Geek-Guy.com

Tag: attackers

AI, Apps, Global Security News, Risk Management

Scans for EncystPHP Webshell, (Mon, Apr 13th)

Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more difficult-to-guess credentials. Today, I noticed some scans for what appears to be the “EncystPHP” web shell. Fortinet wrote about…

Read more →

AI, Endpoint, Exploits, Global Security News, Network Security

Old Docker authorization bypass pops up despite previous patch

Researchers warn about a new vulnerability that allows attackers to bypass authorization plug-ins in Docker Engine and gain root-level access to host systems. The flaw has the same root cause as another authorization bypass vulnerability patched in 2024, but the underlying problem has been known since 2016. Tracked as CVE-2026-34040, the new vulnerability is rated…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

$3.6 Million Crypto Heist Targets Bitcoin Depot

Attackers have stolen more than $3.6 million in Bitcoin from crypto ATM operator Bitcoin Depot after breaching its internal systems. The incident, disclosed in a recent regulatory filing, shows how quickly attackers can monetize access once inside corporate environments. The “unauthorized actor transferred approximately 50.903 Bitcoin from Company-controlled wallets, valued at approximately $3.665 million as…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management, Russia

Adobe Acrobat Reader Zero Day Exploited in Active PDF Attacks

Attackers have been exploiting a zero-day vulnerability in Adobe Acrobat Reader for months, using malicious PDF files to silently steal data and potentially take over victim systems. Active since at least Dec. 2025, the campaign highlights how a seemingly routine document can serve as an effective entry point for system compromise. This exploit “allows the…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

GrafanaGhost Flaw Allows Silent Data Exfiltration

A vulnerability called GrafanaGhost allows attackers to quietly extract sensitive data from Grafana environments without user interaction or traditional compromise techniques.  Discovered by researchers at Noma Security, the flaw highlights how AI-driven features can introduce new, difficult-to-detect attack paths in widely used platforms. “Across ForcedLeak, GeminiJack, DockerDash, and now GrafanaGhost, we keep seeing the same…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Acrobat Reader zero-day exploited in the wild for many months

Unknown attackers have exploited a zero-day Adobe Acrobat Reader vulnerability since November 2025 and possibly even earlier, security researcher Haifei Li has discovered. PDF files carry the exploit Haifei Li is one of the creators of EXPMON, a sandbox-based cybersecurity system for detecting advanced file-based exploits. It does so by analyzing suspicious files submitted through…

Read more →

AI, Global Security News

Phishers sneak through using GitHub and Jira’s own mail delivery infrastructure

Attackers are abusing the notification systems of SaaS platforms like GitHub and Jira to send phishing and spam emails, Cisco Talos researchers are warning. “Because the emails are dispatched from the platform’s own infrastructure, they satisfy all standard authentication requirements (SPF, DKIM, and DMARC), effectively neutralizing the primary gatekeepers of modern email security,” they note.…

Read more →

AI, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Feds quash widespread Russia-backed espionage network spanning 18,000 devices

Russian state-sponsored attackers compromised more than 18,000 routers spread across more than 120 countries to gain deeper access to sensitive networks for a large-scale espionage campaign before it was recently neutralized, researchers and authorities said Tuesday. Forest Blizzard, also known as APT28 and Fancy Bear, exploited known vulnerabilities to steal credentials for thousands of TP-Link…

Read more →

AI, Apps, Exploits, Global Security News, Network Security, Risk Management

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScript. Attackers are actively exploiting a critical vulnerability in Flowise, tracked as CVE-2025-59528, that allows remote code execution and file system access. The flaw stems from improper validation…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

5 ways to strengthen identity security and improve attack resilience

Identity compromise has become one of the most effective ways for attackers to infiltrate business systems. Firewalls, endpoint protection, and monitoring tools mean little once an attacker logs in using valid credentials. For MSPs and corporate IT teams, strengthening identity security and enforcing least privilege access are two of the most powerful ways to reduce…

Read more →

AI, Global Security News, Network Security

A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)

Webshells remain a popular method for attackers to maintain persistence on a compromised web server. Many “arbitrary file write” and “remote code execution” vulnerabilities are used to drop small files on systems for later execution of additional payloads. The names of these files keep changing and are often chosen to “fit in” with other files. Webshells themselves…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Docker Flaw (CVE-2026-34040) Lets Attackers Bypass Security Controls and Take Over Hosts

A vulnerability in Docker Engine allows attackers to bypass authorization controls and potentially gain full access to host systems.  Cyera researchers found that the flaw affects a core security mechanism relied on by organizations to enforce container policies. “This research shows that a lot of foundational infrastructure is still carrying old bug classes in places…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management

