Geek-Guy.com

Tag: RESEARCH

AI, Europe, Exploits, Global Security News, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks   TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io   RemotePE: The Lazarus RAT that lives…

Read more →

AI, APAC, Compliance, Cybersecurity, Global Security News, Government & Policy, Risk Management

AI Growth Exposes Gaps in Governance and Readiness 

Artificial intelligence (AI) adoption continues to grow across industries, but new research from Veeam suggests many organizations are still working through the governance, security, and operational challenges associated with deploying AI at scale. The study, which surveyed 300 technology and business leaders across financial services, healthcare, government, manufacturing, and technology sectors, found that 95% of…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management

AI Software Supply Chain Threats Escalate in 2026 

Artificial intelligence is rapidly transforming software development, but new research from JFrog suggests security teams are struggling to keep pace with the risks that come with it.  The Software Supply Chain Security State of the Union 2026 report found that AI-driven development is accelerating malicious package activity, insecure AI tooling, and software supply chain governance…

Read more →

AI, Global Security News

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The development comes after a researcher named Chaotic Eclipse (aka Nightmare-Eclipse) disclosed details of multiple zero-day

Read more →

AI, Global Security News, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer  New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Active Supply Chain Attack Compromises @antv Packages on npm actions-cool/issues-helper GitHub Action Compromised: All Tags Point to…

Read more →

AI, Apps, Compliance, Global Security News, privacy, Risk Management

TrustedTech: Executives Drive Shadow AI Risk in Enterprises

TrustedTech has released new research indicating that senior leaders are among the biggest sources of shadow AI risk within organizations, with executives using unapproved AI tools at significantly higher rates than lower-level employees. The Irvine, California-based Microsoft cloud solutions and IT modernization provider said its global and U.S. data points to a growing gap between…

Read more →

AI, Global Security News

AI is drowning software maintainers in junk security reports

AI-assisted vulnerability research has exploded, unleashing a firehose of low-quality reports on overworked software maintainers who are wasting hours sifting through noise instead of fixing real problems. Linus Torvalds, the Linux kernel’s creator, says the flood has made the project’s security mailing list “almost entirely unmanageable, with enormous duplication due to different people finding the…

Read more →

AI, Exploits, Global Security News, malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter JDownloader site hacked to replace installers with Python RAT malware     New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps   Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment   Operation…

Read more →

AI, Apps, Compliance, Data Breaches, Global Security News, Network Security, Risk Management

Banks Face a Growing AI Risk at the Database Layer

Financial institutions are rapidly deploying AI, but new research suggests many banks may be securing the wrong layer of the stack.  Liquibase researchers warn that while organizations focus heavily on AI models and APIs, the database layer may be one of the most exposed parts of modern financial infrastructure.  “Governance for agents has to move…

Read more →

AI, Apps, Compliance, Cybersecurity, Europe, Global Security News, Network Security

Enabling AI sovereignty on AWS

Cloud and AI are transforming industries and societies at unprecedented speed, from accelerating research and enhancing customer experiences to optimizing business processes and enriching public services. At Amazon Web Services (AWS), we believe that for the cloud and AI to reach their full potential, customers need control over their data and choices for how and…

Read more →

AI, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

Claude Code MCP Attack Enables Persistent Token Theft

AI coding assistants are becoming deeply integrated with enterprise SaaS platforms, but new research shows those connections may introduce hard-to-detect credential theft risks.   Researchers demonstrated a MitM attack targeting Anthropic’s Claude Code that abuses MCP integrations to steal OAuth tokens and maintain persistent access to connected SaaS platforms and APIs.  “AI agents used for code…

Read more →

AI, Global Security News, Government & Policy

Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America

TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and financial organizations in Latin America, marking these among the first cases we have observed of AI agents executing attacks from initial access to data exfiltration.

