Geek-Guy.com

Tag: devices

Global Security News, Network Security

Dragos acquires Phosphorus to secure extended operational technology

Dragos has acquired Phosphorus, extending the Dragos Platform to protect billions of connected devices embedded across critical infrastructure and other operational networks. Operational environments have outgrown traditional OT boundaries. Power grids, pipelines, manufacturing facilities, and data centers now depend on an increasingly diverse mix of connected devices and digital systems. Traditional and non-traditional assets alike…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News

Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning

A zero-click attack targeting iPhones on iOS 16 hijacked WhatsApp accounts without linked devices, warnings, or user interaction. There is a particular kind of security incident that is harder to explain than most: your WhatsApp account is sending messages you did not write, asking your contacts for money transfers, and when you check the “Linked…

Read more →

AI, Apps, Data Breaches, Global Security News, malware, Risk Management

OpenAI hit by supply chain attack linked to malicious TanStack packages

OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source code repositories. The incident began after the TeamPCP hacking group abused weaknesses in the package publishing process…

Read more →

AI, Global Security News

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. “Upon identification of the malicious activity, we worked quickly to investigate, contain,…

Read more →

AI, Exploits, Global Security News, malware, Risk Management

From Android TVs to routers: the xlabs_v1 Mirai-based botnet built for DDoS attacks

A new Mirai‑based botnet, xlabs_v1, hijacks ADB‑exposed IoT devices for powerful DDoS attacks, with 21 flooding methods and DDoS‑for‑hire use. A new Mirai‑derived botnet called xlabs_v1 is hijacking internet‑exposed devices running Android Debug Bridge (ADB) and using them for large‑scale DDoS attacks. Hunt.io discovered the bot on an unsecured server, it includes 21 flood techniques…

Read more →

AI, APAC, china, Global Security News, Risk Management

Apple can’t make chips fast enough, but that’s only part of the story

Apple has held “exploratory” talks about manufacturing processors for its devices in the US, Bloomberg reports. The move seems to reflect Apple’s need to secure additional chip supplies to meet growing demand for its products, but could also represent a contingency plan to reduce the company’s reliance on Taiwan Semiconductor Manufacturing Company (TSMC’s) advanced manufacturing facilities in Taiwan. I doubt…

Read more →

Cybersecurity, Europe, Global Security News

Microchip expands Trust Shield with PQC-ready root of trust and secure boot controllers

Microchip Technology is expanding its portfolio of Trust Shield, PQC‑ready devices with the TS1800 Platform Root of Trust controller and the TS50x secure boot controller. The devices are designed to help system architects address emerging cybersecurity mandates, including the European Cyber Resilience Act (CRA) and Commercial National Security Algorithm Suite 2.0 (CNSA 2.0), while supporting…

Read more →

AI, Apps, Compliance, Global Security News, Network Security, privacy

Top 6 Remote Desktop Software Solutions Compared

Remote desktop software enables businesses and IT professionals to access and manage computers and devices from remote locations, ensuring seamless operations from anywhere. The most effective solutions offer features like unattended access, secure file transfer, multi-monitor support, cross-platform compatibility, and real-time collaboration. To help you find the best fit, we’ve compared the leading options on…

Read more →

AI, china, Exploits, Global Security News, Network Security, Risk Management

China-linked threat actors use consumer device botnets to evade detection, warn UK and partners

UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global partners warn that China-linked threat actors now rely on large proxy networks built of hacked consumer devices. Groups control routers, cameras, video recorders, and NAS systems…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security

US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied

A state-sponsored hacking group has implanted a custom backdoor on Cisco network security devices that can survive firmware updates and standard reboots, U.S. and British cybersecurity authorities disclosed Thursday, marking a significant escalation in a campaign that has targeted government and critical infrastructure networks since at least late 2025. The Cybersecurity and Infrastructure Security Agency…

Read more →

AI, Apps, Exploits, Global Security News, privacy

iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

Apple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnerability CVE-2026-28950, a flaw in Notification Services that stored notifications even after deletion. This logging issue could allow recovery of sensitive data, including messages from…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 BRIDGE:BREAK flaws in serial-to-IP devices from Lantronix and Silex Technology. Serial-to-IP converters, also known as serial device servers, connect legacy serial equipment to modern IP networks for remote monitoring…

