Geek-Guy.com

Tag: social

AI, Global Security News, Network Security, Risk Management

Cops Are Spying on People Who Criticize AI Data Centers Online

Americans speaking out against artificial intelligence data centers on social media are falling under police surveillance, a confidential law enforcement bulletin obtained by The Intercept reveals. A fusion center in Philadelphia combed through spicy internet comments from AI critics and concluded there is a growing risk of physical violence against data centers from “domestic violent…

Read more →

AI, Global Security News, Risk Management

The new economics of fraud: Cheaper, faster, more convincing

Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, according to Visa’s Spring 2026 Biannual Threats Report. Criminals redirect efforts toward trust and third parties Fraud involves behavioral manipulation, fragmented ecosystems, and faster attack cycles that use AI to pressure people into authorizing payments themselves.…

Read more →

AI, Cloud Security, Global Security News, Network Security, privacy, Risk Management

AI coding is fueling a secrets-sprawl crisis few CISOs are containing

When Matt Schlicht built Moltbook, the social network where AI agents talk to one another, he didn’t write the code himself. He “just had a vision,” and vibe-coded it. The social network launched on Jan. 28, 2026, and within days, security researchers started to see serious security flaws. ​Experts at cloud security company Wiz and,…

Read more →

Cybersecurity, Data Breaches, Global Security News

Over 70% of organizations hit by identity breaches

Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security 2026 survey. What do you estimate to be the overall cost to your organization to rectify the identity breach? Base: organization could not stop the security breach. n=510. (Source: Sophos) Identity attack trends…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware

ClickFix finds a backup plan in PySoxy proxy chains

ClickFix, a one-shot social engineering technique that tricks victims into executing malicious workflows disguised as fixes to technical issues in their systems, has got a persistence upgrade. In a one-off instance, ReliaQuest researchers have spotted an intrusion chain using scheduled tasks, PowerShell-based command-and-control (C2), and a unique abuse of the decade-old open-source proxy tool PySoxy.…

Read more →

AI, Exploits, Global Security News, malware

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla and Oracle — fixing near…

Read more →

AI, Data Breaches, Global Security News, malware

DigiCert breached via malicious screensaver file

A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust services, specializing in TLS/SSL certificates, PKI management, and IoT security. According to DigiCert’s incident report, a threat actor contacted the…

Read more →

AI, Global Security News, Risk Management

The most dangerous AI problem isn’t risk, it’s resistance – so SAS VP Reggie Townsend wants to make governance irresistible

SAS VP of AI ethics, governance, and social impact Reggie Townsend took to the stage at SAS Innovate 2026 today, but he didn’t start by speaking about technology. He started with culture. He put to the audience why governance exists, despite that many today see it as friction. That’s a problem he determined himself to…

Read more →

AI, Compliance, Global Security News, Government & Policy, privacy, Risk Management

Meta, Roblox and TikTok claim to UK Parliament that their platforms are are not additive to children and that Australian under 16 ban will fail

The claim from Meta, Roblox and TikTok  that  Australia’s under-16 social media ban is “not really enforceable” has now moved from industry talking point to parliamentary record, following testimony before the UK’s Education Committee in April. But beneath the predictable pushback from Meta, TikTok and Roblox lies a more complex—and more uncomfortable—reality for policymakers on…

Read more →

AI, Global Security News, Network Security

Toxic Combinations: When Cross-App Permissions Stack into Risk

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, privacy, Risk Management

Social media bans might steer kids into riskier corners of the internet

Governments are moving to block children under 16 from social media in the name of safety. But once these measures move from policy to practice, they raise a harder question: what happens when protecting kids requires collecting more data than ever before and may put them at greater risk? Age checks spark debate over privacy…

Read more →

AI, Apps, Global Security News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage

Read more →

AI, Global Security News, privacy

Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’

