Geek-Guy.com

Tag: quietly

AI, Cybersecurity, Global Security News, Network Security

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren’t. And when a journalist tried to warn the company, it was lawyers who responded. Meanwhile, a paper from Cornell suggests that prompt injection – the…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security

From Fake Purchase Orders to Remote Access: Analyzing the JS.MonoGlyphRAT Threat to US Enterprises

A previously unidentified cyberattack is quietly spreading through US businesses — and most security tools are not catching it. Researchers at ANY.RUN have identified a new backdoor called JS.MonoGlyphRAT, an advanced piece of malware delivered as an ordinary-looking JavaScript file disguised as a purchase order, quote, or business proposal. Once an employee opens the file,…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Risk Management

FIRESIDE CHAT: Cyber insurers deepen SMB security role as supply chain attacks spread

The cyber insurance industry set out to manage financial risk. Along the way, it has quietly became the security operations provider for a significant share of American small businesses. An $11 billion acquisition agreement announced earlier this year suggests it intends to stay in that role. Related: No easy AI security fixes I sat down…

Read more →

Global Security News

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.  The dataset behind these findings includes 10 million monitored

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

Your CTEM program is probably ignoring MCP. Here’s how to fix it

Model Context Protocol (MCP) is the connective tissue of modern AI tooling and has quietly become one of the most significant blind spots in modern security programs. Like shadow IT before it, shadow AI — especially as it relates to MCP risk — introduces a new class of exposures that security teams lack adequate tooling…

Read more →

AI, Global Security News

Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?

Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of governance policy controls.” Enterprise leaders can request access to the Gartner Market Guide…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management

ClickUp Data Leak Exposes Enterprise Emails for Over a Year 

A hardcoded API key embedded in ClickUp’s public website has quietly exposed hundreds of corporate and government email addresses for more than a year. The flaw, first reported in early 2025, remained active as of April 2026 — allowing anyone to access sensitive data with a simple request and no authentication. “I went to http://clickup[.]com,…

Read more →

AI, Data Breaches, Global Security News, malware, Network Security, Risk Management

130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders 

A widespread browser extension campaign is quietly compromising users by disguising data-stealing tools as TikTok video downloaders. “While many people see browser extensions as harmless little widgets, oftentimes they have no idea who is actually behind these extensions, and what capabilities they contain within their source code,”  said Natalie Zargarov, security researcher at LayerX in…

Read more →

Endpoint, Global Security News

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security Intelligence Brief. Download now → The “First-Hop Bias” Blind Spot Most&

Read more →

AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

GrafanaGhost Flaw Allows Silent Data Exfiltration

A vulnerability called GrafanaGhost allows attackers to quietly extract sensitive data from Grafana environments without user interaction or traditional compromise techniques.  Discovered by researchers at Noma Security, the flaw highlights how AI-driven features can introduce new, difficult-to-detect attack paths in widely used platforms. “Across ForcedLeak, GeminiJack, DockerDash, and now GrafanaGhost, we keep seeing the same…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Risk Management

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft has quietly introduced the Agent Governance Toolkit, an open-source project designed to monitor and control AI agents during execution as enterprises try to move them into production workflows. The toolkit, which is a response to the Open Worldwide Application Security Project’s (OWASP) emerging focus on AI and LLM security risks, adds a runtime security…

Read more →

AI, Apps, Compliance, Exploits, Global Security News, Risk Management

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft has quietly introduced the Agent Governance Toolkit, an open-source project designed to monitor and control AI agents during execution as enterprises try to move them into production workflows. The toolkit, which is a response to the Open Worldwide Application Security Project’s (OWASP) emerging focus on AI and LLM security risks, adds a runtime security…

Read more →

AI, Apps, Cybersecurity, Endpoint, Global Security News, Network Security, Risk Management

Runtime: The new frontier of AI agent security

AI agents are already operating inside enterprise networks, quietly doing some of the work employees once handled themselves — writing code, drafting emails, retrieving files, and connecting to internal systems. Sometimes they also make costly mistakes. At Meta, an employee asked an AI assistant to help manage her inbox. It deleted it instead. At Amazon,…

Read more →

AI, Global Security News

How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking authentication flows, and encrypted traffic that conceals malicious behavior from traditional detection layers. For CISOs, the priority is now clear: scale phishing detection in a way that…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management

Malicious Chrome Extension Targets imToken Wallet Users

A malicious Chrome extension disguised as a harmless color visualization tool is quietly redirecting users to phishing pages designed to steal cryptocurrency wallet credentials.  Socket researchers warn that the extension impersonates the popular imToken wallet brand and tricks victims into entering their seed phrases or private keys. The “… extension automatically opens a threat actor-controlled…

Read more →

AI, Apps, Exploits, Global Security News, malware

Researchers discover suite of agentic AI browser vulnerabilities

Researchers have discovered multiple vulnerabilities that let attackers to quietly hijack agentic AI browsers. Researchers at Zenity Labs discovered these flaws, which affected multiple AI browsers, including Perplexity’s Comet. Before being patched, an attacker could exploit them via a legitimate calendar invite, using a prompt injection to force the AI browser to act against its…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

