Geek-Guy.com

Tag: first

AI, Compliance, Global Security News, Risk Management

Sectigo Launches MCP Server for CLM

Sectigo has announced the general availability of what it says is the first globally available, production-ready Model Context Protocol server for certificate lifecycle management, expanding how enterprises can use AI agents to manage digital certificates. The MCP Server for Sectigo Certificate Manager allows administrators to perform certificate operations using natural language through MCP-compatible AI agents,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’

Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to address urgent vulnerabilities that can’t wait for the company’s quarterly patching. The initial batch addresses 35 flaws, including several for which exploit code is publicly available. In total, there are 11 flaws rated ‘critical’, 18 rated…

Read more →

AI, Europe, Global Security News, Network Security, privacy, Russia

Global law enforcement operation takes First VPN offline

Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First VPN offline, a service that had become a quiet staple for ransomware crews, data thieves, and other cybercriminals trying to hide in plain sight. “The coordinated…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management, Russia

Developer workstations are the new beachhead

I spent the first week of April reading three separate threat intelligence reports that, on the surface, had nothing in common. One covered a North Korean campaign that had published over 1,700 malicious packages across five open-source ecosystems. Another detailed a malware operation using a Zig-compiled binary to silently infect every IDE on a developer’s…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

Dubai-founded OTT Cybersecurity LLC also unveils the Agent Trust Protocol (ATP), the first open cryptographic standard for AI agent identity, scope, and action verification — slated for IETF submission. OTT Cybersecurity LLC, the company behind Lyrie.ai, today announced two milestones that together position the company as foundational infrastructure for the agentic AI era: acceptance into…

Read more →

AI, Global Security News, Risk Management

Object First Launching Secure, Cloud-Based Fleet Manager

Object First, a ransomware-proof on-prem backup storage organization, is launching Object First Fleet Manager, a secure, cloud-based service to simplify management of distributed Ootbi backup storage deployments for Veeam environments. The offering is now generally available and built for enterprises and service providers with distributed backup storage infrastructures. Oobti users with active support contracts get…

Read more →

AI, Global Security News, Network Security

CDW Q1 Sales Rise, but Margin Concerns Hit Shares

CDW delivered stronger-than-expected sales growth in the first quarter of 2026, but shrinking margins and investor worries over profitability overshadowed the company’s gains, sending shares tumbling nearly 20% on Wednesday. CDW reports stronger sales and AI demand The IT solutions provider reported rising demand for infrastructure hardware and AI-related technology projects as businesses ramped up…

Read more →

AI, Global Security News

Object First Fleet Manager simplifies distributed backup storage

Object First released Object First Fleet Manager, a cloud-based service that simplifies the management of distributed Ootbi backup storage deployments for Veeam Software environments. Built for enterprises and service providers with distributed backup storage infrastructures, Fleet Manager is available to Ootbi users with active support contracts at no additional cost. As backup infrastructure becomes more…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management

Managing OT risk at scale: Why OT cyber decisions are leadership decisions

The first time I approached an OT environment, I assumed that the strategies effective in IT cybersecurity would be equally applicable. I was wrong. The experience revealed a fundamental difference, highlighting the need for a distinct approach to OT cyber risk management. The mistake was not technical. It was conceptual. I was treating OT as…

Read more →

AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Optimize security operations through an AWS Security Hub POC

April 27, 2026: This post was first published in September 2025 when the enhanced AWS Security Hub was in public preview. It has since been updated to reflect the general availability of Security Hub. This revision also provides a more detailed, step-by-step framework for planning your POC. AWS Security Hub prioritizes your critical security issues…

Read more →

AI, china, Global Security News

Former OpenAI research scientist launches new AI model for Tencent

Tencent has updated its Hunyuan AI model, its first major release since it recruited Yao Shunyu, a leading AI scientist from OpenAI. Tencent’s Hy3 model, currently available in preview, offers improvements in areas from complex reasoning to coding. The Chinese technology conglomerate is playing catch-up with other Chinese AI developers including ByteDance, Alibaba and DeepSeek.…

Read more →

AI, Apps, Exploits, Global Security News

Phishing reclaims the top initial access spot, attackers experiment with AI tools

Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for over a third of engagements where initial access could be determined, according to Cisco Talos. It is the first quarter phishing has led the category since Q2 2025, when exploitation of public-facing applications took over…

Read more →

AI, Exploits, Global Security News, Network Security

Network ‘background noise’ may predict the next big edge-device vulnerability

Attackers rarely exploit an edge-device vulnerability indiscriminately. Typically, they first test how widely the flaw can be used and how much access it can provide, then move on to steal data or disrupt operations. Pre-attack surveillance and planning leaves a lot of noise in its wake. These signals — particularly spikes in traffic that are…

