Geek-Guy.com

Tag: Group

AI, Apps, Exploits, Global Security News, malware, Russia

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then…

Read more →

AI, Data Breaches, Europe, Global Security News, Network Security

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen from Charter Communications after the company apparently refused to pay a ransom. Charter Communications is one of the largest telecommunications companies in the United States. It…

Read more →

AI, Apps, Global Security News, Government & Policy, malware, Network Security, Russia

Russia-aligned crime group Greyvibe extensively uses AI in attacks

Researchers have uncovered a previously undocumented Russian group that makes extensive use of large language models (LLMs) in its attacks against private, government, and military organizations in Ukraine. It uses a variety of attack vectors along with custom malware, with the goal of intelligence gathering for the ongoing war. Dubbed Greyvibe by researchers from WithSecure,…

Read more →

AI, Global Security News, Government & Policy, malware, Network Security, Russia

Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it’s part spy op, part crime gang. Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. The group targets Ukraine and Ukrainian-related organizations across military, government, civilian,…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, privacy, Risk Management

AI Threats, Data Breaches, and Supply Chain Risks Define This Week of May 2026 in Cybersecurity

Major Threats & Vulnerabilities Data Breaches and Credential Exposures The hacking group ShinyHunters claims responsibility for stealing over 42 million customer records from Charter Communications. The alleged breach, conducted through social engineering and Microsoft Entra compromise, is under investigation. Organizations are urged to review MFA enforcement and monitor SaaS environments for suspicious activity. Read more…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management, Venture

News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit

NEW YORK, May 28, 2026, CyberNewswire—TVC Analyst Group has released its list of twelve cybersecurity companies identified for their activity and positioning ahead of the Gartner Security & Risk Management Summit 2026, where participating vendors are expected to present product updates, strategic initiatives, and technology developments. The annual Gartner Security & Risk Management Summit, scheduled…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Silent Ransom Group Targets Law Firms With IT Impersonation Attacks 

Silent Ransom Group is escalating attacks on U.S. law firms by posing as IT staff through phishing emails, phone calls, and in-person visits.  The group, also tracked as Luna Moth, Chatty Spider, and UNC3753, is focusing on data theft and extortion rather than traditional ransomware encryption, making its activity more difficult for organizations to detect…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

ShinyHunters Alleges 42M Records Stolen from Charter Communications  

Charter Communications confirmed a cybersecurity incident after the ShinyHunters extortion group claimed it stole customer data and threatened to leak the information unless a ransom was paid.   The company, which operates under the Spectrum brand, said it is investigating the incident and coordinating with authorities.   “The Charter breach is a reminder that the most sophisticated…

Read more →

AI, Cybersecurity, Global Security News, Risk Management, Russia

FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person

Silent Ransom Group, a long-running data extortion operation, continues to hit U.S.-based law firms by impersonating IT support and, in some cases, visiting victims in person to gain physical access to computers, the FBI said in an alert Tuesday. The closed group, which likely operates from Russia and emerged in 2022 after Conti disbanded, has…

Read more →

AI, Data Breaches, Endpoint, Global Security News, malware

The LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On.

Iran’s “hacktivist” group Ababil of Minab, which hit LA Metro and wiped terabytes of data, is forensically linked to Iran’s intelligence service MOIS. In late March, a group calling itself Ababil of Minab posted videos and screenshots online claiming it had broken into the Los Angeles County Metropolitan Transportation Authority, wiped hundreds of terabytes of…

Read more →

AI, Global Security News

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026. The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security

Lazarus APT unveils fileless remote access Trojan designed to evade detection

North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…

Read more →

AI, Apps, Cybersecurity, Global Security News

Cybersecurity jobs available right now: May 26, 2026

Application Security Engineer IG Group | India | Hybrid – View job details As an Application Security Engineer, you will assess the security of web, mobile, and cloud applications through penetration testing, secure code reviews, threat modeling, and architecture reviews. Responsibilities also include integrating security into CI/CD pipelines, managing vulnerability remediation, supporting purple team activities,…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security, Russia

One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure

Hunt.io mapped 1,350+ C2 servers across the Middle East, revealing how a small group of providers quietly supports major malware activity. For years, threat intelligence focused mostly on malware families, phishing domains, and individual indicators. But a new report from Hunt.io shows why defenders may need to pay closer attention to something more boring, hosting…

Read more →

AI, china, Europe, Global Security News, Government & Policy

Webworm APT targets European government organizations with new backdoors

ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, the group initially focused on targets in Asia, but has recently expanded its operations into Europe. ESET observed Webworm targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Europe, Global Security News, Government & Policy, malware, Network Security, Russia

Russian APT Turla builds long-term access tool with Kazuar Botnet evolution

Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…

Read more →

Cybersecurity, Global Security News, Russia

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB)