Read more →

AI, Exploits, Global Security News, malware

Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link routers to spread a Mirai variant called Nexcorium. “IoT devices are increasingly prime targets for…

Read more →

AI, Apps, Exploits, Global Security News, malware, Risk Management

Mirax malware campaign hits 220K accounts, enables full remote control

Mirax, a new Android RAT, spread via Meta ads, infected 220,000 users and turns devices into SOCKS5 proxies, giving attackers full remote control. Mirax is a new Android remote access trojan spreading through ads on Meta platforms, targeting mainly Spanish-speaking users and reaching over 220,000 accounts. The malicious code lets attackers fully control infected devices…

Read more →

AI, Compliance, Europe, Global Security News, privacy, Risk Management

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert. “All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and…

Read more →

AI, Compliance, Europe, Global Security News, privacy, Risk Management

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert. “All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and…

Read more →

AI, Compliance, Global Security News

Gmail’s end-to-end encryption comes to mobile, no extra apps required

Google has expanded Gmail client-side encryption to Android and iOS devices, allowing users to engage with their organization’s most sensitive data on mobile devices while ensuring data remains compliant with sovereignty and compliance requirements. This feature is available for Enterprise Plus users with the Assured Controls or Assured Controls Plus add-on. Composing a E2EE message…

Read more →

AI, Exploits, Global Security News, malware, Network Security

Masjesu botnet targets IoT devices while evading high-profile networks

Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, advertised as a DDoS-for-hire service. It targets IoT devices like routers and gateways, spanning multiple architectures. Designed for persistence, it executes carefully, avoiding high-profile IP ranges…

Read more →

AI, Europe, Exploits, Global Security News, malware, Network Security, Risk Management

Internet-Exposed ICS Devices Raise Alarm for Critical Sectors

Exposed ICS devices and insecure protocols like Modbus increase risks to critical infrastructure, enabling disruption, data access, and potential sabotage. Malware targeting industrial control systems (ICS) poses a serious risk to critical infrastructure, with threats like Stuxnet, Industroyer, Triton, Havex, and BlackEnergy already demonstrating the ability to disrupt operations, cause outages, and even inflict physical…

Read more →

Cybersecurity, Global Security News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday. “These attacks have led to diminished PLC functionality, manipulation of display data and, in some cases, operational disruption and financial

Read more →

Apps, Global Security News, Network Security

IT talent looks the other way as wireless security incidents pile up

Enterprise wireless networks are supporting a growing mix of devices and applications, increasing operational demand and security exposure. The 2026 Cisco State of Wireless report reflects these conditions through rising incident rates, higher costs, and ongoing staffing challenges. Wireless investment continues to increase. Most organizations expanded spending over the past 5 years, and a large…

Read more →

AI, Exploits, Global Security News, Risk Management

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword. “We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, privacy, Risk Management

It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulnerability through Zero Day Initiative (ZDI). The vulnerability, tracked as ZDI-CAN-30207 (CVSS score of 9.8) allows attackers to execute code on targeted devices without any user interaction.…

Read more →

AI, Global Security News, Network Security, Risk Management

New device categories enter top enterprise risk rankings

Enterprise networks keep adding connected devices, expanding the attack surface as threat actors target a wider range of systems, many of which are difficult to inventory, secure, and patch consistently. (Source: Forescout) Forescout’s 2026 Riskiest Devices research maps that shift in IT, IoT, OT, and IoMT environments, with 11 new riskiest asset types entering the…

Read more →

AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management

6 Best Unified Threat Management (UTM) Devices & Software

Unified threat management devices provide a quick path to comprehensive security for SMEs, offering an all-in-one approach to network protection without the need to manage multiple tools. Many products that were once labeled UTM are now marketed as firewalls, but they still serve a similar purpose. Not all solutions deliver the same level of protection,…

