Geek-Guy.com

Tag: tracked

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.

A critical vulnerability, tracked as CVE-2026-45659, in Microsoft SharePoint can allow attackers to achieve remote code execution with little effort. Microsoft released security updates to patch a high-severity SharePoint vulnerability, tracked as CVE-2026-45659 (CVSS score of 8.8), that could allow remote code execution. The flaw does not require complex conditions for exploitation, making it a…

Read more →

AI, china, Europe, Global Security News, Government & Policy

Webworm APT targets European government organizations with new backdoors

ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, the group initially focused on targets in Asia, but has recently expanded its operations into Europe. ESET observed Webworm targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). The vulnerability is an improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

Linux Kernel bug Fragnesia allows local root access attacks

Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed a new Linux kernel privilege escalation vulnerability named Fragnesia, tracked as CVE-2026-46300 (CVSS score of 7.8). The flaw affects the XFRM ESP-in-TCP subsystem and could allow local attackers to gain full root access…

Read more →

AI, Apps, Exploits, Global Security News

NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light

Researchers found a critical 18-year-old buffer overflow flaw in NGINX, tracked as CVE-2026-42945 and named NGINX Rift. If you run NGINX, and statistically speaking, there is a very good chance you do, this week brought news worth stopping for. Security researchers at depthfirst disclosed a critical heap buffer overflow vulnerability in both NGINX Plus and…

Read more →

AI, china, Global Security News, Government & Policy, malware

GopherWhisper: new China-linked APT targets Mongolia with Go-based malware

ESET found a new China-linked APT, tracked as GopherWhisper, targeting Mongolia using Go-based malware, loaders, and backdoors. ESET researchers uncovered a new China-aligned APT group called GopherWhisper, targeting government institutions in Mongolia. The group’s arsenal includes a range of tools mainly written in Go, such as loaders and injectors, which are used to deploy multiple…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Network Security

Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities

Campaigns employing commercial surveillance vendors tracked targets by exploiting mobile phone network vulnerabilities in what researchers said Thursday was the first-ever linking of “real-world attack traffic to mobile operator signalling infrastructure.” The two unknown parties behind the campaigns mimicked the identities of mobile phone operators with customized surveillance tools, and manipulated signaling protocols and steered…

Read more →

AI, Apps, Exploits, Global Security News, Network Security, Risk Management

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a serious ASP.NET Core vulnerability tracked as CVE-2026-40372 (CVSS score of 9.1). Microsoft fixed the flaw in ASP.NET Core version 10.0.7. An attacker could exploit the flaw to gain SYSTEM-level privileges, access…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Risk Management

Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Risk Management

Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Adobe fixes actively exploited Acrobat Reader flaw CVE-2026-34621

Adobe addressed a critical Acrobat Reader vulnerability, tracked as CVE-2026-34621, which is actively exploited to run malicious code. Adobe released emergency updates to address a critical vulnerability, tracked as CVE-2026-34621 (CVSS score of 8.6), in Adobe Acrobat Reader, which is being actively exploited. The flaw could allow attackers to execute malicious code on affected systems,…

Read more →

AI, Apps, Exploits, Global Security News, Network Security, Risk Management

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScript. Attackers are actively exploiting a critical vulnerability in Flowise, tracked as CVE-2025-59528, that allows remote code execution and file system access. The flaw stems from improper validation…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Google fixes fourth actively exploited Chrome zero-day of 2026

Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chrome updates fixing 21 vulnerabilities, including a new actively exploited zero-day tracked as CVE-2026-5281. The flaw is a use-after-free bug in Dawn, the WebGPU component used for graphics processing. Due to ongoing…

Read more →

AI, Global Security News, malware

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released security updates to address a critical vulnerability, tracked as CVE-2026-21992 (CVSS score of 9.8), affecting Identity Manager and Web Services Manager. The flaw lets unauthenticated attackers over HTTP take control of Oracle Identity Manager and Web…

Read more →

AI, Apps, Global Security News, privacy, Risk Management

French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure

A French aircraft carrier was tracked in real time via a sailor’s Strava activity, exposing a persistent operational security flaw. Le Monde revealed that France’s aircraft carrier Charles de Gaulle was tracked in real time through an officer’s activity on the Strava app. A sailor unknowingly shared running data from the ship, exposing its location…

Read more →

AI, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Russia

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS vulnerability, tracked as CVE-2025-66376 (CVSS score of 7.2), in Zimbra Collaboration. Attackers exploited insufficiently sanitized HTML emails to run scripts when opened, targeting users in Ukraine.…

Read more →

AI, china, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management, Russia

Zero-day exploits hit enterprises faster and harder

Google tracked 90 vulnerabilities exploited as zero-days last year, with Chinese cyberespionage groups doubling their count from 2024 and commercial surveillance vendors overtaking state-sponsored hackers for the first time. Nearly half of the recorded zero-days targeted enterprise technologies such as security appliances, VPNs, networking devices, and enterprise software platforms. “Increased exploitation of security and networking…

Read more →

AI, Europe, Exploits, Global Security News, Russia

APT28 Targeted European Entities Using Webhook-Based Macro Malware

The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo’s LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed Operation MacroMaze. “The campaign relies on basic tooling and the exploitation…

Read more →

AI, Endpoint Protection, MacOS Security, Malware, Security, Global Security News, malware, Network Security, Venture

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

A financially motivated threat actor tracked as UNC1609 is using a ClickFix-style social engineering campaign to deploy multiple macOS malware families against crypto-focused organizations. According to new research from Google Cloud’s Mandiant, the activity recently targeted an employee at a company operating in the cryptocurrency and decentralized finance (DeFi) sector. The researchers said that the…

Read more →

AI, APT, china, Cyber warfare, Exploits, Global Security News, Government & Policy, hacking, intelligence, malware

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Dragon, carried out cyber-espionage campaigns in 2025 targeting government and law enforcement agencies across Southeast Asia. The activity is linked to the APT41 ecosystem and affected countries including Thailand, Indonesia, Singapore, and…

Read more →