Sen. Ron Wyden, D-Ore., warned Social Security Administration chief Frank Bisignano that any follow-through on President Donald Trump’s executive order creating a new database of U.S. voters using agency data would be viewed by Democrats as a conscious choice on the part of SSA officials to participate in “blatant voter suppression.” “Facilitating Donald Trump’s directive…

Read more →

AI, Endpoint, Exploits, Global Security News, Risk Management

Hybrid Vishing Campaigns Abuse Online Services to Evade Anti-Spam Filters

Phone-based fraud never went away. It evolved. Vishing, or voice phishing, is a social engineering technique that uses phone calls to extract money or sensitive information from victims. A few years ago, these attacks typically arrived as unsolicited calls from criminals impersonating the IRS, the FBI, or Microsoft support. The approach was simple and high…

Read more →

AI, Global Security News, malware

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. “It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captures passwords and sessions even if the primary loader is blocked,” ReliaQuest researchers…

Read more →

AI, Global Security News

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tricked into manually running malicious commands to address non-existent errors, is a departure from relying on traditional methods for obtaining initial access, such as through stolen…

Read more →

AI, Exploits, Global Security News, malware, Russia

ClickFix techniques evolve in new infostealer campaigns

Cybercriminals are combining compromised websites with increasingly sophisticated ClickFix social engineering lures to deliver new infostealer malware, with one campaign alone weaponizing more than 250 WordPress sites across 12 countries. The campaign leads to stealthy in-memory payloads, while a separate attack detected by Microsoft targets Windows Terminal for payload execution instead of the traditional Run…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

Teams Social Engineering Campaign Drops A0Backdoor Malware

Microsoft Teams impersonation and social engineering tactics are being used in an ongoing campaign to deliver a stealthy malware payload known as A0Backdoor.  Researchers at BlueVoyant report that the operation combines social engineering techniques, malicious installers, and covert command-and-control (C2) communications to gain persistent access within targeted networks. “The malware’s loader exhibits anti-sandbox evasion, and…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management, Venture

There’s only one kind of tool security teams should be building with AI

I am not sure what I’ve been doing on social media over the past year (particularly on LinkedIn), but these days my feed is filled with posts of security people who build some very cool tools. There’s so much excitement that with LLMs, anyone can now be a product developer, which means that security teams…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management

Alabama Sextortion Case Involved Hundreds of Victims

A 22-year-old Alabama man has pleaded guilty to federal charges after hijacking the social media accounts of hundreds of young women and extorting them with stolen intimate images.  Between 2022 and 2025, Jamarcus Mosley used impersonation tactics to seize control of victims’ Snapchat and Instagram accounts, then threatened to publish private photos unless they complied…

Read more →

AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management, Venture

Anthropic won’t kill cyber, but it will kill some companies

Over the past several weeks, social media has been exploding with predictions that “cyber is dead”. It doesn’t take much insight to jump on that bandwagon, as Anthropic’s announcement of Claude Code Security indeed sent the cybersecurity public market into turmoil, with some companies losing as much as 20% of their market cap. Contrary to…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

ClickFix Campaign Uses Fake CAPTCHA Pages to Deliver StealC Malware on Windows

A new social engineering campaign is abusing fake CAPTCHA verification pages to trick Windows users into launching StealC information-stealing malware.  The attack relies on compromised websites that display convincing Cloudflare-style security checks, prompting victims to manually execute malicious PowerShell commands under the guise of routine verification.  “StealC exfiltrates browser credentials, cryptocurrency wallets, Steam accounts, Outlook…

Read more →

AI, Global Security News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload. Specifically, the attack relies on using the “nslookup” (short for nameserver lookup) command to execute a custom…

Read more →

AI, Data Breaches, Global Security News, Risk Management

Fintech firm Figure disclosed data breach after employee phishing attack

Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a data breach after an employee fell victim to a social engineering attack. According to a company spokesperson, the incident allowed hackers to access and steal a…

Read more →