Enables developer teams with a rich set of AI PaaS services integrated with NVIDIA AI Enterprise to accelerate deployment of Agentic AI…

Read more →

AI, Global Security News

HID 2026 State of Security and Identity Report

GUEST OPINION:   As organisations navigate an increasingly complex security landscape, the convergence of physical and digital identity is rapidly reshaping how enterprises protect people, systems and data. New insights from HID’s 2026 State of Security and Identity Report show identity management has become the central pillar of modern security strategies, as businesses respond to AI-enabled…

Read more →

AI, Cybersecurity, Global Security News, Venture

Packing Smart for Adventure Travel: Food, Gear, and Style for the Road

In this post, I will talk about packing smart for adventure travel. Traveling to outdoor destinations often requires more preparation than typical city trips. Whether heading to a mountain resort, exploring rural landscapes, or attending seasonal events in small towns, travelers quickly learn that the right combination of food, gear, and clothing can make the…

Read more →

AI, Global Security News

Workiva Bolsters APJ Investment with Strategic Executive Appointment Amid Period of Sustained Growth

Workiva Inc. (NYSE: WK), a leading, AI-powered platform for trust, transparency, and accountability, is fueling its investment in Asia-Pacific and Japan (APJ), announcing the appointment of Kristen “KP” Pimpini as Vice President of Sales and General Manager, APJ. The appointment comes on the heels of a sustained period of Workiva customer and employee momentum across APJ. 

Read more →

Global Security News, Network Security

Telstra Health introduces Smart Connect to streamline pathology eRequesting for GPs, patients and pathology providers

COMPANY NEWS:  Telstra Health, Australia’s largest digital health technology company, has today launched Smart Connect, a new pathology eRequesting capability within MedicalDirector Clinical, designed to replace manual, paper-based pathology requests with a fully digital workflow. The feature launches with Healius Pathology Network as its first integrated partner.

Read more →

AI, Global Security News

Fingerprint’s MCP Server turns device intelligence into real-time AI-powered fraud insights

Fingerprint has announced the launch of its Model Context Protocol (MCP) Server, an open-source MCP implementation for the fraud prevention space. The new server enables organizations to connect any AI assistant or agent directly to Fingerprint’s device intelligence platform, turning fraud analysis into real-time, AI-powered insights. The Fingerprint MCP Server uses a standard open protocol…

Read more →

AI, Exploits, Global Security News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. “Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands – making it particularly effective against users who may not appreciate…

Read more →

AI, Exploits, Global Security News, malware, Network Security

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are abusing extension dependency relationships in the Open VSX registry to indirectly deliver malware in a new phase of the GlassWorm supply-chain campaign. Researchers at Socket said they have identified at least 72 additional malicious Open VSX extensions linked to the campaign since January 31, 2026. The extensions appear to target developers by…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Nine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at risk

Security researchers at Qualys have disclosed nine vulnerabilities in AppArmor, the Linux Security Module that ships enabled by default across Ubuntu, Debian, and SUSE distributions. An unprivileged local attacker can exploit the flaws to gain full root access, break out of container isolation, and crash systems, all without requiring administrative credentials, the researchers said in…

Read more →

Deeper Network Promo Deeper Network Promo Deeper Network Promo Image

AI, Compliance, Cybersecurity, Europe, Global Security News, malware

ANY.RUN at RootedCON 2026: Meeting Security Teams and Showcasing New Capabilities 

From March 5 to March 7, the ANY.RUN team attended RootedCON 2026 in Madrid and showcase some of our latest capabilities developed for modern SOC environments at the conference expo.  The event provided a great opportunity to meet our existing clients and connect with security teams exploring advanced threat detection solutions.  Meeting the Community and Partners  RootedCON is one of the largest cybersecurity conferences in Europe, bringing together thousands of security researchers, SOC…

Read more →

AI, Global Security News, Network Security, privacy

Microsoft Edge 146 adds IP privacy and local network access controls

Microsoft Edge version 146 (Stable) became available on March 13, 2026, bringing updates to tracking protection, IP privacy, and enterprise network security policies. One change affects tracking prevention in InPrivate browsing. InPrivate windows use the same tracking prevention level configured for standard browsing sessions. The separate option that previously allowed a different tracking setting for…

Read more →

AI, Apps, Global Security News, malware, privacy, Risk Management

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Android 17 will block non-accessibility apps from using the Accessibility API under Advanced Protection Mode to reduce malware abuse. Android 17 introduces a new security feature in Advanced Protection Mode (AAPM) that blocks apps without accessibility functions from accessing the Accessibility API. The change, first reported by Android Authority and included in Android 17 Beta…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

Washington is right: Cybercrime is organized crime. Now we need to shut down the business model

The recently released executive order targeting cybercrime, fraud, and predatory schemes uses language the federal government has often avoided. Now, for the first time, the Trump administration is echoing what the cybersecurity industry has been shouting for years: cyber-enabled fraud is a product of transnational organized crime. That distinction matters because organized crime requires an…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management

Attackers are exploiting AI faster than defenders can keep up, new report warns

Cybersecurity is entering “a new phase” as artificial intelligence tools have matured and given IT defenders significantly less time to respond to cyberattacks and other threats, according to a new report released Monday. The report, authored by federal contractor Booz Allen Hamilton, concludes that threat actors have adopted AI more quickly than governments and private…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security

The ransomware economy is shifting toward straight-up data extortion

Ransomware remains a scourge that shows some signs of relenting, but incident responders and threat hunters are busier than ever as more financially-motivated attackers lean exclusively on data theft for extortion. Attacks that only involve data theft for extortion may not be more prevalent than traditional ransomware when attackers encrypt systems, but momentum is moving…