Read more →

AI, Exploits, Global Security News

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout. According to GTIG, multiple commercial surveillance vendors and suspected state-sponsored actors have utilized the full-chain exploit kit,…

Read more →

AI, Data Breaches, Global Security News, malware

Attack on Stryker’s Microsoft environment wiped employee devices without malware

The recent cyberattack on Stryker wiped tens of thousands of employee devices through its Microsoft environment, and systems are still offline. A recent cyberattack on medical technology giant Stryker targeted its internal Microsoft environment and remotely wiped tens of thousands of employee devices without using malware. The company confirmed that its medical devices were not…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Risk Management

KadNap bot compromises 14,000+ devices to route malicious traffic

KadNap malware infects 14,000+ edge devices, mainly Asus routers, turning them into a stealth proxy botnet used to route malicious internet traffic. KadNap malware infects more than 14,000 edge devices, mainly ASUS routers, and turns them into a proxy botnet used to route malicious traffic. First detected in August 2025, the campaign heavily targets the…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

Attackers exploit FortiGate devices to access sensitive network information

Attackers are exploiting FortiGate devices to breach networks and steal configuration data containing service account credentials and network details. SentinelOne researchers warn that attackers are exploiting vulnerabilities or weak credentials in FortiGate devices to gain initial access to corporate networks. Once inside, they extract configuration files that may contain service account credentials and information about…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Take control: Locking down common endpoint vulnerabilities

Attackers are constantly on the prowl, scoping out vulnerabilities of network-connected devices in your systems. These devices—laptops, desktops, servers, IoT, and more—are like unlocked doors waiting for threat actors to stroll through. And here’s the kicker: many of these vulnerabilities are shockingly common and easily preventable. Let’s break down the weaknesses we most frequently track…

Read more →

AI, china, Exploits, Global Security News, Network Security, Russia

AI-powered campaign compromises 600 FortiGate systems worldwide

A Russian-speaking cybercriminal used commercial generative AI tools to hack over 600 FortiGate devices across 55 countries. Amazon Threat Intelligence reports that a Russian-speaking, financially motivated threat actor used commercial generative AI services to compromise more than 600 FortiGate devices in 55 countries. The activity, observed between January 11 and February 18, 2026, highlights how…

Read more →

AI, Apps, Cybersecurity, Europe, Global Security News, Government & Policy, privacy

European Parliament Blocks AI on Lawmakers’ Devices Over Security Fears

The European Parliament has disabled built-in artificial intelligence features on work devices used by lawmakers and their staff, following internal cybersecurity and privacy concerns.  The decision was communicated in an internal email seen by Politico, which reported the move on Monday. According to the message from the Parliament’s IT support team, the institution could not…

Read more →

AI, china, Global Security News, privacy

Apple privacy labels often don’t match what Chinese smart home apps do

Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even when the technology also captures guests, neighbors, and other people who never agreed to be monitored. New research examined whether Chinese smart home apps provide privacy protections for these bystanders.…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Threats

macOS Infostealers Fuel Growing Cybercrime Market

For years, some Mac users believed their devices were largely insulated from the malware plaguing Windows environments. That perception is rapidly eroding.  Flare researchers found a growing underground economy is now centered on macOS Infostealers — malware designed to extract browser credentials, Apple Keychain data, and cryptocurrency wallet seed phrases at scale. “I remember that…

Read more →

AI, Apple, Apps, Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Apple fixed first actively exploited zero-day in 2026

Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS to address an actively exploited zero-day tracked as CVE-2026-20700. The flaw is a memory corruption issue in Apple’s Dynamic Link Editor (dyld) that…

Read more →

AI, Breaking News, Compliance, Cybersecurity, edge network devices, Global Security News, Government & Policy, hacking, hacking news, Network Security, Risk Management, Security

CISA pushes Federal agencies to retire end-of-support edge devices

CISA ordered U.S. federal agencies to improve management of edge network devices and replace unsupported ones within 12–18 months. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) instructed U.S. federal civilian agencies to strengthen how they manage edge network devices throughout their lifecycle. According to Binding Operational Directive 26-02, Mitigating Risk From End-of-Support Edge Devices, agencies must…

Read more →