Geek-Guy.com

Tag: affecting

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Attackers are exploiting Palo Alto Networks defect that initially flew under the radar

Researchers and threat hunters are scrambling to respond to an actively exploited authentication-bypass vulnerability affecting Palo Alto Networks customers’ firewalls.  The company initially tagged CVE-2026-0257 with a medium-severity rating when it disclosed the defect May 13, but quickly reassessed it as critical after Rapid7 observed and confirmed active exploitation in the wild. The Cybersecurity and…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Risk Management

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed personal information. According to the notification shared with the Maine Attorney General’s Office, the total number of persons affected is 5,995,277. The company said…

Read more →

AI, Global Security News

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026. The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and…

Read more →

Exploits, Global Security News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon. The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading…

Read more →

AI, Exploits, Global Security News

‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit

An old elevation of privilege (EoV) vulnerability affecting the Cloud Filter driver “cldflt.sys” in Windows has come back to haunt Microsoft, as researchers claim it is still exploitable six years after it was supposedly patched. The flaw, originally reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020, was recently picked up…

Read more →

AI, APAC, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management

For May, Patch Tuesday means 139 updates — but no zero-days

Microsoft this week released 139 updates affecting Windows, Office, .NET, and SQL Server (though there were no updates for Microsoft Exchange Server). Despite the absence of zero-days, the May Patch Tuesday update still requires Patch Now recommendations for Windows and Office.  The combination of three unauthenticated network RCEs (Netlogon, DNS Client, and SSO Plugin for…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Risk Management

CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Can Grant Admin Access

A vulnerability affecting Cisco Catalyst SD-WAN Controller has drawn urgent attention after Cisco, Rapid7, and CISA confirmed active exploitation. CVE-2026-20182 is a critical authentication bypass flaw in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager that carries a CVSS 10.0 score and can let an unauthenticated remote attacker gain administrative privileges on an affected…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Cisco warns of an actively exploited SD-WAN flaw with max severity

Cisco has disclosed a max-severity authentication bypass vulnerability affecting its Catalyst SD-WAN Controller and Catalyst SD-WAN Manager platforms, warning that the flaw has already been found to be exploited in the wild. The disclosure follows an earlier authentication bypass vulnerability that Cisco patched in February. In the latest advisory, the company said the new flaw…

Read more →

AI, Exploits, Global Security News

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare-Eclipse, disclosed two new Windows zero-day vulnerabilities named YellowKey and GreenPlasma. The flaws affect BitLocker and the Windows Collaborative Translation Framework (CTFMON). YellowKey could allow attackers to bypass BitLocker protections,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

Welcome to the largest educational data breach in history – affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas’s parent company refused to pay and announced they had deployed “security patches” instead, the hackers were less than impressed. So they came back through the cat flap. Meanwhile, a famous…

Read more →

AI, Global Security News

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email. The vulnerability, tracked as CVE-2026-45185, aka Dead.Letter, has been described as a use-after-free

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

A critical Palo Alto PAN-OS zero-day is being exploited in the wild

Attackers are actively exploiting a zero-day vulnerability affecting some Palo Alto Networks’ customers’ firewalls, the security vendor said in an advisory Tuesday. The critical memory corruption vulnerability — CVE-2026-0300 — affects the authentication portal of PAN-OS, and allows unauthenticated attackers to run  code with root privileges on the vendor’s PA-Series and VM-Series firewalls, the company…

Read more →

Exploits, Global Security News, Network Security

Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300)

A critical vulnerability (CVE-2026-0300) affecting Palo Alto Networks firewalls is being actively exploited by attackers, the security company acknowledged today, and urged customers to implement mitigations as they are still working on fixes. About CVE-2026-0300 CVE-2026-0300 is a buffer overflow vulnerability in the User-ID Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS…

Read more →

AI, Data Breaches, Exploits, Global Security News, Risk Management

Trellix discloses the breach of a code repository

Trellix disclosed a security breach affecting part of its source code repository, however, the company says there’s no sign of code misuse. Trellix revealed a breach that allowed unauthorized access to part of its source code repository. The company said it quickly launched an investigation with forensic experts and notified law enforcement. While the exact…

