Geek-Guy.com

Tag: fake

AI, Europe, Global Security News, malware, Network Security

Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem

Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity supported Microsoft’s Digital Crimes Unit (DCU) in its disruption of Fox Tempest, a financially motivated threat actor operating a malware-signing-as-a-service (MSaaS) capability used by cybercriminals to make malicious files appear legitimate. On May 19, 2026,…

Read more →

AI, Cybersecurity, Europe, Exploits, Global Security News, malware

Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers

Nimbus Manticore accelerated cyberattacks during wartime, using AI-assisted malware, fake Zoom installers, and SEO poisoning. When the United States launched Operation Epic Fury against Iran at the end of February 2026, most analysts expected the country’s cyber apparatus to hunker down and weather the storm. That’s not what happened. Instead, researchers at Check Point have…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management

New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know

A new large-scale phishing campaign is targeting U.S. organizations with fake event invitations that lead to credential theft, OTP interception, or RMM tool installation. ANY.RUN researchers found that the campaign uses a repeatable phishing framework to create event-themed lure pages at scale. Some pages steal email credentials and OTP codes, while others deliver legitimate remote…

Read more →

AI, Compliance, Global Security News

Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts

Phishers have been using fake workplace compliance notices to try to trick Microsoft account owners into signing in via a fake sign-in page, says the company’s Defender Research team. The email campaign targeted more than 35,000 users across 13,000 organizations in 26 countries, but concentrated primarily on targets in the United States. Microsoft didn’t say…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

The fake IT worker problem CISOs can’t ignore

Hiring fake IT workers has been a growing problem in recent years — but it’s often a problem very few want to admit to. From Fortune 500 companies down to smaller organizations, remote hiring practices have been exploited to grant trusted access to individuals who are not who they claim to be creating an insider…

Read more →

AI, Cybersecurity, Global Security News, privacy

Agent’s claims on WhatsApp access spark security concerns

A US agent claimed WhatsApp encryption is fake and Meta can access messages; the probe was abruptly shut, raising security concerns. A US agent claimed WhatsApp encryption is fake, alleging Meta accesses all unencrypted messages, but Commerce Department abruptly shut the probe, leaving leaders questioning if consumer apps are safe for sensitive business decisions. In…

Read more →

AI, Global Security News, Government & Policy, malware, Network Security

New Android spyware Morpheus linked to Italian surveillance firm

Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno exposed a new spyware called Morpheus, distributed through fake Android apps posing as updates. Once installed, it can steal extensive data from the infected devices. The report shows strong demand…

Read more →

AI, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, Government & Policy, Risk Management, Russia

Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner

Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest European political figure targeted through a Signal-based phishing attack, reported Der Spiegel. The incident is another reminder that even trusted messaging apps can become entry points when attackers…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security

Fake Claude AI installer abuses DLL sideloading to deploy PlugX

Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX remote access trojan, according to Malwarebytes. The rogue site abuses the chatbot’s popularity to trick users into downloading a ZIP archive presented as a “pro version” installer. The…

Read more →

AI, china, Data Breaches, Global Security News, malware, Russia

CPUID watering hole attack spreads STX RAT malware

Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack…

Read more →

AI, Global Security News, malware, Russia

GlassWorm evolves with Zig dropper to infect multiple developer tools

The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicious npm packages to large-scale supply chain attacks across GitHub, npm, and VS Code, even deploying RATs via fake browser extensions. In its latest iteration, threat…

Read more →

Global Security News

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. “Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages under the guise of software registration,” Elastic

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, privacy, Risk Management

Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

WhatsApp blocked a fake app by Italian firm SIO/Asigint that targeted 200 users with spyware, urging them to reinstall the official app. WhatsApp has recently uncovered a malicious fake version of its app that targeted roughly 200 users, most of whom are in Italy. The platform confirmed that the unofficial client contained spyware and was…

Read more →

AI, Global Security News, malware, Risk Management

New macOS Infinity Stealer uses Nuitka Python payload and ClickFix

Infinity Stealer targets macOS via fake Cloudflare CAPTCHA, using Nuitka; first such campaign per Malwarebytes. Researchers at Malwarebytes spotted a new macOS infostealer, named Infinity Stealer, using a Python payload compiled with Nuitka. It spreads via ClickFix, tricking users with fake Cloudflare CAPTCHA pages. “A fake verification page instructs the visitor to open Terminal, paste…

