Geek-Guy.com

Tag: identified

Exploits, Global Security News

Anthropic: Claude Mythos identified 10,000+ software flaws

Anthropic and its Project Glasswing partners have identified more than 10,000 high- or critical-severity vulnerabilities in critical software systems, the company announced in an update on the project’s progress. Mythos identifies thousands of high-severity vulnerabilities In April 2026, Anthropic introduced Claude Mythos Preview, a new large language model that can autonomously find zero-day vulnerabilities and…

Read more →

AI, Global Security News

Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws, in what security analysts say could mark a major shift in how software vulnerabilities are discovered and remediated. The system, codenamed MDASH, was developed by Microsoft’s Autonomous Code Security team alongside the…

Read more →

AI, Global Security News

Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws, in what security analysts say could mark a major shift in how software vulnerabilities are discovered and remediated. The system, codenamed MDASH, was developed by Microsoft’s Autonomous Code Security team alongside the…

Read more →

AI, Cybersecurity, Global Security News

Security teams are turning to AI to survive alert overload

The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with much of the activity focused on phishing detection, anomaly monitoring, vulnerability management and incident response. “AI…

Read more →

AI, Global Security News, Government & Policy

Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America

TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and financial organizations in Latin America, marking these among the first cases we have observed of AI agents executing attacks from initial access to data exfiltration.

Read more →

AI, Exploits, Global Security News, malware, Risk Management

Edge browser leaves passwords exposed in plain text, says researcher

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk. In a…

Read more →

AI, Exploits, Global Security News, malware, Risk Management

Edge browser leaves passwords exposed in plain text, says researcher

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk. In a…

Read more →

AI, Global Security News

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers,” Kaspersky researchers  Igor Kuznetsov, Georgy Kucherin, Leonid

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Risk Management

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data directly from Windows systems. The activity, first observed by Cisco Talos in January 2026, involves a remote access trojan dubbed CloudZ and a custom plugin named Pheno that together allow attackers to harvest credentials…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Risk Management

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data directly from Windows systems. The activity, first observed by Cisco Talos in January 2026, involves a remote access trojan dubbed CloudZ and a custom plugin named Pheno that together allow attackers to harvest credentials…

Read more →

AI, Global Security News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)

Read more →

Cybersecurity, Exploits, Global Security News

22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed

Read more →

AI, Data Breaches, Exploits, Global Security News

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take full control of a host. The efforts have been codenamed GPUBreach, GDDRHammer, and GeForge. GPUBreach goes a step further than GPUHammer, demonstrating for the first time that

Read more →

AI, Cybersecurity, Global Security News, malware, Russia

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvil ransomware group, linking them to more than 130 attacks in the country. The first suspect is Daniil Maksimovich Shchukin (31), a Russian national known online…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, malware, Network Security

Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls

Amazon threat intelligence has identified an active Interlock ransomware campaign exploiting CVE-2026-20131, a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device, which was disclosed by Cisco on March 4, 2026. After Cisco’s disclosure, Amazon threat…

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics

FBI wiretap system tapped by hackers

The US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported. The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to…

Read more →

AI, china, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Politics

FBI wiretap system tapped by hackers

The US Federal Bureau of Investigation (FBI) has identified a suspected incident on a network used to manage wiretaps and foreign intelligence surveillance warrants, CNN reported. The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to…

Read more →

AI, Apps, china, Exploits, Global Security News, malware, Network Security, Risk Management, Russia

Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year

Google’s threat intelligence researchers have identified a sophisticated exploit kit targeting iPhones that was first used by a commercial surveillance vendor’s customer before being repurposed by a suspected Russian espionage group and then by Chinese cybercriminals, highlighting what researchers describe as an active secondary market for high-end zero-day exploits. “How this proliferation occurred is unclear,…

Read more →

AI, Exploits, Global Security News

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS.…

Read more →

AI, Global Security News

Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model

Anthropic on Monday said it identified “industrial-scale campaigns” mounted by three artificial intelligence (AI) companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude’s capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with its large language model (LLM) through about 24,000 fraudulent accounts in violation of its terms

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

OpenClaw Flaw Enables AI Log Poisoning Risk

A vulnerability has been identified in OpenClaw’s AI assistant that could allow attackers to insert crafted content into system logs.  The flaw stems from how certain WebSocket headers were logged, creating a potential log poisoning risk in AI-assisted workflows. “This issue is primarily an indirect prompt injection risk and depends on downstream log consumption behavior.…

Read more →

AI, Global Security News

LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi

The Acronis Threat Research Unit (TRU) has identified a new and significantly enhanced version of the LockBit ransomware, LockBit 5.0, currently being deployed in active campaigns. The latest variant demonstrates expanded cross-platform capabilities, enabling attackers to target Windows, Linux, and VMware ESXi systems within a single coordinated attack. According to analysis, LockBit 5.0 introduces dedicated…

Read more →

AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats

Bing Ads Abused to Deliver Azure-Hosted Tech Support Scams

A recently identified scam campaign is using Bing search advertisements and Microsoft Azure infrastructure to redirect users to fraudulent tech support pages, demonstrating how legitimate platforms can be misused for social engineering activity.  “The tech support scam campaign had a significant initial impact, affecting users across 48 different organizations in the U.S. within a short…

Read more →

AI, Cybercrime, Malware, Ransomware, Security, Endpoint, Exploits, Global Security News, malware, Network Security

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Forcepoint X-Labs researchers have identified a large Phorpiex botnet-aided phishing campaign that uses weaponized Windows shortcut files to deploy Global Group ransomware across victim systems. The campaign, observed in late 2024 and continuing into 2026, leverages a common email lure, with the subject “Your Document”, to trick recipients into opening a malicious LNK attachment. “By…

Read more →

AI, Apps, Cloud, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats

TeamPCP and the Rise of Cloud-Native Cybercrime

Flare researchers have identified a threat actor known as TeamPCP behind a large-scale campaign targeting cloud-native infrastructure by abusing exposed orchestration and management interfaces.  First observed in late 2025, the activity reflects a broader shift away from endpoint-focused attacks toward systematic exploitation of cloud control planes. “The campaign reflects a dark mirror of legitimate markets.…

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, News, Risk Management, Russia, Threats

10,000+ Active Infections Traced to SystemBC Botnet

Security researchers at Silent Push identified more than 10,000 unique IPs infected with SystemBC, a proxy malware commonly used as an early foothold in ransomware attacks. Using a custom SystemBC tracking fingerprint, analysts mapped a globally distributed botnet that includes compromised systems supporting government infrastructure.  “SystemBC proxies traffic through compromised systems and acts as a…

Read more →

AI, Amazon GuardDuty, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Security, Identity, & Compliance

GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS

Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). GuardDuty Extended Threat Detection was able to correlate signals…

Read more →