Read more →

AI, Global Security News, malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CloudZ RAT potentially steals OTP messages using Pheno plugin   Backdoored PyTorch Lightning package drops credential stealer A rigged game: ScarCruft compromises gaming platform in a supply-chain attack Muddying the Tracks: The State-Sponsored Shadow Behind…

Read more →

AI, Global Security News

Securonix launches AI threat research agent and ThreatWatch validation tool

Securonix announced the Securonix Threat Research Agent and ThreatWatch for ThreatQ, expanding how security teams research threats, validate exposure, and turn intelligence into documented action. Built on the ThreatQ platform and connected to Securonix security operations workflows, the new capabilities help teams generate role-specific intelligence, validate emerging threats against historical telemetry, and deliver explainable findings…

Read more →

AI, Global Security News, malware

Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities

TrendAI™ Research breaks down Quasar Linux (QLNX), a previously undocumented sophisticated Linux RAT with low detection rates. In this blog, we examine a full-featured Linux threat incorporating a rootkit, a PAM backdoor, credential harvesting, and more, revealing how this malware enables stealthy access, persistence, and potential supply-chain attacks.

Read more →

AI, Global Security News, malware, Russia

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 95

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet  73 Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations   An alarm clock you can’t ignore: How CapFix attacks…

Read more →

AI, Global Security News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)

Read more →

AI, china, Europe, Global Security News, Government & Policy, malware, Network Security

Italy moves to extradite Chinese national to the U.S. over hacking charges

Italy plans to extradite Xu Zewei to the U.S. over alleged hacks on COVID-19 research tied to state-backed operations. Italy is moving to extradite Xu Zewei, the Chinese national arrested in 2025 at the request of U.S. authorities on cyber-espionage charges, Bloomberg reported. The case stands out because it ties a single suspect, Xu, to…

Read more →

AI, Global Security News

Silobreaker Mimir adds agentic AI to intelligence workflows with governance and transparency

Silobreaker has announced new agentic AI capabilities that combine faster research and deeper contextual analysis with built-in governance and transparency to ensure trusted intelligence can be safely consumed across the wider enterprise. Silobreaker Mimir is an embedded agentic capability for intelligence operations, working directly within the analyst workflow. It helps teams retrieve evidence, deepen analysis,…

Read more →

AI, Apps, Cybersecurity, Europe, Global Security News, Risk Management

Report: Enterprises Rely on Managed Services to Scale AI

New research has found that an overwhelming majority of executives view managed services as essential for the delivery of agentic AI. Boosting AI with managed services According to the global KPMG Managed Services Outlook Survey 2026, more than 90 percent of executives believe managed services are essential to their agentic AI journeys, and 87 percent…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses

Editor’s note: The research is authored by Mauro Eldritch, offensive security expert and a founder of BCA LTD, a company dedicated to threat intelligence and hunting. You can find Mauro on X.  The recent wave of ClickFix attacks has introduced several new ways to compromise users, establishing itself as a technique that is likely here to stay. We have observed Lazarus Group using…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted attack   Fake Claude site installs malware that gives attackers access to your computer   Malware Analysis Static SKILL for Codex   JanelaRAT: a financial threat targeting users in Latin…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Data Security, Funding, Global Security News, Network Security, privacy, Risk Management, Venture

News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security

SUNNYVALE, Calif., Apr. 15, 2026 – NTT Research, Inc., a division of NTT (TYO:9432), today announced the launch of Scale Academy, a startup incubator responsible for bringing to market products and services based upon technologies studied within the labs of NTT Research and NTT R&D. NTT Research also revealed Scale Academy’s first product, SaltGrain, a zero-trust data security suite…

Read more →

AI, Global Security News, Risk Management

Australian Organisations Risk Overloading Frontline Operations as AI Meets Fragile Mobility Foundations, SOTI Research Warns

GUEST RESEARCH:  As Australian organisations accelerate the adoption of AI-enabled and mobile-driven workflows, research from SOTI, suggests many frontline environments may not yet be resilient enough to support the next wave of automation without added operational risk. This comes as Australia’s labour productivity growth remains under sustained pressure, increasing reliance on technology to deliver efficiency gains…

Read more →

AI, APAC, Global Security News

Australia’s architecture, engineering, and construction industry leads world on digital transformation yet faces new data control and AI governance challenges

GUEST RESEARCH: Australia’s architecture, engineering, and construction (AEC) sector is emerging as one of the most digitally advanced markets globally. New research from Revizto, the leading global integrated collaboration platform for AEC, reveals Australia is now confronting a new generation of challenges around data governance, artificial intelligence (AI), regulation, and the capacity to implement new technologies at scale.