Experts published unpatched Windows zero-day BlueHammer

A researcher leaked the unpatched Windows zero-day “BlueHammer,” letting attackers gain SYSTEM rights; no patch exists yet. A disgruntled researcher released the BlueHammer Windows zero-day, a privilege escalation flaw that allows attackers to gain SYSTEM or admin rights, Bleeping Computer reports. The researcher privately reported the vulnerability to Microsoft but criticized the way the Microsoft’s Security…

Read more →

AI, Cybersecurity, Europe, Exploits, Global Security News

Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed online, with attackers actively exploiting the critical remote code execution vulnerability CVE-2025-53521 (CVSS ver. 3.1 score of 9.8), the nonprofit security organization Shadowserver warns. The vulnerability in BIG-IP…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management

6 ways attackers abuse AI services to hack your business

Attackers are starting to exploit AI systems to mount attacks in the same way they once relied on built-in enterprise tools such as PowerShell. Instead of relying on malware, cybercriminals are increasingly abusing AI tools enterprises depend on — a trend some experts describe as living off the AI land. “We’re seeing it in things…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Cisco 2026 State of Wireless Report: AI Wireless Threats Grow as Security Gaps Widen

Wireless networks are becoming a prime target for attackers — and many organizations aren’t prepared to keep up.  Cisco’s 2026 State of Wireless report warns that as enterprises scale AI, IoT, and high-bandwidth applications, wireless environments are expanding faster than security defenses can adapt. “AI-generated attacks are the leading driver of increased wireless security risk,”…

Read more →

AI, Global Security News

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took place on April 1, 2026. “Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable nonces, resulting in a rapid takeover of Drift’s Security Council administrative powers,” the&

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Crowdstrike 2026 Global Threat Report: Adversaries Use AI to Bypass Defenses

Attackers are moving faster, blending in better, and increasingly using AI to stay ahead of defenders. The Crowdstrike 2026 Global Threat Report highlights a shift toward stealthy, identity-driven attacks that are harder to detect and quicker to execute. “This is an AI arms race. Breakout time is the clearest signal of how intrusion has changed.…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security

Cisco fixed critical and high-severity flaws

Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches for two critical and six high-severity vulnerabilities. These flaws could let attackers bypass authentication, execute malicious code, escalate privileges, and access sensitive information. One of these critical flaws is CVE-2026-20093 (CVSS score of…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Cisco IMC Flaw Grants Unauthenticated Admin Access

A flaw in Cisco’s Integrated Management Controller (IMC) allows unauthenticated attackers to gain administrative access to affected UCS servers, which could potentially lead to full system compromise. The vulnerability “… could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin,” said Cisco in its advisory. Cisco IMC Flaw…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

TrueConf zero-day vulnerability exploited to target government networks

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs)…

Read more →

AI, Cybersecurity, Global Security News, malware

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next. Threat actors now use malware less frequently in favor of what’s already inside your environment, including abusing trusted tools, native binaries, and legitimate admin utilities to move laterally, escalate privileges, and persist without raising…

Read more →

AI, Apps, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, privacy, Risk Management, Russia

Fortinet hit by another exploited cybersecurity flaw

Yet another critical flaw in a Fortinet product has come to light as attackers continue to target the company, this time by actively exploiting a critical SQL injection vulnerability in the cybersecurity company’s management server. The vulnerability, (CVE-2026-21643), allows unauthenticated threat actors to execute arbitrary code on unpatched systems via specifically-crafted HTTP requests. These low-complexity…

Read more →

AI, Cybersecurity, Europe, Exploits, Global Security News, malware, Network Security

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet FortiClient EMS vulnerability, tracked as CVE-2026-21643 (CVSS score of 9.1), is now being actively exploited. Defused researchers warn that threat actors are exploiting the vulnerability in Fortinet’s FortiClient EMS platform. “Fortinet Forticlient EMS CVE-2026-21643…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

APIs are the new perimeter: Here’s how CISOs are securing them

Recent breaches suggest attackers are shifting beyond traditional endpoints to target application programming interfaces (APIs). But typical perimeter protections can completely miss this vector. “We used to talk about defense-in-depth and endpoint protection,” says Sean Murphy, CISO at BECU, a nationwide credit union. “That morphed into identity, and now the API is the new perimeter.”…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Urgent Alert: NetScaler bug CVE-2026-3055 probed by attackers could leak sensitive data