Read more →

Cybersecurity, Global Security News

Goldshell E-DG1M: A High-Efficiency Scrypt Miner for Home and Small Farms

If you’re serious about Litecoin (LTC), Dogecoin (DOGE), or other Scrypt-based cryptocurrencies, the Goldshell E-DG1M is a game-changer. Combining high hash power, energy efficiency, and a compact, home-friendly design, it has quickly become one of the most attractive options under $2,000 for both hobbyists and professional miners. This article explores the E-DG1M’s features, performance, and…

Read more →

AI, Data Breaches, Global Security News

Hackers tried to breach Poland’s nuclear research centre

Poland’s National Centre for Nuclear Research (NCBJ) thwarted a cyberattack targeting its IT infrastructure. The attempted intrusion was detected and blocked before attackers could compromise systems or disrupt operations. “No production, operational, or research processes were disrupted, and the MARIA reactor is operating safely and smoothly, at full power,” said Prof. Jakub Kupecki, Director of…

Read more →

AI, Global Security News

KEEQuant advances chip-scale QKD for telecom, data centers, and critical infrastructure

KEEQuant has announced its commercial chip-scale QKD technology, marking an advance in quantum-secure communications. The system replaces bulky optical assemblies with photonic integration, lowering the cost and complexity of quantum key distribution and making quantum-safe key exchange a practical upgrade for telecom operators, data center providers, and critical infrastructure organizations. The result is smaller, more…

Read more →

AI, Global Security News

Everpure smashes AI infrastructure bottlenecks with Data Stream, Evergreen//One for AI, and the world’s fastest storage systems

Enterprise AI may be booming but the reality inside many organisations is far less glamorous: stalled pilots, overwhelmed infrastructure teams, and GPUs sitting idle waiting for data. Everpure has made its first major announcement since rebranding (from Pure Storage) and it’s a big one that brings welcome news to tech leaders around the world.

Read more →

AI, Global Security News, malware, Russia

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo’s LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear (aka UAC-0190 or Void Blizzard)…

Read more →

AI, Data Breaches, Endpoint, Global Security News

JSOC IT’s AUTOPSY platform puts security stacks under live API verification

JSOC IT has announced the launch of AUTOPSY, a security verification platform that investigates an organization’s security stack through live API integrations before a breach occurs, rather than after one forces the conversation. The platform’s flagship product, READY, is a security assessment that replaces self-reported questionnaires with API-verified telemetry across an organization’s security stack, including…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Unprivileged users could exploit AppArmor bugs to gain root access

Researchers found nine “CrackArmor” flaws in Linux AppArmor that could let unprivileged users bypass protections, gain root privileges, and weaken container isolation. Qualys researchers disclosed nine vulnerabilities, collectively tracked as CrackArmor, in the Linux kernel’s AppArmor module. The flaws have existed since 2017 and could allow unprivileged users to bypass protections, escalate privileges to root,…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management

What it takes to win that CSO role

CSO and CISO roles are among the hardest to fill in IT. Which should be good news for cybersecurity professionals that aspire to leadership positions as the organization’s top security exec. For those that do, the authority, clout, pay, and benefits are increasing significantly. But so too are the responsibility and accountability placed on cybersecurity…

Read more →

AI, Global Security News

Certificate lifespans are shrinking and most organizations aren’t ready

The push for shorter TLS certificate lifespans has been building for years. It started with Google’s internal push toward 90-day certificates, which gained traction inside the industry before resistance from enterprise customers slowed things down. Then Apple proposed 47-day certificates, which reignited the debate and ultimately forced the CA/Browser Forum to set a formal schedule.…

Read more →

AI, Exploits, Global Security News, malware, Russia

ClickFix techniques evolve in new infostealer campaigns

Cybercriminals are combining compromised websites with increasingly sophisticated ClickFix social engineering lures to deliver new infostealer malware, with one campaign alone weaponizing more than 250 WordPress sites across 12 countries. The campaign leads to stealthy in-memory payloads, while a separate attack detected by Microsoft targets Windows Terminal for payload execution instead of the traditional Run…

Read more →

AI, Cybersecurity, Global Security News, Risk Management

What smart factories keep getting wrong about cybersecurity

In this Help Net Security interview, Packsize CSO Troy Rydman breaks down the biggest vulnerabilities in smart factory environments today, from IoT devices and legacy systems to human error. He explains how unmanaged devices, from sensors to robotic components, often go unpatched and become entry points for attackers. Legacy infrastructure is frequently overlooked as organizations…

Read more →

AI, Global Security News

VulHunt: Open-source vulnerability detection framework

Binarly has published VulHunt Community Edition, making the core scanning engine from Binarly’s commercial Transparency Platform available to independent researchers and practitioners. What VulHunt does VulHunt Community Edition is a framework for detecting vulnerabilities in compiled software. It operates against multiple binary representations simultaneously, working across disassembly, an intermediate representation layer, and decompiled code. Targets…

Read more →

AI, Global Security News

Fake scandal clips on Facebook bait victims into investment scams

Bitdefender researchers uncovered hundreds of scam campaigns promoted through Facebook ads that use fake news stories, celebrity impersonation, and redirect chains to funnel victims into investment fraud schemes. The activity ran through 310 malvertising campaigns distributed on Meta platforms from February 9 to March 5, 2026. The campaigns generated more than 26,000 ad sightings with…

Read more →