Geek-Guy.com

Tag: putting

AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

SAP npm Supply Chain Attack Targets Developer Credentials 

A supply chain attack targeting SAP npm packages is putting enterprise development environments at risk.  Aikido researchers discovered malicious code designed to steal credentials and secrets from developer systems and CI/CD pipelines.  The attack “… harvests local developer credentials, GitHub and npm tokens, GitHub Actions secrets, and cloud secrets from AWS, Azure, GCP, and Kubernetes,”…

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

cPanel Vulnerability Exposes Servers to Takeover 

An authentication vulnerability in cPanel and Web Host Manager (WHM) is putting web hosting environments at risk, prompting the company to release an emergency patch and warn administrators to act quickly.  The flaw affects multiple authentication paths and could allow attackers to gain unauthorized access to servers if left unpatched. “Let’s call this what it…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Risk Management

Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Risk Management

Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…

Read more →

AI, Apps, china, Cybersecurity, Global Security News, Government & Policy, Network Security, Russia

Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad

The Department of Commerce is putting together a catalog of AI tools that will be given special export status by the federal government to be sold abroad. The department issued a call for proposals to participating companies in the Federal Register, looking to create a “menu of priority AI export packages that the U.S. Government…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Risk Management

Patch windows collapse as time-to-exploit accelerates

The gap between vulnerability disclosure and exploitation is drastically decreasing, putting security teams’ patching practices on notice. According to Rapid7’s latest Cyber Threat Landscape Report, confirmed exploitation of newly disclosed high- and critical-severity vulnerabilities (CVSS 7-10) increased 105% year to 146 in 2025, up from 71 in 2024. Moreover, the median time from vulnerability publication…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Funding, Global Security News, Government & Policy, Network Security, Risk Management

2027 POTUS Budget Proposal Targets CISA With Funding Cuts

A federal budget proposal is putting one of the nation’s top cybersecurity agencies on the chopping block, raising alarms about the U.S. government’s readiness to defend against escalating digital threats.  The administration’s fiscal 2027 budget blueprint would reduce funding for the Cybersecurity and Infrastructure Security Agency (CISA), continuing a trend of cuts that could reshape…

Read more →