Attackers are actively probing a critical Citrix NetScaler flaw (CVE-2026-3055) that can leak sensitive data via a memory overread issue. A critical vulnerability, tracked as CVE-2026-3055 (CVSS score of 9.3), in Citrix NetScaler ADC and Gateway is already being actively probed by attackers. This week, Citrix issued security updates for two NetScaler vulnerabilities, including the critical memory…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers have exploited a critical Langflow RCE within hours of disclosure, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) to formally flag it for urgent remediation. The flaw, which allows running arbitrary code on vulnerable Langflow instances without >credentials, was weaponized within 20 hours of the open-source AI-pipeline tool disclosing it. According to a Sysdig report,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, privacy

Recent Navia data breach impacts HackerOne employee data

A Navia breach exposed personal data of nearly 300 HackerOne employees after attackers compromised the benefits provider. HackerOne revealed that a data breach at Navia Benefit Solutions exposed the personal information of nearly 300 of its employees. The incident stems from an attack on the third-party benefits provider, highlighting how breaches at external partners can…

Read more →

AI, Exploits, Global Security News

Attackers are handing off access in 22 seconds, Mandiant finds

Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 hours of incident response work conducted in 2025. The data shows attackers speeding up their internal hand-offs, shifting away from email phishing, and targeting backup and virtualization infrastructure with greater…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

Attackers have compromised the widely used open-source Trivy vulnerability scanner, injecting credential-stealing malware into official releases and GitHub Actions used by thousands of CI/CD workflows. The breach could trigger a cascade of additional supply-chain compromises if impacted projects and organizations don’t rotate their secrets immediately. The attack, disclosed by Trivy maintainers today, results from an…

Read more →

AI, Data Breaches, Global Security News

Navia data breach impacts nearly 2.7 Million people

Navia Benefit Solutions data breach exposed 2.7M people after attackers accessed systems from December 2025 to January 2026. Navia Benefit Solutions disclosed a data breach affecting 2,697,540 individuals. The company detected suspicious activity on January 23, 2026 and quickly launched an investigation to assess the incident. Navia Benefit Solutions is a U.S.-based company that provides…

Read more →

Exploits, Global Security News

Unpatched ScreenConnect servers open to attack (CVE-2026-3564)

ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform is popular with managed service providers, IT departments, and technology solution providers. They can opt for the cloud-hosted version or can deploy it on…

Read more →

AI, Apps, Exploits, Global Security News, Network Security

Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking

Ubiquiti fixed two UniFi vulnerabilities, including a critical flaw that could let attackers take over user accounts. Ubiquiti patched two vulnerabilities in its UniFi Network app, including a maximum-severity flaw that could enable account takeover. The software is widely used to manage UniFi networking devices like access points, switches, and gateways. The Ubiquiti UniFi Network…

Read more →

AI, Exploits, Global Security News, Network Security

Telnet vulnerability opens door to remote code execution as root

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have warned. Tracked as CVE-2026-32746, the vulnerability is in GNU inetutils telnetd, is a widely deployed implementation of the Telnet remote access protocol found across legacy…

Read more →

AI, Endpoint, Global Security News

EDR killers are now standard equipment in ransomware attacks

Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have become a standard component of ransomware intrusions. ESET Research tracked nearly 90 EDR killers actively used in the wild. The workflow is consistent across groups: an attacker gains high privileges, deploys an…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as CVE-2026-32746 (CVSS score of 9.8), in GNU InetUtils telnetd that lets unauthenticated remote attackers execute code with elevated privileges. The issue stems from an out-of-bounds write in…

Read more →

AI, Global Security News

Scans for “adminer”, (Wed, Mar 18th)

A very popular target of attackers scanning our honeypots is “phpmyadmin”. phpMyAdmin is a script first released in the late 90s, before many security concepts had been discovered. It’s rich history of vulnerabilities made it a favorite target. Its alternative, “adminer”, began appearing about a decade later (https://www.adminer.org). One of its main “selling” points was simplicity.…

Read more →

AI, Exploits, Global Security News, Risk Management

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a high-severity flaw, tracked as CVE-2026-3888 (CVSS score of 7.8), in Ubuntu Desktop 24.04+, which allows attackers to exploit a systemd cleanup timing issue to escalate privileges to root and potentially take full control…

Read more →

AI, Apps, Exploits, Global Security News, malware

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

ClickFix campaigns are evolving, with attackers increasingly targeting macOS users and deploying more advanced infostealers, according to Sophos researchers. ClickFix is a growing social engineering technique that tricks users into manually executing malicious commands, bypassing traditional protections. Once mainly targeting Windows, it is now increasingly affecting macOS, with recent campaigns deploying infostealers like AMOS and…

