Geek-Guy.com

Tag: attack

AI, Cybersecurity, Global Security News, malware

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next. Threat actors now use malware less frequently in favor of what’s already inside your environment, including abusing trusted tools, native binaries, and legitimate admin utilities to move laterally, escalate privileges, and persist without raising…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code

SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based security detected and blocked a supply chain attack involving a compromised LiteLLM package. SentinelOne’s macOS agent detected and stopped a malicious process chain triggered by Claude Code after it unknowingly installed a compromised LiteLLM package. The…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

The Invisible Breach: How AI Agents Became the Most Dangerous Attack Surface of 2025–2026

The Attack That Requires No Click In June 2025, Microsoft patched a critical vulnerability in Microsoft 365 Copilot — one that its discoverers at Aim Security described as something that had never been seen before. A threat actor needed only to send a carefully crafted email to any employee within a target organization. No link.…

Read more →

AI, Apps, Exploits, Global Security News, malware, Risk Management

New Bitdefender assessment helps organizations identify and eliminate hidden internal attack paths

Bitdefender has announced the Bitdefender Internal Attack Surface Assessment, a complimentary evaluation that helps organizations identify and reduce hidden internal cyber risks caused by unnecessary user access to applications, tools, and operating system utilities commonly exploited in attacks. The assessment provides organizations with a data-driven view of their internal attack surface and offers actionable guidance…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

CareCloud Incident Exposes Patient Data, Disrupts EHR Systems

An attack on healthcare IT provider CareCloud has exposed sensitive patient data and temporarily disrupted access to critical systems, highlighting ongoing risks facing digital healthcare infrastructure. We are “… continuing to investigate the nature and scope of the incident. The affected environment stores patient information, and the Company continues to assess whether, and the extent…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, Risk Management

LiteLLM Supply Chain Attack Exposes Credentials Across AI Ecosystems

A widely used AI development library was compromised in a recent supply chain attack, potentially exposing a large number of systems to risk.  Malicious LiteLLM packages on PyPI were backdoored to quietly steal credentials, tokens, and sensitive infrastructure data from both development and production environments.  “The LiteLLM compromise shows just how quickly supply chain attacks…

Read more →

AI, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security

Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave

What started as a supply chain attack on Trivy, a widely used security scanner, has become a Lapsus$-linked extortion campaign, with more than 1,000 enterprise SaaS environments already compromised. Charles Carmakal, CTO of Mandiant Consulting, made the assessment at a Google-hosted threat briefing held alongside the RSA Conference 2026 in San Francisco on Tuesday. “We…

Read more →

AI, Data Breaches, Exploits, Global Security News, Risk Management

Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack

SAN FRANCISCO — Mandiant is responding to a major, ongoing supply-chain attack involving the compromise of Trivy, a widely used open-source tool from Aqua Security that’s designed to find vulnerabilities and misconfigurations in code repositories. The fallout from the attack spree, which was first detected March 19, is extensive and poses substantial risk for follow-on…

Read more →

AI, Global Security News, Network Security, Risk Management

New device categories enter top enterprise risk rankings

Enterprise networks keep adding connected devices, expanding the attack surface as threat actors target a wider range of systems, many of which are difficult to inventory, secure, and patch consistently. (Source: Forescout) Forescout’s 2026 Riskiest Devices research maps that shift in IT, IoT, OT, and IoMT environments, with 11 new riskiest asset types entering the…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Network Security

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the…

Read more →

AI, Global Security News, malware

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. “The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,”…

Read more →

AI, Endpoint, Global Security News, malware, Russia

HR, recruiters targeted in year-long malware campaign

An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have managed to keep their activity largely under the radar. “We currently lack telemetry…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management, Russia

Coruna iOS Exploit Kit Compromises Thousands of iPhones

An iOS exploit framework has revealed how advanced mobile attack tools can move rapidly from surveillance operations to espionage and financial crime.  Google’s Threat Intelligence Group (GTIG) identified Coruna, a powerful exploit kit containing 23 vulnerabilities across five exploit chains that were used to compromise thousands of iPhones throughout 2025. “The core technical value of…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Perplexity Comet Browser Bug Leaks Local Files via AI Prompt Injection