Read more →

AI, Global Security News, Government & Policy

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC‑0057

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Risk Management

Nitrogen Ransomware claims massive data theft from Foxconn

Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North American factories were affected by a cyberattack. The manufacturer confirmed it was targeted by threat actors after the Nitrogen ransomware group listed it on its Tor…

Read more →

AI, Apps, Global Security News

Pine Services Group Acquires Australian ERP Firm Stratus

Evergreen’s Pine Services Group has acquired Australian ERP consulting and implementation partner Stratus Consulting Group, expanding the company’s presence in the Asia-Pacific market as demand for cloud modernization and enterprise application services continues driving consolidation across the IT services sector. Acquisition expands Pine’s global services footprint With Stratus joining the portfolio, Pine now operates across…

Read more →

AI, Exploits, Global Security News, malware

Google entdeckt erstmals KI-basierten Zero-Day-Exploit

Willkommen im neuen, KI-geschwängerten Bedrohungszeitalter. Gorodenkoff / Shutterstock Die Google Threat Intelligence Group (GTIG) warnt davor, dass kriminelle Hacker mittlerweile KI einsetzen – sowohl, um Schwachstellen aufzuspüren, als auch um anschließend Malware zu entwickeln, die diese aktiv ausnutzt. Der Anlass: Im Rahmen der eingehenden Analyse einer Angriffskampagne prorussischer Hacker haben die Sicherheitsexperten nach eigenen Angaben…

Read more →

AI, Cybersecurity, Europe, Global Security News, Government & Policy, Risk Management

Major world economies spell out key elements of AI ‘ingredients list’

A group of international government agencies released guidance Tuesday on what they believe any artificial intelligence “ingredients list” tool should include to make AI more secure. The concept of such a list, known as a “software bill of materials (SBOM),” is to know everything that goes into a particular piece of software so that any…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Mistral AI SDK, TanStack Router hit in npm software supply chain attack

The TeamPCP threat group has pulled off another big supply chain attack which within a few hours this week was able to successfully compromise 170 Node Package Manager (npm) and PyPI packages. The attack affected the entire TanStack Router ecosystem (@tanstack) of 42 packages, a routing library hugely popular among React web application developers. Multiple…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

Google discovers weaponized zero-day exploits created with AI

The Google Threat Intelligence Group (GTIG) today released evidence of a zero-day exploit developed by a cybercriminal group with the help of AI. It marks the first time the security research group has identified what it believes to be an AI-crafted zero-day exploit in the wild. While evidence of threat actors using AI models for…

Read more →

AI, APAC, china, Global Security News

Iranian state-backed spies pose as ransomware slingers in false flag attacks

An Iranian state-sponsored espionage group is pretending to be a regular ransomware gang in a new wave of ransomware attacks targeting enterprises. APT group MuddyWater (aka Seedworm) is masquerading as the Chaos ransomware-as-a-service group to confuse incident response and mask its spying and cyber-sabotage, according to research by security vendor Rapid7. The attacks — geared…

Read more →

AI, Apps, Compliance, Global Security News, Network Security, Risk Management

Five ways to use Kiro and Amazon Q to strengthen your security posture

A Monday morning security alert flags unauthorized access attempts, security group misconfigurations, and AWS Identity and Access Management (IAM) policy violations. Your team needs answers fast. Security teams are using Kiro and Amazon Q Developer to handle repetitive tasks—scanning resources, drafting policies, and researching Common Vulnerabilities and Exposures (CVEs)—so engineers can focus on risk decisions…

Read more →

china, Europe, Exploits, Global Security News, Government & Policy, malware

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. The activity is being tracked by Cisco Talos under the moniker UAT-8302, with post-exploitation involving the deployment of custom-made malware families that have…

Read more →

AI, china, Global Security News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China. While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to…

Read more →

AI, china, Global Security News, malware, Russia

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities.…

Read more →

AI, Cybersecurity, Global Security News, malware

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). “The malware disguises itself as a Minecraft hack called ‘Slinky,’” Brazil-based cybersecurity company ZenoX said in a technical report. “It uses the official game icon to…

Read more →

AI, Data Breaches, Global Security News

ShinyHunters claims it stole 1.4 million records from Udemy

The ShinyHunters group claims it has breached the Udemy, one of the world’s largest online learning platforms. According to Have I Been Pwned, the leaked dataset contained 1.4 million unique email addresses of customers and instructors, along with names, physical addresses, phone numbers, employer information, and instructor payout methods, including PayPal, cheque, and bank transfer.…

Read more →

AI, Global Security News, Government & Policy

Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy.  Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between…