Read more →

AI, Exploits, Global Security News

Critical Cursor bug could turn routine Git into RCE

Security researchers have disclosed a high-severity vulnerability affecting the Cursor IDE, allowing arbitrary code execution on a developer’s machine through a seemingly routine repository interaction. According to findings by AI pentesting platform Novee Security, once a developer cloned and interacted with a malicious repository, the IDE’s AI agent could trigger embedded Git logic, resulting in…

Read more →

AI, Exploits, Global Security News

Another Microsoft Defender privilege escalation bug emerges days after patch

Days after Microsoft patched a high-severity issue affecting its Windows Defender antivirus tool through April’s Patch Tuesday, researchers warn of another vulnerability that could enable SYSTEM privileges through local escalation. In a newly disclosed proof-of-concept (PoC) exploit, dubbed “RedSun,” GitHub user going by the name “Nightmare Eclipse” demonstrated how Microsoft Defender’s handling of certain cloud-tagged…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security

Microsoft drops its second-largest monthly batch of defects on record

Microsoft addressed 165 vulnerabilities affecting its various products and underlying systems, including one actively exploited vulnerability in Microsoft Office SharePoint, in this month’s Patch Tuesday update.  “By my count, this is the second-largest monthly release in Microsoft’s history,” Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, wrote in a blog post…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Network Security

Seven IBM WebSphere Liberty flaws can be chained into full takeover

Security researchers are warning of a set of flaws affecting IBM WebSphere Liberty, a lightweight, modular Java application server, that can be chained into a full server compromise. The flaws, a total of seven, that led to the ultimate compromise of the server were initiated by a newly discovered pre-authentication issue in the platform’s SAML…

Read more →

AI, Global Security News

Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)

Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. Cisco ICM riddled with vulnerabilities Cisco Integrated Management Controller is a built-in hardware management system used in Cisco servers. It allows…

Read more →

AI, Exploits, Global Security News

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s being used by attackers). CVE-2026-5281’s official description says it’s a use-after-free (UAF) vulnerability in…

Read more →

AI, Cybersecurity, Data Breaches, Europe, Global Security News, Network Security

The European Commission confirmed a cyberattack affecting part of its cloud systems

The European Commission confirmed a cyberattack affecting part of its cloud systems, now contained, with no impact on internal networks. On March 24, the European Commission detected a cyberattack affecting the cloud infrastructure hosting its Europa.eu websites. The incident was quickly contained, with mitigation measures applied and no disruption to website availability. Early findings suggest…

Read more →

AI, Data Breaches, Global Security News

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

Dutch Ministry of Finance disclosed a data breach affecting some employees following a cyberattack, investigation is ongoing. The Dutch Ministry of Finance disclosed a cyberattack detected on March 19 after a third-party alert. Attackers breached some internal systems, the incident impacted a “portion of the employees”. Authorities are still investigating the incident and its full…

Read more →

AI, Compliance, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management

Cisco’s latest vulnerability spree has a more troubling pattern underneath

Cisco customers have confronted a flood of actively exploited vulnerabilities affecting the vendor’s network edge software since late February, and researchers say that five of the nine vulnerabilities Cisco disclosed in its firewalls and SD-WAN systems over the past three weeks have already been exploited in the wild.  Attackers exploited a pair of these defects…

Read more →

Exploits, Global Security News

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit

A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level. Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system. “This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Starbucks HR Portal Breach Exposes Employee Information

Starbucks has disclosed a data breach affecting hundreds of employees after attackers accessed internal HR accounts through phishing websites impersonating the company’s employee portal.  This incident exposed sensitive personal and financial information, raising concerns about potential identity theft and fraud. “The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-21262: SQL Server Zero-Day Fixed in Microsoft’s March Patch Tuesday Release

The beginning of 2026 has brought a wave of zero-day vulnerabilities affecting Microsoft products, including the actively exploited Windows Desktop Window Manager flaw (CVE-2026-20805), the Microsoft Office zero-day (CVE-2026-21509) that prompted an out-of-band fix, and the Windows Notepad RCE bug (CVE-2026-20841). Microsoft’s March Patch Tuesday release keeps defenders busy again, this time shifting attention to…