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2   Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group)   Hackers Are Attempting to Turn ComfyUI Servers Into a…

Read more →

AI, Global Security News

Genpact, Parallel Partner on Agentic AI Research Tools

Genpact has partnered with Parallel Web Systems to bring agentic AI-powered web research into enterprise workflows, aiming to accelerate decision-making and automation across insurance and sales operations. The collaboration integrates Parallel’s AI-native web research APIs into Genpact’s enterprise architecture, enabling agents to retrieve real-time data, automate analysis, and deliver verifiable insights for business users. Genpact…

Read more →

AI, APAC, Apps, Global Security News, Network Security, Risk Management

LLM-generated passwords are indefensible. Your codebase may already prove it

Two independent research programs, one from AI security firm Irregular, one from Kaspersky, have now converged on the same conclusion: Every frontier LLM generates structurally predictable passwords that standard entropy meters catastrophically overrate. AI coding agents are autonomously embedding those credentials in production infrastructure, and conventional secret scanners have no mechanism to detect them. As…

Read more →

AI, APAC, Apps, Global Security News, Network Security, Risk Management

LLM-generated passwords are indefensible. Your codebase may already prove it

Two independent research programs, one from AI security firm Irregular, one from Kaspersky, have now converged on the same conclusion: Every frontier LLM generates structurally predictable passwords that standard entropy meters catastrophically overrate. AI coding agents are autonomously embedding those credentials in production infrastructure, and conventional secret scanners have no mechanism to detect them. As…

Read more →

AI, Data Breaches, Exploits, Global Security News

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take full control of a host. The efforts have been codenamed GPUBreach, GDDRHammer, and GeForge. GPUBreach goes a step further than GPUHammer, demonstrating for the first time that

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka   Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government RoadK1ll: A WebSocket Based Pivoting Implant    axios Compromised: npm Supply Chain Attack via Dependency Injection  …

Read more →

AI, Global Security News, Government & Policy, Network Security, Risk Management

Crypto industry may be running out of time to prepare for quantum attacks

Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing. In a whitepaper, Google examines risks to elliptic curve cryptography, the system securing most blockchain networks. The researchers revisit earlier assumptions about how difficult it would be for a quantum computer to break these protections, concluding that…

Read more →

AI, Cybersecurity, Global Security News, malware

Cybersecurity jobs available right now: March 31, 2026

Android Malware Research Director Alice | Israel | On-site – View job details As an Android Malware Research Director, you will establish operational processes, workflows, and quality standards for the team, while integrating the function into existing infrastructure. You will act as the primary client interface, managing relationships, presenting research findings, and ensuring client satisfaction.…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra DocGuard Software   Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets   Trivy Supply Chain Attack Expands to Compromised Docker Images   VoidStealer: Debugging Chrome to Steal…

Read more →

AI, Apps, Global Security News, Risk Management

Keepit: Outages Fail to Drive Recovery Testing Gains

High-profile global outages aren’t changing how organizations prepare for disruption, according to new research from Keepit. The company’s 2026 Annual Data Report finds that even widely publicized cloud and security incidents have not led to increased recovery testing, exposing a persistent gap between risk awareness and operational readiness, especially among SMBs. Major outages fail to…

Read more →

AI, china, Exploits, Global Security News, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware – malware analysis   DRILLAPP: new backdoor targeting Ukrainian entities with possible links to Laundry Bear When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation AI Coding Tools Under Fire:…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

AI Email Summaries Create a New Phishing Attack Surface

Artificial intelligence (AI) assistants are rapidly becoming a core part of workplace productivity, but new research suggests they may also introduce a previously overlooked phishing vector.  Permiso researchers found that attacker-controlled text embedded in emails can manipulate Microsoft Copilot summaries through cross prompt injection attacks (XPIA), potentially inserting deceptive security alerts or malicious prompts into…

Read more →

AI, Data Breaches, Global Security News

Hackers tried to breach Poland’s nuclear research centre

Poland’s National Centre for Nuclear Research (NCBJ) thwarted a cyberattack targeting its IT infrastructure. The attempted intrusion was detected and blocked before attackers could compromise systems or disrupt operations. “No production, operational, or research processes were disrupted, and the MARIA reactor is operating safely and smoothly, at full power,” said Prof. Jakub Kupecki, Director of…

Read more →