Geek-Guy.com

Tag: hackers

AI, Data Breaches, Global Security News, Government & Policy, Risk Management

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed personal information. According to the notification shared with the Maine Attorney General’s Office, the total number of persons affected is 5,995,277. The company said…

Read more →

AI, Global Security News

Weekly Update 504

It’s a hot topic, the old “pay or don’t pay” for hackers not to leak your data. Since recording this a few days ago, we’ve had Grafana go with the “no pay” approach, and I’ve seen a raft of commentary around other companies reaching “agreements”, which is a much politer way of saying “we paid…

Read more →

AI, Apps, Global Security News, malware, Network Security, Russia

Expired domain leads to supply chain attack on node-ipc npm package

A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root cause of the compromise was an expired domain name that attackers managed to register in order to hijack a maintainer’s account. The node-ipc package has had malware added to its code in the past.…

Read more →

AI, Cybersecurity, Data Breaches, Data Security, Global Security News, Government & Policy, Risk Management

Instructure settles with hackers following massive student data theft

Educational tech firm Instructure reached a deal with hackers after a major Canvas breach exposed data stolen from schools and universities. Educational tech firm Instructure says it reached an agreement with the cybercrime group behind a major Canvas data theft, after attackers broke into its systems and threatened to publish stolen information from schools and…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security

Hackers accessed BWH Hotels reservation system for months

BWH Hotels says hackers accessed guest reservation data, including names and contacts, for over six months across multiple hotel brands. BWH Hotels disclosed a data breach, with threat actors having had access to guest reservation data for more than six months. The incident exposed names and contact details of an undisclosed number of guests. BWH…

Read more →

AI, china, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits

Google says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale. Artificial intelligence is rapidly changing the cyber threat landscape, and a new report from the Google Cloud Threat Intelligence team highlights how attackers already use AI to improve vulnerability exploitation and gain initial access to…

Read more →

AI, Data Breaches, Europe, Exploits, Global Security News, Risk Management, Russia

Cyberattacks on Poland’s Water Plants: A Blueprint for Hybrid Warfare

Poland’s ABW confirmed hackers breached ICS at five water plants, gaining ability to alter equipment settings. Russia-linked APT groups suspected. Poland’s Internal Security Agency (ABW) has published a detailed account of a sustained campaign targeting the country’s water plants, documenting security breaches at five water treatment facilities in 2025. The incidents mark one of the…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks

Palo Alto says hackers exploited PAN-OS zero-day CVE-2026-0300 for weeks, gaining root access to exposed firewalls and hiding traces. Palo Alto Networks warned that suspected state-sponsored hackers have been exploiting the critical PAN-OS zero-day CVE-2026-0300 for nearly a month. After exploiting the flaw, attackers deployed tunneling tools such as EarthWorm and ReverseSocks5, used stolen credentials…

Read more →

AI, Data Breaches, Europe, Exploits, Global Security News, Network Security

Vimeo confirms breach via third-party vendor impacts 119K users

Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third‑party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole personal information of 119,000 users in April 2026. According to Have I Been Pwned, the attackers accessed user data through a compromise at Anodot, a third‑party…

Read more →

AI, Data Breaches, Exploits, Global Security News, malware, Risk Management

Digital attacks drive a new wave of cargo theft, FBI says

The FBI warns of rising cyber cargo theft, with hackers targeting brokers and carriers. Experts say digital attacks are replacing traditional cargo theft. The FBI has issued a Public Service Announcement (PSA) about a surge in cyber-enabled cargo theft, with hackers increasingly targeting brokers and carriers. This trend confirms earlier findings from Proofpoint and alerts…

Read more →

AI, Global Security News, Russia

Large-scale Roblox hacking operation shut down by Ukrainian authorities

Ukrainian police arrested three hackers who hijacked 610,000 Roblox accounts and sold them for $225,000 in profit. Police in Ukraine arrested three suspects accused of hacking over 610,000 Roblox accounts and selling them for about $225,000. Officers carried out multiple searches in Lviv, seizing cash, phones, computers, laptops, tablets, and USB drives. The operation disrupted…

Read more →

AI, china, Exploits, Global Security News, Network Security, Risk Management

China-linked threat actors use consumer device botnets to evade detection, warn UK and partners

UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global partners warn that China-linked threat actors now rely on large proxy networks built of hacked consumer devices. Groups control routers, cameras, video recorders, and NAS systems…

Read more →

AI, Data Breaches, Global Security News

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My Rituals members after attackers gained unauthorized access to its systems and downloaded part of the database. The security breach occurred earlier this month, and the company is…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command…

Read more →

AI, Data Breaches, Exploits, Global Security News

Cyber attacks fuel surge in cargo theft across logistics industry

Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and logistics companies, running coordinated remote access campaigns to steal cargo and divert payments. These attacks appear to be linked to organized crime. The findings highlight a growing trend of…

Read more →

AI, china, Cloud Security, Endpoint, Exploits, Global Security News, malware, Network Security

China-linked cloud credential heist runs on typos and SMTP

China-aligned hackers have deployed a Linux-based ELF backdoor to steal cloud credentials at scale from workloads across AWS, GCP, Azure, and Alibaba Cloud environments. According to Breakglass Intelligence findings, the backdoor uses a “zero-detection” technique, employing SMTP port 25 as a covert command-and-control (C2) channel to harvest cloud provider credentials and metadata. “A selective C2…

Read more →

AI, Data Breaches, Global Security News

Hackers access Booking.com user data, company secures systems

Hackers accessed some Booking.com user data, including names, emails, phone numbers, and booking details. The issue is now contained. Booking.com warned that hackers may have accessed customer data linked to travel reservations. Exposed details could include names, email addresses, phone numbers, and information shared with accommodations. Booking.com is one of the world’s leading online travel agencies…

Read more →

AI, Compliance, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

Hackers claim control over Venice San Marco anti-flood pumps

Hackers breached Venice ’s San Marco flood system, claiming control of pumps and the ability to disable defenses and flood coastal areas. The technologies that govern the physical world are the quiet infrastructure of modern life. From energy grids to water systems, from factories to flood defenses, operational technology (OT) has long had one essential…

Read more →

AI, Compliance, Cybersecurity, Data Breaches, Europe, Global Security News, Network Security

Eurail data breach impacted 308,777 people

Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail in December 2025 and stole names and passport numbers from its network. The company now notifies 308,777 people that attackers exposed their personal data, raising concerns about identity theft and misuse of sensitive…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Government & Policy, malware, Russia

Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’

The recent FBI-led operation to knock Russian government hackers off routers sought to topple an especially insidious and threateningly contagious cyberespionage campaign, top bureau cyber official Brett Leatherman told CyberScoop. Researchers, along with U.S. and foreign government agencies, revealed details of the campaign this week by which APT28 — also known as Forest Blizzard or…

Read more →

AI, Apps, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News

Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw

Hackers have been exploiting a critical vulnerability in FortiClient Endpoint Management Server (FortiClient EMS) since at least the end of March. Fortinet has published an advisory and released an emergency hotfix that can be applied to affected deployments until a patched version can be released. The vulnerability, now tracked as CVE-2026-35616, allows unauthenticated attackers to…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware

Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn

Iranian government hackers are launching disruptive cyberattacks on American energy and water infrastructure, U.S. government agencies “urgently” warned Tuesday. The hackers are taking aim at devices and systems that control industrial processes, and have harmed victims in the last month following the onset of U.S.-Israel strikes against Iran, according to the joint alert from the…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. Microsoft…

Read more →