Geek-Guy.com

Tag: Newly

AI, Exploits, Global Security News, Network Security

Cato cuts vulnerability protection time to 45 minutes with agentic threat research

Cato Networks announced a new capability that reduces time-to-protect for newly disclosed vulnerabilities to 45 minutes. The company attributes this reduction to the use of agentic threat research designed to accelerate protection against emerging exploits. Traditional appliance-based security depends on a slow customer-operated patching cycle: vendors develop protections, customers receive updates, teams test them, and…

Read more →

AI, APAC, Apps, Data Breaches, Exploits, Global Security News, Network Security

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

A newly discovered and so far unpatched critical vulnerability in the open source Gogs Git service not only demands immediate action from developers to secure their code, it also puts a spotlight on the potential issues in using self-hosted code platforms from small maintainers. The hole is a critical argument injection vulnerability, discovered by a…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses.  Researchers at SentinelOne have detailed a new variant of the SHub malware family, dubbed “Reaper,” that impersonates Apple, Google, and Microsoft at different stages of a single attack chain targeting Mac users. The…

Read more →

AI, Exploits, Global Security News

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0. According to AI-native security company depthfirst, the

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s already being exploited in the wild, this isn’t a ‘patch next week situation; it’s a ‘mitigate right now’ emergency,” warned Rob Enderle of the Enderle Group.…

Read more →

Cybersecurity, Exploits, Global Security News

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026. The vulnerability is a critical authentication bypass tracked as CVE-2026-20182. It’s

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

PraisonAI vulnerability gets scanned within 4 hours of disclosure

A newly disclosed authentication bypass flaw in the open-source AI orchestration framework PraisonAI was probed by internet scanners less than four hours after its public disclosure. According to Sysdig observations, roughly three hours and 44 minutes after a GitHub advisory dropped, a scanner identifying itself as “CVE-Detector/1.0” was already looking through the exposed PraisonAI instances…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management

cPanel flaw exposes enterprises to hosting supply-chain risks

A newly disclosed cPanel vulnerability is being exploited at scale, giving attackers a route into web hosting environments that many enterprises may not monitor closely. Analysts say the risk highlights weak visibility into hosting supply chains. The flaw, tracked as CVE-2026-41940, has been used to deploy backdoors, plant SSH keys, steal credentials, and compromise hosting…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

New ‘Dirty Frag’ exploit targets Linux kernel for root access

A newly disclosed Linux privilege escalation issue dubbed “Dirty Frag” is giving attackers a cleaner path to post-compromise escalation to root privileges. According to Microsoft, a couple of vulnerabilities constituting the issue, affecting Linux kernel networking and memory-fragment handling components, are already seeing active exploitation in the wild. The exploitation attempts look indistinguishable from the…

Read more →

AI, Global Security News

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky. “These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers,” Kaspersky researchers  Igor Kuznetsov, Georgy Kucherin, Leonid

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Risk Management

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data directly from Windows systems. The activity, first observed by Cisco Talos in January 2026, involves a remote access trojan dubbed CloudZ and a custom plugin named Pheno that together allow attackers to harvest credentials…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Risk Management

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data directly from Windows systems. The activity, first observed by Cisco Talos in January 2026, involves a remote access trojan dubbed CloudZ and a custom plugin named Pheno that together allow attackers to harvest credentials…

Read more →

AI, Apps, Exploits, Global Security News, malware, Risk Management

CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover

A newly disclosed CVE-2026-41940 vulnerability in cPanel & WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries a CVSS score of 9.8 and can let an unauthenticated remote attacker bypass authentication and gain administrative access, while cPanel’s advisory says the issue affects cPanel software, including DNSOnly, across all versions after 11.40. For…

Read more →

AI, Exploits, Global Security News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge. The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could…

Read more →

AI, Apps, Global Security News

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket. “The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was published in ‘bw1.js,’ a file included in the package contents,” the application security company said. “The attack appears to…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Anthropic Probes Alleged Unauthorized Access to AI Security Tool Mythos

Anthropic is investigating reports that an unauthorized group gained access to its newly launched tool, Mythos, highlighting potential gaps in how early-access AI systems are distributed and secured. “Unauthorized users were able to access Anthropic’s Mythos model, reportedly by just changing a model name,” said Shane Fry, CTO at RunSafe Security in an email to…

Read more →

AI, Cybersecurity, Global Security News, malware, Network Security

New Mirai variants target routers and DVRs in parallel campaigns

Hidden inside newly discovered botnet malware is an unusual message from its creator: “AI.NEEDS.TO.DIE”. Dubbed “tuxnokill” by researchers at Akamai, the malware is one of two fresh Mirai botnet variants documented this month by major cybersecurity firms and, judging by the aforementioned hard-coded string, this particular variant might have been coded the old-fashioned way. “Tuxnokill”…

Read more →

AI, Global Security News

PCI SSC Launches Enhanced Language Microsites for Global Audience

  The PCI Security Standards Council (PCI SSC) has announced the launch of newly redesigned language microsites, delivering a more accessible, structured, and user-friendly experience for global stakeholders. These updates mark a significant step forward in making PCI resources more readily available to non-English-speaking audiences by providing a consistent user experience across languages. 