Read more →

AI, Apps, Global Security News, Risk Management

Curity looks to reinvent IAM with runtime authorization for AI agents

In 2026, enterprise developers are building and deploying the first generation of powerful, increasingly autonomous AI agents at incredible speed. Now comes the hard part: working out how to secure them. Vendors in the space are facing multiple challenges. To begin with, traditional identity and access management (IAM) tools were never designed to secure anything…

Read more →

AI, Apps, Global Security News, Risk Management

Curity looks to reinvent IAM with runtime authorization for AI agents

In 2026, enterprise developers are building and deploying the first generation of powerful, increasingly autonomous AI agents at incredible speed. Now comes the hard part: working out how to secure them. Vendors in the space are facing multiple challenges. To begin with, traditional identity and access management (IAM) tools were never designed to secure anything…

Read more →

AI, Global Security News

OPSWAT adds predictive AI engine to MetaDefender for pre-execution threat detection

OPSWAT has announced OPSWAT Predictive Alin AI, its first proprietary AI-based threat detection engine for the MetaDefender Platform. This AI-based innovation introduces a new category of capability within the MetaDefender Platform, a high-confidence predictive layer that works alongside existing detection and prevention engines to assess malicious intent before execution, driving greater efficiency across the platform.…

Read more →

AI, Global Security News, malware, Network Security

Chaos malware expands from routers to Linux cloud servers

Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the malware operating against misconfigured Linux cloud servers, a category of infrastructure the botnet had not previously prioritized. Darktrace’s malware research team documented the compromise through its CloudyPots program, a…

Read more →

AI, Compliance, Global Security News, Government & Policy, Network Security

Introducing the Landing Zone Accelerator on AWS Universal Configuration and LZA Compliance Workbook

November 20, 2025: Date this information was first published. We’re pleased to announce the availability of the latest sample security baseline from Landing Zone Accelerator on AWS (LZA)—the Universal Configuration. Developed from years of field experience with highly regulated customers including governments across the world, and in consultation with AWS Partners and industry experts, the…

Read more →

AI, Apps, Compliance, Cybersecurity, Europe, Global Security News, Government & Policy, Network Security, Risk Management, Venture

March 2026 Leadership Moves: Google Cloud Partner Chief Departs & More

As the first quarter of 2026 comes to a close, organizations around the channel have made significant moves to their leadership teams. Key figures have been appointed, promoted, or departed from their positions to make way for new faces. Take a look around at some of the signature moves that enterprises have made as they…

Read more →

AI, APAC, Apps, Global Security News, Network Security, Risk Management, Venture

March 2026 M&A Recap: SAP, Eaton Headline Month’s Deals

At the end of the first quarter of 2026, the channel saw several key acquisitions in March. Significant players in the channel have made these moves to help provide their customers with improved services, stronger solutions, and expanded expertise. Dive into the acquisitions from the month and don’t forget to catch up on February’s M&As,…

Read more →

AI, Global Security News, malware, Risk Management

New macOS Infinity Stealer uses Nuitka Python payload and ClickFix

Infinity Stealer targets macOS via fake Cloudflare CAPTCHA, using Nuitka; first such campaign per Malwarebytes. Researchers at Malwarebytes spotted a new macOS infostealer, named Infinity Stealer, using a Python payload compiled with Nuitka. It spreads via ClickFix, tricking users with fake Cloudflare CAPTCHA pages. “A fake verification page instructs the visitor to open Terminal, paste…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware

TeamPCP Supply Chain Campaign: Update 001 ? Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)

This is the first update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). That report covers the full campaign from the February 28 initial access through the March 24 LiteLLM PyPI compromise. This update covers developments since publication. Checkmarx ast-github-action: All 91 Tags…

Read more →

AI, Global Security News, Risk Management

Darktrace Introduces Darktrace / Adaptive Human Defence, a New Generation of Personalised, Real-Time Security Training and Protection

The first solution that uses an understanding of each individual’s behavior to integrate email security controls with personalised security awareness training; training is personalised based on your inbox activity, and its outcomes used to further strengthen the email security controls in place Unique adaptive coaching tailors the difficulty and content of phishing simulations to each…

Read more →

AI, Apps, Global Security News

Weekly Update 496

Watching OpenClaw do its thing must be like watching the first plane take flight. It’s a bit rickety and stuck together with a lot of sticky tape, but squint and you can see the potential for agentic AI to change the world as we know it. And I don’t think that’s hyperbolic. A lot of…

Read more →

AI, Apps, china, Europe, Global Security News, Government & Policy, Network Security, Russia

Data Centers Are Military Targets Now

In retaliation for the ongoing U.S.–Israeli war, Iran responded with a novel form of counterattack. For the first time in military history, private sector data centers came under deliberate attack. In an era when companies known for e-commerce, social networks, and search engines have also become close collaborators with militaries, is bombing their servers fair…

