Geek-Guy.com

Tag: uses

AI, Cybersecurity, Global Security News

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers. According to a new report published by Infoblox, the operation is…

Read more →

AI, Global Security News, malware, Network Security

Trigona ransomware adopts custom tool to steal data and evade detection

Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomware attacks used a custom-built data exfiltration tool instead of common utilities like Rclone or MegaSync. This shift, seen in March 2026 incidents, gives attackers more control and…

Read more →

AI, Exploits, Global Security News

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access. Zscaler ThreatLabz, which discovered the campaign last month, has attributed it with high confidence to…

Read more →

AI, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management

The US NSA is using Anthropic’s Claude Mythos despite supply chain risk

Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by the U.S. National Security Agency is a reminder that the line between AI as a defensive tool and AI as a security risk is getting harder…

Read more →

AI, Global Security News, malware, Russia

GlassWorm evolves with Zig dropper to infect multiple developer tools

The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicious npm packages to large-scale supply chain attacks across GitHub, npm, and VS Code, even deploying RATs via fake browser extensions. In its latest iteration, threat…

Read more →

AI, Data Breaches, Exploits, Global Security News

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flips in GPU memory (GDDR6) to go beyond data corruption. Attackers can use this technique to escalate privileges and, in some cases, gain full control of the system.…

Read more →

AI, Apps, Global Security News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. “The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocurrency trackers, and e-commerce applications, with eleven confirmed delivery domains impersonating

Read more →

AI, Cybersecurity, Global Security News, malware

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls. “Instead of the usual HTTP requests or image beacons, this malware uses WebRTC data channels to load its payload and exfiltrate stolen payment data,” Sansec said in a report…

Read more →

AI, Exploits, Global Security News

Akamai Brand Guardian detects and removes AI-driven brand impersonation

Akamai has introduced Akamai Brand Guardian, an evolution of Brand Protector that uses AI to identify and manage brand impersonation at scale. Scammers are exploiting the widespread availability of generative AI to deploy sophisticated fake websites and digital identities in seconds, making it nearly impossible for businesses to keep pace using manual discovery methods. For…

Read more →

AI, Global Security News, Risk Management

Darktrace Introduces Darktrace / Adaptive Human Defence, a New Generation of Personalised, Real-Time Security Training and Protection

The first solution that uses an understanding of each individual’s behavior to integrate email security controls with personalised security awareness training; training is personalised based on your inbox activity, and its outcomes used to further strengthen the email security controls in place Unique adaptive coaching tailors the difficulty and content of phishing simulations to each…

Read more →

AI, Europe, Global Security News, Government & Policy, Risk Management, Russia

Russia establishes Vienna as key western spy hub targeting NATO

Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transformed Vienna into its largest Western spy hub, steadily expanding surveillance over the past two years. Using diplomatic compounds and rooftop satellite clusters, Russia monitors sensitive communications across…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

Washington is right: Cybercrime is organized crime. Now we need to shut down the business model

The recently released executive order targeting cybercrime, fraud, and predatory schemes uses language the federal government has often avoided. Now, for the first time, the Trump administration is echoing what the cybersecurity industry has been shouting for years: cyber-enabled fraud is a product of transnational organized crime. That distinction matters because organized crime requires an…

Read more →

AI, Cybersecurity, Global Security News, malware

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOID#GEIST by Securonix Threat Research. At a high level, the obfuscated batch script is…

Read more →

AI, Compliance, Cybersecurity, Global Security News

Codenotary Trust delivers autonomous AI security for Linux and Kubernetes

Codenotary has announced Codenotary Trust, a unified SaaS platform that uses AI to instantly detect, prioritize, and autonomously fix security, configuration, and performance issues, while also providing rollback capabilities. Importantly, the product is designed with the talent shortage in mind so that expert-level security management is made accessible to junior and mid-level administrators. Codenotary helps…

Read more →

AI, Global Security News

BlacksmithAI: Open-source AI-powered penetration testing framework

BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. A multi-agent structure for offensive workflows BlacksmithAI runs as a hierarchical system in which an orchestrator coordinates task execution across specialized agents. Each agent maps to a common penetration testing function. The recon agent…

Read more →

AI, Apps, Endpoint, Global Security News, malware, Network Security

Aeternum botnet hides commands in Polygon smart contracts

Aeternum botnet uses Polygon blockchain smart contracts for C&C, making its infrastructure harder to detect and disrupt. Qrator Labs researchers uncovered Aeternum, a botnet that runs its command-and-control infrastructure through smart contracts on the Polygon blockchain. By decentralizing its C2, the malware avoids traditional server-based takedowns and becomes far harder to disrupt or shut down,…

Read more →

AI, Cybersecurity, Global Security News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. “Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated, multi-stage infection prioritizing maximum cryptocurrency mining hashrate, often destabilizing the victim

Read more →

AI, APAC, Exploits, Global Security News, malware, Network Security

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports. Cisco Talos spotted a previously unknown threat actor, tracked as UAT-9921, using a new modular attack framework called VoidLink. The group targets organizations in the technology and financial services sectors. The flexible design of VoidLink suggests…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, Exploits, Global Security News, malware, Security

Reynolds ransomware uses BYOVD to disable security before encryption

Researchers discovered Reynolds ransomware, which uses BYOVD technique to disable security tools and evade detection before encryption. Researchers found a new ransomware, named Reynolds, that implements the Bring Your Own Vulnerable Driver (BYOVD) technique to disable security tools and evade detection before encrypting systems. Broadcom’s cybersecurity researchers initially attributed the attack to Black Basta due…

Read more →