Chrome Extension Hijacked to Push ClickFix Malware

A once-trusted Chrome extension with thousands of users was quietly transformed into a malware delivery vehicle, exposing how quickly browser add-ons can become security liabilities.  QuickLens – Search Screen with Google Lens was removed from the Chrome Web Store after researchers discovered it had been updated to deploy ClickFix attacks and steal cryptocurrency wallet data. …

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security

BYOVD Turns Trusted Drivers Against Windows Security

A growing number of great actor groups are quietly abusing legitimate Windows drivers to turn endpoint defenses against themselves.  Known as Bring Your Own Vulnerable Driver (BYOVD), the technique allows attackers to load a digitally signed but flawed driver and exploit it to gain full kernel-level access.  Attackers “… load a legitimate, digitally signed, but…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

XSS Bug in VS Code Extension Exposed Local Files

A widely used Microsoft Visual Studio Code (VS Code) extension quietly exposed millions of developers to potential local file exfiltration through a cross-site scripting (XSS) flaw.  The issue affected the official Live Preview extension — downloaded more than 11 million times — and allowed malicious websites to interact with a developer’s localhost environment.  An “……

Read more →

AI, Global Security News, malware

Firmware-level Android backdoor found on tablets from multiple manufacturers

A new Android backdoor embedded directly in device firmware can quietly take control of apps and harvest data, Kaspersky researchers found. The malware, named Keenadu, was discovered during an investigation into earlier Android threats and appears to have been inserted during the firmware build process, not after devices reached users.  How the backdoor works…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

1,800+ Windows Servers Hit by BADIIS SEO Malware

More than 1,800 Windows servers have been quietly compromised in a sprawling malware campaign that turns legitimate websites into tools for search engine manipulation.  The operation leverages a sophisticated strain known as BADIIS to infect Microsoft Internet Information Services (IIS) environments, allowing threat actors to monetize trusted infrastructure without disrupting normal operations. We found “……

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats

Picus Red Report 2026 Shows Attackers Favor Stealth Over Disruption

Cyber attackers are quietly changing how they operate — and the latest Picus Red Report shows that disruption is no longer the goal.  Rather than encrypting systems or triggering immediate disruption, Picus Security found that adversaries are prioritizing stealth, persistence, and long-term access within enterprise environments.  “The 2026 Red Report confirms that the era of…

Read more →

AI, Global Security News, malware, Malwarebytes, News, Proxy, YouTube

Trojanized 7-Zip downloads turn home computers into proxy nodes

A trojanized version of the popular 7-Zip software is quietly turning home computers into residential proxy nodes, Malwarebytes warns. Spurred by a Reddit post in which a user complained about getting infected with malware after downloading 7-Zip from 7zip[.]com instead of the legitimate 7-zip.org, Malwarebytes researchers looked into the matter and found that the malicious…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Schrödinger’s cat and the enterprise security paradox

Most security leaders quietly live with a paradox they rarely name out loud. Until you truly look inside the box of your environment, your organization is both secure and compromised. The dashboards might be green and the audit reports reassuring, but the uncomfortable reality is that you do not know your actual state until you…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Schrödinger’s cat and the enterprise security paradox

Most security leaders quietly live with a paradox they rarely name out loud. Until you truly look inside the box of your environment, your organization is both secure and compromised. The dashboards might be green and the audit reports reassuring, but the uncomfortable reality is that you do not know your actual state until you…

Read more →

AI, CryptoCurrency, dark web, Global Security News, Guest blog, Incognito Market, Law & order

Incognito Market admin sentenced to 30 years for running $105 million dark web drug empire

He promised “the best security there is” to hundreds of thousands of drug buyers, while quietly making the kind of mistake that guaranteed a 30-year sentence. And maybe training police on cryptocurrency while running a running a vast Tor-hidden drug bazaar wasn’t such a good idea. Read more in my article on the Hot for…

Read more →

Global Security News

The Edifier NeoBuds Pro 3 earbuds bring spatial audio, serious ANC, and a premium feel without premium-brand pricing

Edifier has spent the past few years quietly building a reputation for delivering high-performance audio products that punch well above their price point. The new NeoBuds Pro 3 continue that trajectory, bringing together spatial audio with head tracking, wide-band adaptive active noise cancellation (ANC), and audiophile-grade Bluetooth codecs in a compact true wireless form factor.

Read more →

AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats

Fake Clawdbot VS Code Extension Deploys ScreenConnect RAT 

A malicious Visual Studio (VS) Code extension posing as an AI-powered assistant was quietly installing remote access malware on developers’ systems.  The fake extension, called ClawdBot Agent, appeared legitimate on the surface but executed malware automatically as soon as VS Code launched. “The layering here is impressive. You’ve got a fake AI assistant dropping legitimate…

Read more →