Read more →

AI, Global Security News, Network Security

BlackFile actively extorting data-theft victims in retail and hospitality sector

Researchers warn that BlackFile, an extortion group likely associated with The Com, continues to impersonate IT support in voice-phishing and social engineering attacks that have impacted organizations in multiple industries, including healthcare, technology, transportation, logistics, wholesale and retail. Attackers have been actively targeting organizations in the retail and hospitality industry since February, according to Unit…

Read more →

AI, Exploits, Global Security News, Russia

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That’s according to a report published by Positive Technologies, which found the threat actors to be leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

ShinyHunters Claims Udemy Data Breach of 1.4M Users 

A notorious threat actor group has targeted Udemy, one of the world’s largest online learning platforms.  ShinyHunters claims it has stolen more than 1.4 million user records and is threatening to leak the data within days.  “Over 1.4M records containing PII and other internal corporate data have been compromised. Pay or Leak,” the threat actors…

Read more →

AI, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, Government & Policy, Risk Management, Russia

Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner

Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest European political figure targeted through a Signal-based phishing attack, reported Der Spiegel. The incident is another reminder that even trusted messaging apps can become entry points when attackers…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security

US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied

A state-sponsored hacking group has implanted a custom backdoor on Cisco network security devices that can survive firmware updates and standard reboots, U.S. and British cybersecurity authorities disclosed Thursday, marking a significant escalation in a campaign that has targeted government and critical infrastructure networks since at least late 2025. The Cybersecurity and Infrastructure Security Agency…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Anthropic Probes Alleged Unauthorized Access to AI Security Tool Mythos

Anthropic is investigating reports that an unauthorized group gained access to its newly launched tool, Mythos, highlighting potential gaps in how early-access AI systems are distributed and secured. “Unauthorized users were able to access Anthropic’s Mythos model, reportedly by just changing a model name,” said Shane Fry, CTO at RunSafe Security in an email to…

Read more →

AI, Cybersecurity, Global Security News

Ransomware negotiator caught secretly assisting BlackCat extortion scheme

Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomware group while working as a ransomware negotiator. Angelo Martino (41) admitted helping the BlackCat ransomware group while working for a U.S. incident response firm. “A Florida man, formerly employed…

Read more →

AI, Europe, Global Security News, Network Security, Russia

Sweden reports cyberattack attempt on heating plant amid rising energy threats

Sweden says a pro-Russian group attacked a heating plant in 2025. The failed cyberattack highlights growing threats to Europe’s energy infrastructure. Sweden has blamed a pro-Russian group linked to Russian intelligence for a failed cyberattack on a heating plant in 2025. Officials say the incident is part of a broader wave of attacks targeting critical…

Read more →

AI, Cybersecurity, Global Security News

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600. Meanwhile, Anthropic accidentally leaked the source code for Claude Code via a basic packaging mistake. Oh, and by the way,…

Read more →

AI, Global Security News, Network Security, Russia

Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign

A small group of former Black Basta affiliates have targeted more than 100 employees across dozens of organizations to intrude network systems for potential data theft, ransomware deployment and extortion, according to ReliaQuest. The social engineering campaign, which involves mass email bombing and Microsoft Teams help desk impersonation, surged last month and dates back to…

Read more →

Global Security News

iTWire TV: After three years steering Australia’s robotics peak body, Nicci Rossouw hands over the controls with a packed expo, a gala night, and one clear message: buy Australian

Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.

Read more →

Global Security News

After three years steering Australia’s robotics peak body, Nicci Rossouw hands over the controls with a packed expo, a gala night, and one clear message: buy Australian

Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.

Read more →

AI, Global Security News

North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, malware

Iran-linked group Handala claims to have breached three major UAE organizations

Iran-linked group Handala claims to have breached three major UAE organizations, Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority The group Handala claimed a major cyberattack against the UAE, targeting Dubai Courts Department, Dubai Land Department, and Dubai Roads and Transport Authority. They alleged destroying 6 petabytes of data and stealing 149 TB…

Read more →

AI, Global Security News

Poisoned “Office 365” search results lead to stolen paychecks

A financially motivated hacking group is targeting Canadian employees with a sophisticated campaign designed to covertly redirect their salary payments into attacker-controlled bank accounts, Microsoft researchers discovered. SEO poisoning and malvertising + phishing + AiTM The group, which Microsoft tracks as Storm-2755, begins by poisoning search engine results and running malicious ads against generic queries…

Read more →

AI, Apps, Cybersecurity, Global Security News, Government & Policy, malware

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa

An apparent hack-for-hire campaign from a group with suspected Indian government connections targeted Middle Eastern and North African journalists and activists using spyware, three collaborating organizations said in reports published Wednesday. The attacks shared infrastructure that pointed to the advanced persistent threat group known as Bitter, which most frequently targets government, military, diplomatic and critical…

Read more →