A newly disclosed attack against Perplexity’s AI-powered Comet browser shows how agentic browsers can be manipulated into leaking sensitive data directly from a user’s machine.  Zenity Labs researchers demonstrated a zero-click attack that tricks the browser’s AI agent into reading local files and sending their contents to an attacker-controlled server. The attack “… results in…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, privacy, Risk Management

Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals

A ransomware attack on the University of Hawaiʻi Cancer Center exposed personal data of 1.2 million people. A 2025 ransomware attack targeting the University of Hawaiʻi Cancer Center compromised the personal information of about 1.2 million individuals. The attack hit the University of Hawaiʻi Cancer Center on August 31, 2025, impacting servers that support research…

Read more →

AI, APAC, Global Security News, Government & Policy, malware

Lazarus APT group deployed Medusa Ransomware against Middle East target

North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet and Pompilus, has been spotted deploying Medusa ransomware against an unnamed organization in the Middle East, according a new report from the Symantec and Carbon Black…

Read more →

AI, Global Security News, malware

Self-spreading npm malware targets developers in new supply chain attack

Security researchers have uncovered another supply chain attack targeting developers: 19 typosquatting npm packages published on npmjs.com that steal credentials, infect projects, and propagate themselves across developer environments. The operation, dubbed “SANDWORM_MODE,” represents a (still) rare example of worm-like malware designed to spread through software supply chains rather than traditional end-user systems. New npm worm…

Read more →

AI, Data Breaches, Global Security News

Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen

Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Ad Tech Firm Optimizely Investigates Vishing Incident

Ad tech firm Optimizely is notifying customers after a voice phishing attack led to unauthorized access to some of its internal systems.  The company says threat actors obtained limited business contact information but did not access sensitive customer data or disrupt operations. “The threat actor gained access to Optimizely’s systems through a sophisticated voice-phishing attack,…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

Global Chip Supplier Advantest Discloses Cyber Incident 

Japanese semiconductor equipment company Advantest has confirmed it was hit by a ransomware attack after detecting unusual activity inside its corporate network on February 15.  The company says an unauthorized third party may have accessed internal systems and deployed ransomware, potentially affecting sensitive data tied to customers or employees. “Preliminary findings appear to indicate that…

Read more →

Global Security News

Japanese chip-testing toolmaker Advantest suffers ransomware attack

Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on February 15, 2026. What happened? Tokyo-based Advantest is a leading manufacturer of automatic test and measurement equipment used in the design and production of semiconductors that used in computers, electronic devices…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

University of Mississippi Medical Center Closes Clinics After Ransomware Attack

A ransomware attack has forced the University of Mississippi Medical Center (UMMC) to temporarily close most of its clinics, cancel elective procedures, and shift to manual documentation as IT systems remain offline.  The incident, detected in the early hours of Feb. 19, 2026, disrupted UMMC’s network, including its EPIC electronic medical record (EMR) platform. “We…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Risk Management

AI FOMO: How Pressure to Adopt AI is Outpacing Understanding

AI – or large language models (LLMs) – is introducing new attack surfaces, despite the new capabilities that the technology promises.  The new threats it is introducing, including prompt injection, deepfakes, and alignment risks, are huge security concerns at a strategic level. AI FOMO is driving enterprise adoption before risk mitigation At the Genetec Global…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

MCP Servers Expose a Hidden AI Attack Surface in Enterprise Environments

As enterprises rush to integrate AI assistants into daily workflows, a new and potentially overlooked attack surface is emerging: Model Context Protocol (MCP) servers.  Built to connect AI applications to external tools and data, MCP servers can be exploited to execute code, exfiltrate data and manipulate users — often without visible signs of compromise.  Attackers…

Read more →

AI, Europe, Global Security News, Government & Policy, Russia

Germany’s national rail operator Deutsche Bahn hit by a DDoS attack

Germany’s national rail operator, Deutsche Bahn, suffered a major DDoS attack that disrupted booking and information systems for several hours. Germany’s rail operator Deutsche Bahn was hit by a large-scale DDoS attack that disrupted information and booking systems for several hours. The cyberattack affected IT operations, causing delays and service interruptions. At this time, the…

Read more →

AI, Apps, Data Breaches, Global Security News, Network Security, Risk Management

Japan’s Washington Hotel Reports Ransomware Attack

Washington Hotel Corporation has confirmed a ransomware attack that compromised several internal servers, triggering containment measures and an ongoing investigation into potential data exposure.  The incident was detected when unauthorized access was identified across multiple systems. “Unauthorized access to various business data stored on our servers has been confirmed. The information leak is currently under…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Risk Management, Russia

