Geek-Guy.com

Tag: credentials

Global Security News

When Identity is the Attack Path

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have…

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector

Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report. This is the first time credential theft has been knocked off the top spot in the report’s 19-year history, the company noted. Known initial access vectors over time…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy

Contractor’s public GitHub account exposed GovCloud and CISA credentials

Until a few days ago, a publicly-accessible GitHub repository exposed credentials for both US government AWS accounts and internal Cybersecurity and Infrastructure Security Agency (CISA) systems. That’s according to cybersecurity reporter Brian Krebs, who first broke the news over the weekend, acting on a tip from researcher Guillaume Valadon at GitGuardian. Valadon confirmed the information…

Read more →

Cybersecurity, Data Breaches, Global Security News

Over 70% of organizations hit by identity breaches

Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security 2026 survey. What do you estimate to be the overall cost to your organization to rectify the identity breach? Base: organization could not stop the security breach. n=510. (Source: Sophos) Identity attack trends…

Read more →

AI, Global Security News, malware, Network Security, Risk Management

Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence

Researchers uncovered QLNX, a Linux RAT targeting developers to steal credentials, log keystrokes, monitor systems, and enable remote access. Security researchers discovered a previously undocumented Linux malware called Quasar Linux RAT (QLNX) that targets developers and DevOps environments. The malicious code can steal credentials, log keystrokes, manipulate files, monitor clipboard activity, and create network tunnels…

Read more →

AI, Endpoint, Global Security News, malware, Risk Management

Malicious PyTorch Lightning update hits AI supply chain security

A malicious PyTorch Lightning update (v2.6.3) on PyPI spread briefly, stealing credentials and raising major concerns about AI supply chain security. A malicious update of the PyTorch Lightning library exposed developers to credential theft and remote compromise. Attackers uploaded version 2.6.3 to the Python Package Index (PyPI), where it spread among developers before maintainers removed…

Read more →

Global Security News, Network Security, privacy

Wi-Fi roaming security practices for access network providers and identity providers

Public Wi-Fi roaming networks carry authentication credentials across multiple administrative boundaries, and the protocols governing that process vary widely in their security properties. The Wireless Broadband Alliance published a set of guidelines that specifies which authentication, encryption, and credential-handling practices operators should apply to networks running Passpoint and OpenRoaming. “What this work shows is that,…

Read more →

AI, china, Cloud Security, Endpoint, Exploits, Global Security News, malware, Network Security

China-linked cloud credential heist runs on typos and SMTP

China-aligned hackers have deployed a Linux-based ELF backdoor to steal cloud credentials at scale from workloads across AWS, GCP, Azure, and Alibaba Cloud environments. According to Breakglass Intelligence findings, the backdoor uses a “zero-detection” technique, employing SMTP port 25 as a covert command-and-control (C2) channel to harvest cloud provider credentials and metadata. “A selective C2…

Read more →

AI, Global Security News

29 million leaked secrets in 2025: Why AI agents credentials are out of control

AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most organizations are handling this badly, and the evidence is in the code. GitGuardian’s State of Secrets Sprawl Report found 28,649,024 new…

Read more →

AI, Global Security News, Risk Management

AI frenzy feeds credential chaos, secrets spread through code, tools, and infrastructure

Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public GitHub commits in 2025, extending a multi-year rise in exposed access keys, tokens, and passwords. Public and internal repositories that contain at least one secret (Source:…

Read more →

AI, Data Breaches, Global Security News, Risk Management

Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group claims it breached AstraZeneca, stealing about 3GB of sensitive data. The alleged leak includes credentials, tokens, internal code repositories (Java, Angular, Python), and employee information, though the company has not yet confirmed the breach. Even…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

OAuth vulnerability in n8n automation platform could lead to system compromise

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, researchers at Imperva have discovered. Setting up OAuth allows n8n to connect to services such as Google Workspace, Microsoft 365, Slack, or GitHub without having to expose service passwords. This is core to automation platforms like…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

12 Million exposed .env files reveal widespread security failures

Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny rule, an overlooked server setting, or a full project folder uploaded to production can quietly expose a company’s most sensitive secrets. In many cases, those secrets live inside simple environment files…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Booking.com Phishing Campaign Hijacks Hotel Accounts to Defraud Guests

A new phishing campaign is exploiting trust in Booking[.]com to steal credentials from hotel partners and then defraud unsuspecting travelers.  The multi-stage operation begins with convincing “complaint” emails sent to hotel staff and can end with fraudulent payment requests sent directly to guests via WhatsApp. “The primary motivation driving this incident is financial fraud, targeting…

Read more →

agentic ai, AI, Artificial Intelligence, Cloud Security, Global Security News, News

AI agents behave like users, but don’t follow the same rules

Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility. Securing these agents requires the same rigor and traceability applied to human users, according to Cloud Security Alliance’s Securing Autonomous AI Agents report. Agents scale faster than governance frameworks Autonomous AI agents act on behalf of humans, accessing…

Read more →