Read more →

AI, Global Security News, malware

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins

Attackers linked to Storm-2561 use SEO-poisoned search results to lure users to fake Ivanti, Cisco, and Fortinet VPN sites that steal corporate login credentials. In mid-January 2026, Microsoft Defender Experts uncovered a credential-theft campaign attributed to Storm-2561. Threat actor is spreading fake enterprise VPN clients impersonating Ivanti, Cisco, and Fortinet software. By poisoning search engine…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Starbucks HR Portal Breach Exposes Employee Information

Starbucks has disclosed a data breach affecting hundreds of employees after attackers accessed internal HR accounts through phishing websites impersonating the company’s employee portal.  This incident exposed sensitive personal and financial information, raising concerns about potential identity theft and fraud. “The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Hack the AI Brain: LangSmith Vulnerability Could Expose Sensitive AI Data

A vulnerability in LangSmith, a widely used AI observability platform, could have allowed attackers to hijack user accounts and access sensitive enterprise data flowing through large language model (LLM) systems. Researchers at Miggo Security discovered the flaw, which could allow token theft and account takeover if a logged-in user visited a malicious webpage.  The vulnerability…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Active Directory Flaw Enables SYSTEM Privilege Escalation

A vulnerability in Microsoft’s Active Directory Domain Services could allow attackers to escalate privileges and potentially take full control of affected systems.  “Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network,” said Microsoft in its advisory. How the Active Directory…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

400K WordPress Sites Exposed by Elementor Ally Plugin SQL Flaw

A vulnerability in a widely used WordPress accessibility plugin could allow attackers to steal sensitive data from vulnerable websites without logging in.  The flaw affects the Ally plugin developed by Elementor, which is installed on hundreds of thousands of sites worldwide This vulnerability “… can be leveraged to extract sensitive data from the database, such…

Read more →

AI, APAC, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, malware, Network Security, Risk Management

Report: AI Accelerates Attacks on Trusted Identities

A recent report from ConnectWise found that attackers are increasingly exploiting trusted identities, along with remote access infrastructure and software supply chains, while AI continues to accelerate in speed and scale. 2026 MSP Threat Report shows trusted identities and legitimate tools are top targets The research, ConnectWise’s 2026 MSP Threat Report, provides global threat intelligence…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Microsoft SQL Server Vulnerability Enables Privilege Escalation

A vulnerability in SQL Server could allow attackers to escalate their privileges to system administrator level within affected database environments.  “Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network,” said Microsoft in their security advisory. Understanding CVE-2026-21262 The vulnerability, tracked as CVE-2026-21262, carries a CVSS score of 8.8…

Read more →

AI, china, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia

12 ways attackers abuse cloud services to hack your enterprise

Attackers are increasingly abusing trusted SaaS platforms, cloud infrastructure, and identity systems to blend malicious activity into legitimate enterprise traffic. Adversaries are pushing command and control (C2) through high-reputation services, including OpenAI and AWS, to blend in with normal business traffic and evade blocklists. The shift from “living off the land” to “living off the…

Read more →

Apps, Exploits, Global Security News

Software vulnerabilities push credential abuse aside in cloud intrusions

Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access vectors exploited in Google Cloud (Source: Google) Google Cloud’s Cloud Threat Horizons Report H1 2026 reflects incident response and intelligence findings from the second half of 2025 and shows how access methods…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

Attackers exploit FortiGate devices to access sensitive network information

Attackers are exploiting FortiGate devices to breach networks and steal configuration data containing service account credentials and network details. SentinelOne researchers warn that attackers are exploiting vulnerabilities or weak credentials in FortiGate devices to gain initial access to corporate networks. Once inside, they extract configuration files that may contain service account credentials and information about…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management

Threat actors use custom AuraInspector to harvest data from Salesforce systems

Attackers are mass-scanning Salesforce Experience Cloud sites using a modified AuraInspector tool to exploit misconfigurations and access sensitive data. Salesforce CSOC warns that threat actors are mass-scanning publicly accessible Experience Cloud sites using a modified version of the AuraInspector tool. AuraInspector is an open‑source command‑line tool released by Google/Mandiant to audit Salesforce Aura and Experience…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Ericsson US confirms breach after third-party provider attack

Ericsson US reports a data breach after attackers hacked a service provider, exposing employee and customer information. Ericsson Inc., the U.S. branch of the Swedish telecom giant, disclosed a data breach after a service provider was hacked. The attack compromised the personal information of an unspecified number of employees and customers. “On April 28, 2025,…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