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to…

Read more →

AI, Cybersecurity, Global Security News

Attackers are moving at machine speed, defenders are still in meetings

Threat actors are using AI across the attack lifecycle, increasing speed, scale, and adaptability, according to the 2026 State of Cybersecurity report by Ivanti. The study compares perceived threat levels across common attack types with organizational readiness to respond and identifies persistent gaps between awareness and execution across security programs. Preparedness lags behind threat levels…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Vendor Leadership & Partner Programs

SecurityBridge Taps Jesper Zerlang to Lead Global Growth

Enterprise ERP systems remain one of the most overlooked attack surfaces in cybersecurity. In an interview with Channel Insider, newly appointed SecurityBridge CEO Jesper Zerlang said closing that SAP security gap will define the company’s next phase of growth as it accelerates global expansion and deepens channel partnerships. Former board member turned executive charts early…

Read more →

AI, Apps, Global Security News, News and Trends, Risk Management, Security, Tools & Platforms

SpecterOps Unveils BloodHound Scentry, Expanding Identity APM

SpecterOps, the pioneer behind identity Attack Path Management (APM), has introduced BloodHound Scentry, a new service designed to help customers accelerate their APM practice and reduce identity risk.  Protecting an organization’s critical assets According to the company, BloodHound Scentry combines the capabilities of BloodHound Enterprise with the tradecraft of SpecterOps experts to provide tailored guidance…

Read more →

AI, APAC, Apps, Exploits, Global Security News, IT Management, Security, Vulnerabilities, Zero-Day Vulnerabilities

SolarWinds WHD zero-days from January are under attack

SolarWinds Web Help Desk (WHD) is under attack, with recent incidents exploiting a chain of zero-day and patched vulnerabilities dating back to late 2025, an analysis of customer reports by security company Huntress has found. Until now, it has been unclear which combination of recent WHD vulnerabilities were behind a series of compromises of customer…

Read more →

AI, Don't miss, exploit, Global Security News, Hot stuff, Huntress, Network Security, News

Unpatched SolarWinds WHD instances under active attack

Internet‑exposed and vulnerable SolarWinds Web Help Desk (WHD) instances are under attack by threat actors looking to gain an initial foothold into target organizations’ networks, Microsoft and Huntress researchers have warned. Once inside, the attackers are deploying legitimate remote access and digital forensics and incident response tools, using living-off-the-land techniques, setting up a reverse SSH…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, News, Risk Management, Threats

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Read more →

AI, Breaking News, china, cyber crime, Global Security News, Government & Policy, hacking, malware, Network Security, Security

Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare

AISURU/Kimwolf botnet hit a record 31.4 Tbps DDoS attack lasting 35 seconds in Nov 2025, which Cloudflare automatically detected and blocked. The AISURU/Kimwolf botnet was linked to a record-breaking DDoS attack that peaked at 31.4 Tbps and lasted just 35 seconds. Cloudflare said the November 2025 incident was part of a surge in hyper-volumetric HTTP…

Read more →

AI, Cybersecurity, Global Security News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below – @dydxprotocol/v4-client-js (npm) – 3.4.1, 1.22.1, 1.15.2,…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security

Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…

Read more →

AI, API security, Apps, Endpoint, Exploits, Global Security News

Update on React Server Components RCE Vulnerability (CVE-2025-55182 / CVE-2025-66478)

The attack landscape has been dynamic following the disclosure of the React Server Components RCE vulnerability. New information has emerged regarding the initial Proof-of-Concept exploit, as well as improved detection methods, exploitation mechanics observed in the wild, and rapidly growing attack activity. This update summarizes the changes and observations we have made across Wallarm customers.…

Read more →

AI, API security, Apps, Endpoint, Exploits, Global Security News

Update on React Server Components RCE Vulnerability (CVE-2025-55182 / CVE-2025-66478)

The attack landscape has been dynamic following the disclosure of the React Server Components RCE vulnerability. New information has emerged regarding the initial Proof-of-Concept exploit, as well as improved detection methods, exploitation mechanics observed in the wild, and rapidly growing attack activity. This update summarizes the changes and observations we have made across Wallarm customers.…

Read more →