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

High-Severity Vulnerabilities, Supply Chain Breaches, and AI Threats Redefine Cybersecurity This Week

Major Threats & Vulnerabilities High-Severity Flaws A newly disclosed Cisco IMC vulnerability (CVSS 9.8) allows unauthenticated attackers to gain full administrative access to UCS servers. Cisco has issued patches, and while no active exploitation has been observed, immediate updates are strongly advised. In another critical discovery, a GIGABYTE Control Center flaw enables remote code execution…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Vulnerabilities from years ago still opening doors for attackers

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining active years after disclosure. (Source: Cisco Talos) Findings from Cisco Talos’ 2025 Year in Review show how attackers combined rapid weaponization with long-term exposure spanning infrastructure, identity systems, and user workflows. Top-targeted vulnerabilities show…

Read more →

AI, Apps, Global Security News, malware

New ‘StoatWaffle’ malware auto‑executes attacks on developers

A newly disclosed malware strain dubbed “StoatWaffle” is giving fresh teeth to the notorious, developer-targeting “Contagious Interview” threat campaign. According to NTT Security findings, the malware marks an evolution from the long-running campaign’s user-triggered execution to a near-frictionless compromise embedded directly in developer workflows. Attackers are using blockchain-themed project repositories as decoys, embedding a malicious…

Read more →

AI, Exploits, Global Security News

FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)

A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout is a free, open-source help desk and shared inbox system used by businesses or teams to manage customer support conversations in one…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Perplexity Comet Browser Bug Leaks Local Files via AI Prompt Injection

A newly disclosed attack against Perplexity’s AI-powered Comet browser shows how agentic browsers can be manipulated into leaking sensitive data directly from a user’s machine.  Zenity Labs researchers demonstrated a zero-click attack that tricks the browser’s AI agent into reading local files and sending their contents to an attacker-controlled server. The attack “… results in…

Read more →

AI, Compliance, Data Breaches, Data Security, Europe, Global Security News, Government & Policy, privacy, Risk Management

Kiteworks Flags Canada Sovereignty Compliance Gaps

Kiteworks’ newly released “2026 Data Security and Compliance Risk: Data Sovereignty Report” finds that Canadian organisations report the lowest sovereignty incident rate among surveyed regions — yet channel leaders warn that the risk environment is intensifying, not stabilizing. The cross-regional survey of 286 security, compliance, and IT professionals across Canada, Europe, and the Middle East…

Read more →

AI, Exploits, Global Security News

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023. The vulnerability, tracked as CVE-2026-20127 (CVSS score: 10.0), allows an unauthenticated remote attacker to bypass authentication and obtain

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Vulnerabilities grew like weeds in 2025, but only 1% were weaponized in attacks

Would-be attackers spent 2025 swimming in a sea of more than 40,000 newly published vulnerabilities, VulnCheck said in a report released Wednesday, but only 1% of those defects, just 422, were exploited in the wild. As the deluge of vulnerabilities grows every year, and CVSS ratings lose significance for vulnerability management prioritization, some defenders are…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

A newly uncovered infostealer, suspected to be built with the help of a large language model, is targeting victims with Python and C++ variants, each tailored for a different stage of data theft. Kaspersky researchers discovered a stealer dubbed “Arkanix,” which is capable of harvesting credentials, browser data, cryptocurrency, and banking assets from infected machines.…

Read more →

AI, Apps, Compliance, Cybersecurity, Global Security News, Risk Management

Pathlock CEO Talks Identity in the AI Era

Pathlock’s newly appointed CEO Damon Tompkins says agentic AI is forcing enterprises to rethink identity security, shifting focus from static permissions to real-time monitoring of human and non-human identities. We spoke with Tompkins about his first weeks in the CEO role and why he sees agentic AI as a new opportunity in identity security. Pathlock…

Read more →

AI, Endpoint, Exploits, Global Security News

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, got into its staging server and believe at least 7,000 servers had been compromised by the end of January, half of them in the US. The botnet’s weapons include exploits…

Read more →

AI, ANYRUN, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Malware Analysis, malware behavior, Risk Management

Emerging Ransomware BQTLock & GREENBLOOD Disrupt Businesses in Minutes 

How long would it take your team to realize ransomware is already running?  The newly identified ransomware families are already causing real business disruption. These threats can disrupt operations fast while also reducing visibility through stealth or cleanup activity, shrinking the time teams have to detect and contain the attack.  Here’s what you should know about BQTLock and GREENBLOOD, and how your team can detect and contain them before…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, News, Risk Management, Threats

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, Government & Policy, Risk Management, Vendor Leadership & Partner Programs

January 2026 Leadership Moves Across the Channel, Part 1

Newly created roles and chief customer officers are defining the beginning of the year. As we start the new year, a significant number of leadership moves have been made across the channel. This is just part one of the January 2026 leadership recap. Let’s dive in and stay tuned for the follow-up story later this…

Read more →