Geek-Guy.com

Tag: behind

Global Security News

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems. Codenamed MiniPlasma, the vulnerability impacts “cldflt.sys,” which refers to the Windows Cloud Files Mini Filter Driver,

Read more →

AI, Funding, Global Security News, Government & Policy

DOJ releases legal rationale for nationwide voter data collection

The Trump administration released a legal opinion outlining the legal rationale behind its nationwide voter data collection efforts, justifying  an aggressive federal role in vetting voter eligibility, a position courts have repeatedly rejected in related litigation. The memo, released Tuesday by the Department of Justice Office of Legal Counsel, concedes that while election administration is…

Read more →

AI, Data Breaches, Global Security News, Risk Management

Instructure took a risky approach to recover stolen Canvas data

Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stolen in a recent breach from being leaked online. According to the company’s website, Canvas has more than 30 million active users worldwide and serves more than 8,000 institutions. Although Instructure did not…

Read more →

AI, Global Security News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file (“router_init.js”) that’s designed…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Risk Management

Pressure mounts on Canvas as data leak extortion deadline looms

Pressure is mounting on Instructure, the company behind Canvas, as cybercriminals threaten to leak a trove of sensitive data they claim was stolen during a prolonged cyberattack on the widely used education tech platform. Widespread outages left schools, students and teachers temporarily unable to access critical data late last week after the company took Canvas…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy

Lyrie.ai Deploys Real-Time Zero-Day Tracking Across Global Enterprise Infrastructure

OTT Cybersecurity LLC, the company behind Lyrie.ai, today announced several milestones that together position the company as foundational security infrastructure for the agentic AI era: the deployment of a real-time zero-day tracking and disclosure system designed to notify affected organizations of active exploit activity; acceptance into Anthropic’s Cyber Verification Program (CVP); and the public release…

Read more →

AI, Cybersecurity, Global Security News, Risk Management

Securonix Partners with AI SPERA for Criminal IP in ThreatQ

Cybersecurity provider Securonix has announced a new partnership with AI SPERA, the company behind Criminal IP, to deliver integrated threat intelligence enrichment through the ThreatQ Platform.  The integration combines ThreatQ data-driven orchestration and investigation capabilities with Criminal IP’s real-time IP threat intelligence, providing security teams with deeper context to prioritize and respond to threats faster. …

Read more →

AI, Data Breaches, Global Security News

[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment

In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI agent connections, andOAuth grants. When projects end or employees leave, most

Read more →

AI, Data Breaches, Exploits, Global Security News

Rockstar Games receives “pay or leak” warning after cyberattack

Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a third-party SaaS platform used for cloud cost monitoring and analytics, as the entry point and…

Read more →

AI, Apps, Global Security News, Government & Policy, Network Security, Risk Management

Nvidia’s SchedMD acquisition puts open-source AI scheduling under scrutiny

Nvidia’s recent acquisition of SchedMD, the company behind the Slurm workload manager, is raising concerns among AI industry executives and supercomputing specialists who fear the chip giant could use its new position to favour its own hardware over competing chips, whether through code prioritization or roadmap decisions. The concern, as industry sources frame it, is…

Read more →

AI, Global Security News

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. “The campaign is…

Read more →

AI, Data Breaches, Europe, Global Security News

Trivy supply chain attack enabled European Commission cloud breach

CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data. “Analysis of the published dataset has so far confirmed the presence of personal data, including lists of names, last names, usernames, and email addresses,…

Read more →

AI, Global Security News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor. Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published…

Read more →

AI, Global Security News, malware

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since…

Read more →

AI, china, Global Security News, Government & Policy, malware, Network Security

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure used by several IoT botnets, including AISURU, Kimwolf, JackSkid, and Mossad. The operation involved authorities from Canada and Germany, along with major tech companies, to target botnet operators and weaken their global…

Read more →

AI, Global Security News, Government & Policy, Network Security

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

News alert: GitGuardian study shows AI coding tools double leak rates as 29M credentials hit GitHub

NEW YORK, Mar.17, 2026, CyberNewswire — GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the exposure of non-human identities (NHIs) and their secrets across public and internal systems. While the…

Read more →

AI, Global Security News, malware, Network Security

North Korean fake IT worker tradecraft exposed

Research from GitLab has exposed the latest tradecraft behind North Korean fake IT worker scams. GitLab banned 131 North Korean-attributed accounts last year, most of which involved JavaScript repositories that acted as resources in the so-called Contagious Interview campaign. In most cases, GitLab projects acted as obfuscated loaders for malware payloads — such as BeaverTail…

Read more →

AI, Global Security News

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency. The activity has been attributed with moderate confidence to the state-sponsored adversary, which is also tracked under the cryptonyms Jade Sleet, PUKCHONG, Slow Pisces,…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Russia

Possible U.S.-developed exploits linked to first known ‘mass’ iOS attack

An exploit kit that may have originated from a leaked U.S. government framework is behind what researchers are calling the first mass-scale attack on iOS, the operating system for Apple’s iPhones. Traces of the exploits, found in the work of Chinese cybercriminals, also have been spotted in Russian attacks on Ukraine and used by a…

Read more →

AI, Global Security News

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries

The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis of the IP address (“212.11.64[.]250”) that was used by the suspected

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security

 FBI: Threats from Salt Typhoon are ‘still very much ongoing’

A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat to both America’s private and public sectors. Michael Machtinger, deputy assistant director for cyber intelligence at the FBI, touted improved partnerships between the telecommunications industry and…

Read more →

AI, Apps, Global Security News, News and Trends, Risk Management, Security, Tools & Platforms

SpecterOps Unveils BloodHound Scentry, Expanding Identity APM

SpecterOps, the pioneer behind identity Attack Path Management (APM), has introduced BloodHound Scentry, a new service designed to help customers accelerate their APM practice and reduce identity risk.  Protecting an organization’s critical assets According to the company, BloodHound Scentry combines the capabilities of BloodHound Enterprise with the tradecraft of SpecterOps experts to provide tailored guidance…

Read more →

AI, Data Breaches, Don't miss, Global Security News, Hot stuff, Network Security, News, Ransomware, SmarterTools

Ransomware group breached SmarterTools via flaw in its SmarterMail deployment

SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said that the breach happened on January 29, 2026. “Prior to the breach, we had approximately…

Read more →

AI, Data Breaches, Don't miss, Global Security News, Hot stuff, Network Security, News, Ransomware, SmarterTools

Ransomware group breached SmarterTools via flaw in its SmarterMail deployment

SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said that the breach happened on January 29, 2026. “Prior to the breach, we had approximately…

Read more →

AI, Apps, Cloud, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats

TeamPCP and the Rise of Cloud-Native Cybercrime

Flare researchers have identified a threat actor known as TeamPCP behind a large-scale campaign targeting cloud-native infrastructure by abusing exposed orchestration and management interfaces.  First observed in late 2025, the activity reflects a broader shift away from endpoint-focused attacks toward systematic exploitation of cloud control planes. “The campaign reflects a dark mirror of legitimate markets.…

Read more →