Geek-Guy.com

Tag: code

AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Check Point Research Reveals ChatGPT Data Exfiltration Flaw

A flaw in ChatGPT’s code execution environment shows how a single malicious prompt could quietly leak sensitive user data — without any warning or user approval needed. “Sensitive data shared with ChatGPT conversations could be silently exfiltrated without the user’s knowledge or approval,” said Check Point researchers. Inside the ChatGPT DNS Exfiltration Flaw The issue…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, privacy, Risk Management

It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulnerability through Zero Day Initiative (ZDI). The vulnerability, tracked as ZDI-CAN-30207 (CVSS score of 9.8) allows attackers to execute code on targeted devices without any user interaction.…

Read more →

Cybersecurity, Data Breaches, Exploits, Global Security News

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)

A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities catalog after F5 updated the related security advisory, The advisory wasinitially published on October 15, 2025,…

Read more →

AI, Global Security News, Risk Management

AI frenzy feeds credential chaos, secrets spread through code, tools, and infrastructure

Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public GitHub commits in 2025, extending a multi-year rise in exposed access keys, tokens, and passwords. Public and internal repositories that contain at least one secret (Source:…

Read more →

AI, Exploits, Global Security News, malware, Risk Management, Russia

Coruna exploit reveals evolution of Triangulation iOS exploitation framework

Kaspersky found Coruna iOS exploits reuse updated code from the 2023 Operation Triangulation attacks, suggesting a possible link. Kaspersky researchers discovered that the Coruna iOS exploit kit uses an updated version of the same kernel exploit seen in the 2023 Operation Triangulation campaign. While early evidence didn’t clearly link the two, the code similarities now…

Read more →

AI, Cybersecurity, Global Security News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Cybersecurity researchers are calling attention to an active device code phishing campaign that’s targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then. Notably, the campaign…

Read more →

AI, Global Security News, malware

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

North Korea-linked threat actors use VS Code auto-run tasks to spread StoatWaffle malware via malicious projects that execute on folder open. North Korea-linked threat actor Team 8 behind the Contagious Interview campaign is spreading StoatWaffle malware through malicious Microsoft Visual Studio Code projects. Since late 2025, they have abused the “tasks.json” auto-run feature in Microsoft…

Read more →

Cybersecurity, Exploits, Global Security News

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on Wednesday. About CVE-2026-20963 CVE-2026-20963 affects Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server…

Read more →

AI, Apps, Global Security News

Theori brings Xint Code to market for large-scale AI code security analysis

Theori has made Xint Code commercially available, an LLM-native static application security testing (SAST) tool capable of analyzing millions of lines of source code, configuration files, and binaries in less than 12 hours. Xint Code’s approach to deep scanning and contextual analysis of massive codebases helps application security teams identify, reproduce, validate and understand the…

Read more →

AI, Global Security News, Risk Management

SCW Trust Agent: AI tracks AI influence in code to reduce software risk

Secure Code Warrior has announced SCW Trust Agent: AI, a governance solution designed to make AI influence in software development visible, attributable, and enforceable at the point of commit, enabling enterprises to scale AI coding tools with measurable control over software risk. Organizations can trace which AI models influenced specific commits, correlate that influence with…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Venture

Claude code abused to steal 150GB in cyberattack on Mexican agencies

Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploits, create custom tools, and automatically exfiltrate more than 150GB of data in an attack on Mexican government systems, the Israeli cybersecurity firm Gambit Security reports. The…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News

Trend Micro fixes two critical flaws in Apex One

Trend Micro fixed two critical Apex One flaws enabling remote code execution on vulnerable Windows systems and urged immediate updates. Trend Micro has addressed two critical vulnerabilities in Apex One that could allow attackers to achieve remote code execution on affected Windows systems. The company released security updates and strongly urged customers to apply the…

Read more →

AI, Apps, Global Security News, Risk Management

Open-source security debt grows across commercial software

Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts rising sharply over the past year. That growth brings a parallel increase in…

Read more →

AI, Global Security News, Network Security, Risk Management

Untrusted repositories turn Claude code into an attack vector

Flaws in Anthropic’s Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories. Check Point Research team found multiple vulnerabilities in Anthropic’s Claude Code AI coding assistant that could lead to remote code execution and API key theft. The vulnerabilities abuse features such as Hooks, MCP servers, and…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials. “The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Anthropic’s Claude Code Security rollout is an industry wakeup call

When Anthropic launched a “limited research preview” of its Claude Code Security offering on Friday, Wall Street investors sent the stocks of the largest cybersecurity vendors plunging. But did the Anthropic rollout warrant such a reaction?  After all, those companies, including CrowdStrike, Zscaler, Palo Alto Networks and Okta, are preparing their own agentic capabilities, and…

Read more →

AI, APAC, Global Security News

Snowflake Cortex Code Expands Towards Supporting Any Data, Anywhere

COMPANY NEWS:  Cortex Code CLI extends beyond Snowflake workflows to support popular data systems starting with dbt and Apache Airflow®, delivering AI assistance across environments, regardless of where that data lives Developers can apply Snowflake’s secure, context-aware AI coding agent directly within their environments to build and optimise data pipelines more efficiently Cortex Code CLI…