Read more →

AI, Apps, Endpoint, Global Security News

ManageEngine Endpoint Central Advances Towards Autonomous Endpoint Security with EDR and Secure Private Access

Company Unveils the First Natively Built Platform Combining UEM, Endpoint Security (EPP with EDR), Digital Employee Experience (DEX), and Secure Private Access Introduces AI-powered endpoint threat detection and automated remediation Enforces Zero Trust access to intranet applications through device trust verification Free trial available at https://mnge.it/EDR

Read more →

AI, Global Security News

Scans for “adminer”, (Wed, Mar 18th)

A very popular target of attackers scanning our honeypots is “phpmyadmin”. phpMyAdmin is a script first released in the late 90s, before many security concepts had been discovered. It’s rich history of vulnerabilities made it a favorite target. Its alternative, “adminer”, began appearing about a decade later (https://www.adminer.org). One of its main “selling” points was simplicity.…

Read more →

AI, Global Security News, Risk Management

Virtue AI brings continuous stress testing to enterprise AI agents

Virtue AI has announced Agent ForgingGround with built-in Red-Teaming Agents, the first enterprise-scale testing ground designed to continuously evaluate and stress-test AI agents (including multi-agent systems) before, during, and after deployment. As organizations adopt large-scale AI agents, many enterprises are unprepared to manage agent risk. AI agents can call tools, access sensitive data, and execute…

Read more →

Exploits, Global Security News

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit’s Navigation API that could be exploited to bypass the same-origin policy when processing maliciously…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance

ENISA’s first Technical Advisory on Secure Package Managers helps developers safely use third-party packages. ENISA has released its first Technical Advisory on Package Managers, focusing on how developers can safely consume third-party packages. The document (March 2026, v1.1) follows public feedback incorporating 15 contributions from stakeholders, experts, and the open-source community. “This document focuses on…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix

When I first secured a production line, part of the control system was still running on an unpatched Windows XP machine tucked under a lab table — right next to the state-of-the-art GMP manufacturing setup that produced millions in value every day. Everyone knew that the system was a risk, but no one was willing…

Read more →

AI, Global Security News, Risk Management

SailPoint expands AI-powered identity security with adaptive identity framework

SailPoint announced significant advancements to its AI-powered SailPoint Platform, introducing the first in a series of capabilities that advance its adaptive identity vision, an approach designed to address the critical security challenges of IT environments. New features include: Privilege: SailPoint is delivering total visibility into privilege risk with the launch of privilege discovery and classification…

Read more →

Europe, Funding, Global Security News, Government & Policy

Augur lands $15 million funding to strengthen critical infrastructure security

Augur has announced a $15 million seed round led by Plural, with participation from First Kind, SNR, Flix, and Tiny VC. The funding will support the deployment of Augur’s technology as governments, operators, and venue owners across Europe face rising security threats to vulnerable public spaces and critical national infrastructure. The changing threat landscape The…

Read more →

AI, Apps, Compliance, Global Security News

AWS successfully completed its first surveillance audit for ISO 42001:2023 with no findings

In November 2024, Amazon Web Services (AWS) was the first major cloud service provider to announce the ISO/IEC 42001 accredited certification for AI services, covering: Amazon Bedrock, Amazon Q Business, Amazon Textract, and Amazon Transcribe. In November 2025, AWS successfully completed its first surveillance audit for ISO 42001:2023, Artificial Intelligence Management System with no findings.…

Read more →

AI, Compliance, Global Security News, Government & Policy

NATO approves iPhone and iPad to handle classified info

In an impressive and unique industry first that reflects the work Apple has done on mobile device security since the first iPhone arrived almost 20 years ago, the North Atlantic Treaty Organization (NATO) says iPhones and iPads running iOS 26 are secure enough to handle classified information in NATO-restricted environments — pretty much out-of-the-box. That’s going…

Read more →

AI, Global Security News, Network Security

ServiceNow plans automation of L1 Service Desk roles, promises more AI ‘specialists’ to come

ServiceNow plans to unleash the first member of its Autonomous Workforce, the Level 1 Service Desk AI specialist, next quarter. The agent will autonomously diagnose and resolve common IT support requests such as password resets, provisioning of software access, and network troubleshooting. It will base its actions on information from enterprise knowledge bases, historical incident…

Read more →

AI, Exploits, Global Security News, malware, Network Security

PromptSpy abuses Gemini AI to gain persistent access on Android

PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Android malware to exploit Google’s Gemini AI to maintain persistence. The malware can capture lockscreen data, block uninstallation attempts, collect device information, take screenshots, and record screen activity…

Read more →