Read more →

AI, Data Breaches, Global Security News, Network Security

Bell Ambulance data breach impacted over 238,000 people

Bell Ambulance confirms a February 2025 breach affecting 238,000 people, exposing personal, financial, and health information. Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers,…

Read more →

AI, Exploits, Global Security News

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited

On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed flaws are CVE-2026-21262, a vulnerability in SQL Server that may allow attackers to gain SQLAdmin privileges, and CVE-2026-26127, a .NET flaw that…

Read more →

AI, Exploits, Global Security News, Network Security

Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)

Microsoft today released patches for 93 vulnerabilities, including 9 vulnerabilities in Chromium affecting Microsoft Edge. 8 of the vulnerabilities are rated critical. 2 were disclosed prior to today but have not yet been exploited. This update addresses no already-exploited vulnerabilities. Disclose vulnerabilities: CVE-2026-26127: A denial of service vulnerability in .Net. Microsoft considers exploitation unlikely. The…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Cisco SD-WAN Manager Vulnerabilities Actively Exploited

Cisco is warning customers that attackers are actively exploiting multiple vulnerabilities affecting its Catalyst SD-WAN Manager platform. The software serves as a centralized management console used to monitor and control large distributed SD-WAN deployments.  These vulnerabilities “… could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information,…

Read more →

AI, Exploits, Global Security News

Cisco issues emergency patches for critical firewall vulnerabilities

Cisco has handed security teams one of the largest ever patching workloads affecting its firewall products, including fixes for two ‘perfect 10’ vulnerabilities in the company’s Secure Firewall Management Center (FMC) Software. Overall, the March 4 release, the first of its semiannual firewall updates for 2026, addresses 25 security advisories covering 48 individual CVEs. The…

Read more →

Exploits, Global Security News

Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities

Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2026-20122 (CVSS score: 7.1) – An arbitrary file overwrite vulnerability that could allow an authenticated, remote attacker to overwrite arbitrary files on the local file…

Read more →

AI, Exploits, Global Security News

The vulnerability that turns your AI agent against you

Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content embedded in routine workflows, enabling unauthorized actions without user awareness. The disclosure includes PerplexedBrowser, a…

Read more →

AI, Exploits, Global Security News, Network Security

Juniper issues emergency patch for critical PTX router RCE

Juniper released an emergency patch for Junos OS Evolved to fix CVE-2026-21902, a critical RCE flaw affecting PTX routers. Juniper Networks issued an out-of-band security update for Junos OS Evolved to address a critical remote code execution vulnerability, tracked as CVE-2026-21902 (CVSS score of 9.3), impacting PTX routers. The company urges customers to apply the…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Six flaws found hiding in OpenClaw’s plumbing

Security researchers have uncovered six high-to-critical flaws affecting the open-source AI agent framework OpenClaw, popularly known as a “social media for AI agents.” The flaws were discovered by Endor Labs as its researchers ran the platform through an AI-driven static application security testing (SAST) engine designed to follow how data actually moves through the agentic…

Read more →

AI, Endpoint, Exploits, Global Security News

Microsoft Patch Tuesday – January 2026, (Tue, Feb 10th)

Today’s patch Tuesday addresses 59 different vulnerabilities (plus two Chromium vulnerabilities affecting Microsoft Edge). While this is a lower-than-normal number, this includes six vulnerabilities that are already exploited. Three vulnerabilities have already been exploited and made public. In addition, five critical vulnerabilities are included in this patch Tuesday. Vulnerabilities of Interest: The three already exploited…

Read more →

AI, CISA, Cybersecurity, Don't miss, Exploits, Global Security News, Hot stuff, News

Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)

For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited Vulnerabilities catalog, and this one is being exploited in ransomware attacks. A glut of SmarterMail vulnerabilities On January 26, the US cybersecurity agency listed CVE-2025-52691 (a unrestricted upload of file with dangerous…

Read more →