Read more →

Global Security News

Claude Code scans, verifies, and patches code vulnerabilities

Anthropic brings Claude Code Security to Claude Code on the web through a limited research preview. Claude Code Security (Source: Anthropic) Claude Code Security analyzes code context, traces data flows between files, and flags multi-component vulnerability patterns that existing scanners often miss. Each finding undergoes an adversarial verification pass that re-examines results before they are…

Read more →

AI, Global Security News, Risk Management

Enterprises are racing to secure agentic AI deployments

AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can open pull requests, query internal databases, book services, and trigger automated workflows with limited human involvement. The State of AI Security 2026 from Cisco places this level of access inside a…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management

Anthropic unveils Claude Code Security to detect and fix code bugs

Anthropic launches Claude Code Security, an AI tool that scans code for vulnerabilities and suggests how to address them. Anthropic has introduced Claude Code Security, a new AI-powered service designed to scan software codebases for vulnerabilities and recommend fixes. Built into Claude Code, the tool aims to help teams detect and remediate security flaws faster.…

Read more →

AI, Global Security News

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user’s software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers. “It scans codebases for security vulnerabilities and…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News

Anthropic rolls out embedded security scanning for Claude 

Anthropic is rolling out a new security feature for Claude Code that can scan a user’s software codebases for vulnerabilities and suggest patching solutions. The company announced Friday that Claude Code Security will initially be available to a limited number of enterprise and team customers for testing. That follows more than a year of stress-testing…

Read more →

AI, Apps, Global Security News, Risk Management

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Another device code phishing campaign that abuses OAuth device registration to bypass multifactor authentication login protections has been discovered. Researchers at KnowBe4 say the campaign is largely targeting North American businesses and professionals by tricking unwitting employees into clicking a link in an email from a threat actor. The message purports to be about a…

Read more →

AI, Apps, Global Security News, Risk Management

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Another device code phishing campaign that abuses OAuth device registration to bypass multifactor authentication login protections has been discovered. Researchers at KnowBe4 say the campaign is largely targeting North American businesses and professionals by tricking unwitting employees into clicking a link in an email from a threat actor. The message purports to be about a…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

XSS Bug in VS Code Extension Exposed Local Files

A widely used Microsoft Visual Studio Code (VS Code) extension quietly exposed millions of developers to potential local file exfiltration through a cross-site scripting (XSS) flaw.  The issue affected the official Live Preview extension — downloaded more than 11 million times — and allowed malicious websites to interact with a developer’s localhost environment.  An “……

Read more →

AI, Global Security News, Network Security, Risk Management

VS Code extensions with 125M+ installs expose users to cyberattacks

Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four widely used VS Code extensions (Live Server, Code Runner, Markdown Preview Enhanced, and Microsoft Live Preview) could allow attackers to steal local files and execute code…

Read more →

china, Data Breaches, Don't miss, Enterprise, Exploits, Global Security News, Hot stuff, News

BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)

BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that was flagged after having been exploited by China-nexus threat actors to breach the US Treasury…

Read more →

china, Data Breaches, Don't miss, Enterprise, Exploits, Global Security News, Hot stuff, News

BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)

BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that was flagged after having been exploited by China-nexus threat actors to breach the US Treasury…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats

Ingress-Nginx Vulnerability Enables Code Execution in Kubernetes

A recently disclosed vulnerability in ingress-nginx may allow authenticated attackers to execute code and access Kubernetes Secrets in affected clusters.  The vulnerability could “… lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller,” said Kubernetes researchers. Inside the Ingress-Nginx Security Vulnerability Ingress controllers sit…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats

Fake Clawdbot VS Code Extension Deploys ScreenConnect RAT 

A malicious Visual Studio (VS) Code extension posing as an AI-powered assistant was quietly installing remote access malware on developers’ systems.  The fake extension, called ClawdBot Agent, appeared legitimate on the surface but executed malware automatically as soon as VS Code launched. “The layering here is impressive. You’ve got a fake AI assistant dropping legitimate…

Read more →

AI, API security, Apps, Exploits, Global Security News, Risk Management

Wallarm Halts Remote Code Execution Exploits: Defense for Vulnerable React Server Component Workflows

On December 3, 2025, React maintainers disclosed a critical unauthenticated remote code execution (RCE) vulnerability in React Server Components (RSC), tracked as CVE-2025-55182. A working PoC was released publicly, and Wallarm immediately began observing widespread exploitation attempts across customer environments. What is CVE-2025-55182? CVE-2025-55182 is an unauthenticated remote code execution (RCE) vulnerability, rated CVSS 10.0,…

Read more →

AI, API security, Apps, Exploits, Global Security News, Risk Management

Wallarm Halts Remote Code Execution Exploits: Defense for Vulnerable React Server Component Workflows

On December 3, 2025, React maintainers disclosed a critical unauthenticated remote code execution (RCE) vulnerability in React Server Components (RSC), tracked as CVE-2025-55182. A working PoC was released publicly, and Wallarm immediately began observing widespread exploitation attempts across customer environments. What is CVE-2025-55182? CVE-2025-55182 is an unauthenticated remote code execution (RCE) vulnerability, rated CVSS 10.0,…

Read more →