AVideo Zero-Click Flaw Lets Attackers Hijack Live Streams

A flaw in the open-source AVideo platform requires no authentication and allows attackers to remotely execute commands and take over affected servers. Exploitation of the vulnerability “… can lead to full server compromise, data exfiltration (e.g., configuration secrets, internal keys, credentials), and service disruption,” said researchers. Inside the AVideo Server Takeover Risk AVideo is an…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management interfaces. A critical vulnerability in Nginx UI, tracked as CVE-2026-27944 (CVSS score of 9.8), allows attackers to download and decrypt full server backups without authentication. The flaw poses a serious risk to organizations exposing the management…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

WordPress Plugin Flaw Lets Attackers Create Admin Accounts

A vulnerability in a popular WordPress membership plugin could allow attackers to create administrator accounts and completely take over affected websites.  The flaw affects the User Registration & Membership plugin and enables unauthenticated attackers to bypass security controls during the account registration process.  This vulnerability allows “… unauthenticated attackers to create administrator accounts by supplying…

Read more →

AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

CyberProof 2026 Report Warns of Rising Identity and AI Cyberattacks

The global cyber threat landscape shifted in 2025, as attackers increasingly abandoned complex malware in favor of faster, more scalable tactics centered on identity compromise, AI-driven automation, and SaaS ecosystem abuse.  According to the CyberProof 2026 Global Threat Intelligence Report, attackers are no longer focused on breaking through network perimeters.  Instead, they are logging in…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Cisco SD-WAN Manager Vulnerabilities Actively Exploited

Cisco is warning customers that attackers are actively exploiting multiple vulnerabilities affecting its Catalyst SD-WAN Manager platform. The software serves as a centralized management console used to monitor and control large distributed SD-WAN deployments.  These vulnerabilities “… could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information,…

Read more →

Global Security News

Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders

Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted data and storing it so it can be decrypted later using quantum computers. This tactic—known as “harvest now, decrypt later”—means sensitive data…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls. Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall Management Center (FMC) is a centralized management platform for Cisco firewalls. It lets administrators configure,…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

MS-Agent Flaw Enables Remote Code Execution via AI Agents 

A vulnerability in an AI automation framework could allow attackers to take complete control of systems running the software.  Security researchers have identified a command injection flaw in the ModelScope MS-Agent framework that could enable remote code execution through crafted prompt input, exposing organizations that deploy AI agents with operating system access. “The real issue…

Read more →

AI, Apps, Exploits, Global Security News, malware

Researchers discover suite of agentic AI browser vulnerabilities

Researchers have discovered multiple vulnerabilities that let attackers to quietly hijack agentic AI browsers. Researchers at Zenity Labs discovered these flaws, which affected multiple AI browsers, including Perplexity’s Comet. Before being patched, an attacker could exploit them via a legitimate calendar invite, using a prompt injection to force the AI browser to act against its…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Risk Management

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells following attacks that began in December 2025. Sangoma FreePBX is an open-source, web-based platform for managing Asterisk-powered VoIP phone systems. Maintained by Sangoma Technologies, it allows businesses…

Read more →

AI, Global Security News, malware

Microsoft warns of RAT delivered through trojanized gaming utilities

Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilities shared through browsers and chat platforms to deploy a remote access trojan. “Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

FreeBSD Jail Escape Flaw Breaks Filesystem Isolation

A critical vulnerability in FreeBSD allows attackers to escape jail environments and access the host filesystem.  The flaw weakens a core isolation mechanism and, under specific configurations, can lead to a complete breakdown of filesystem separation. This vulnerability “… enables full filesystem access for a jailed process, breaking the chroot,” said researchers in the advisory.…

Read more →

AI, APAC, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security

Ransomware groups switch to stealthy attacks and long-term access

Ransomware attackers are switching tactics in favor of more stealthy infiltration, as the threat of public exposure of sensitive corporate data is becoming the main mechanism of extortion. Picus Security’s annual red-teaming report shows attackers shifting away from loud disruption toward quiet, long-term access — or from “predatory” smash-and-grab tactics to “parasitic” silent residency. Four…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security

Governments issue warning over Cisco zero-day attacks dating back to 2023

Attackers have been exploiting a pair of zero-day vulnerabilities in Cisco’s network edge software for at least three years, and the global campaign is ongoing, authorities said across a series of warnings released Wednesday. The Cybersecurity and Infrastructure Security Agency issued an emergency directive about the global attacks and issued joint guidance with the Five…

Read more →