Read more →

AI, Apps, china, Global Security News, Risk Management

Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire

The North Korea fake IT worker scheme has become a pernicious threat across several industries. While best practices emphasize precautions throughout the hiring phase, once onboarded such operatives can be challenging to detect. Combinations of behavioral analytics, threat intelligence, and other points of information are taking shape as essential defenses, as a recent case attests.…

Read more →

AI, china, Exploits, Global Security News, Network Security, Risk Management

International police Operation Alice take down 373,000 dark web sites exploiting children

Operation Alice: Police dismantle a massive dark web network with 373,000 fake sites luring users seeking child sexual abuse material. An international law enforcement operation, code named Operation Alice, shut down one of the largest dark web scams, uncovering over 373,000 fake sites tricking users seeking child sexual abuse content. The operation, first investigated in…

Read more →

AI, Global Security News, malware

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins

Attackers linked to Storm-2561 use SEO-poisoned search results to lure users to fake Ivanti, Cisco, and Fortinet VPN sites that steal corporate login credentials. In mid-January 2026, Microsoft Defender Experts uncovered a credential-theft campaign attributed to Storm-2561. Threat actor is spreading fake enterprise VPN clients impersonating Ivanti, Cisco, and Fortinet software. By poisoning search engine…

Read more →

AI, Global Security News, Network Security

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. “The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients

Read more →

AI, Apps, Global Security News, Government & Policy, malware

BeatBanker malware targets Android users with banking Trojan and crypto miner

BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called BeatBanker spreads through fake Starlink apps distributed on websites posing as the Google Play Store. Once installed, it hijacks devices, steals login credentials, tampers with cryptocurrency transactions, and secretly…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management, Russia

CleanMyMac Imposter Site Installs SHub Stealer on Macs

A fake version of the popular Mac utility CleanMyMac is being used to trick users into installing data-stealing malware. The campaign uses a fraudulent website that instructs visitors to manually run a command in Terminal, which secretly installs a macOS infostealer known as SHub Stealer.  This malware steals “… sensitive data including saved passwords, browser…

Read more →

AI, Global Security News

LastPass warns of spoofed alerts aimed at stealing master passwords

LastPass warns of a phishing campaign using fake security alerts about unauthorized access or password changes to steal users’ master passwords. LastPass has warned users about a new phishing campaign using fake security alerts that claim unauthorized access or master password changes. The emails, which spoof LastPass’s display name, attempt to trick recipients into revealing…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management

Operator of AI Fake ID Platform Pleads Guilty

An artificial intelligence-powered website that churned out thousands of fake passports and driver’s licenses has landed its alleged operator in federal court.  Yurii Nazarenko, a 27-year-old Ukrainian national, pleaded guilty to running OnlyFake, a subscription-based platform that generated more than 10,000 counterfeit identification documents for customers worldwide. “OnlyFake’s manufacture of fraudulent IDs and other documents…

Read more →

AI, Global Security News, malware

Fake Zoom meeting leads to silent install of surveillance software

Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12 days. The trick Potential victims likely visit the page (at uswebzoomus[.]com/zoom/) after getting a meeting invite/link…

Read more →

AI, Apps, Global Security News, malware, Network Security

Fake Zoom meeting silently installs surveillance software, says Malwarebytes

The latest fake Zoom meeting scam silently pushes surveillance software onto the Windows computers of unwitting employees. That’s according to researchers at Malwarebytes, who warn that staff falling for the scam land in a convincing imitation of a Zoom video call. Moments later, an automatic “Update Available” countdown downloads a malicious installer, without asking permission.…

Read more →

AI, Apps, Global Security News

Identity verification systems are struggling with synthetic fraud

Fake and expired IDs keep showing up in routine customer transactions, from alcohol purchases to credit card applications. The problem shows up most often in industries that depend on fast onboarding and remote transactions, where identity checks rely heavily on scanned documents and automated workflows. Intellicheck analyzed nearly 100 million identity verification transactions collected through…

Read more →