Geek-Guy.com

Tag: version

AI, china, Endpoint, Exploits, Global Security News, Network Security

Critical vulnerability in Cisco Secure Workload rated at maximum severity

A critical vulnerability in the on-premises version of the Cisco Secure Workload security platform could allow a threat actor to obtain the privileges of a site admin, enabling them to compromise endpoints and read or modify configuration data. “CSOs need to drop what they are doing and patch this immediately,” warned consultant Robert Enderle, who…

Read more →

AI, APAC, Exploits, Global Security News, malware, Network Security, Risk Management

Why some security fixes never reach your vulnerability dashboard

On April 22, for roughly 90 minutes, a malicious version of Bitwarden CLI appeared on npm. Version 2026.4.0 contained a credential-stealing payload that executed an obfuscated loader and harvested AWS, Azure, GCP, GitHub, and npm tokens from any developer machine that ran npm install. The attackers reached Bitwarden’s npm publishing path through a compromised GitHub…

Read more →

AI, Cybersecurity, Global Security News

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2…

Read more →

Cybersecurity, Global Security News, Network Security

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria. “TrickMo relies on a runtime-loaded APK  (dex.module),

Read more →

AI, Cybersecurity, Global Security News

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. “If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously,” the cybersecurity company said in a statement over the…

Read more →

AI, Europe, Global Security News, Network Security

Police take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenue

German authorities shut down a relaunched version of the criminal marketplace Crimenetwork and arrested its suspected operator. The domain seizure notice (Source: BKA) A special unit of the Spanish National Police arrested the suspected 35-year-old German operator at his residence in Mallorca under a European Arrest Warrant. The suspect is accused of operating criminal trading…

Read more →

AI, Global Security News, Risk Management

The questionnaire-based TPRM model is broken, and TrustCloud has a fix

TrustCloud announced a new version of TrustLens, its third party risk management (TPRM) solution. The new TrustLens agentic AI capabilities focus on delivering four requirements every CISO wants in their TPRM program: speed, accuracy, coverage, and proactive risk mitigation. In the latest TrustLens deployments, a Global 2000 life sciences customer leveraged the TPRM AI agent…

Read more →

AI, Data Breaches, Global Security News, malware, Risk Management

Checkmarx supply chain attack impacts Bitwarden npm distribution path

Bitwarden CLI was hit by the Checkmarx supply chain attack. Version 2026.4.0 shipped malicious code in bw1.js via a compromised GitHub Action. Bitwarden CLI has been compromised as part of the ongoing Checkmarx supply chain campaign, researchers warn. The affected version, @bitwarden/cli 2026.4.0, contained malicious code hidden in the bw1.js file. The breach likely stemmed…

Read more →

AI, Exploits, Global Security News

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access. Zscaler ThreatLabz, which discovered the campaign last month, has attributed it with high confidence to…

Read more →

AI, Global Security News, malware, Network Security

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. “The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2) channel, allowing it to bypass traditional perimeter network defenses,” the…

Read more →

AI, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Risk Management

White House moves to give federal agencies access to Anthropic’s Claude Mythos

The US government is preparing to authorize a version of Anthropic’s Claude Mythos model for use by major US federal agencies, amid concerns that the AI model could rapidly spot cybersecurity vulnerabilities and offer the ability to exploit them. Federal Chief Information Officer Gregory Barbaccia at the White House Office of Management and Budget (OMB)…

Read more →

AI, Cybersecurity, Global Security News

Anthropic’s Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities. The model will be used by a small set of organizations, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike,&

Read more →

Apps, Global Security News

Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as CVE-2026-34078. File system exposure Two additional fixes address file system exposure on the host. CVE-2026-34079 prevents…

Read more →

Cybersecurity, Global Security News, malware

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while

Read more →

Endpoint, Global Security News

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step

The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a migration step before upgrade. A new scan protocol The release introduces a /checkv3 endpoint that replaces HTTP headers with structured…

Read more →

AI, Exploits, Global Security News, Network Security

Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)

Apple released the next version of its operating system, patching 85 different vulnerabilities across all of them. None of the vulnerabilities are currently being exploited. The last three macOS “generations” are covered, as are the last two versions of iOS/iPadOS. For tvOS, watchOS, and visionOS, only the current version received patches. This update also includes the…

Read more →

Global Security News, Network Security

Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18

Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, eight tools added to the network repositories, a kernel bump to 6.18, and several Kali NetHunter changes. 2026 theme refresh Each year’s first Kali release brings a visual overhaul, and…

Read more →

AI, Global Security News

Stellar Cyber 6.4.0 reduces alert noise and speeds investigations with Autonomous SOC capabilities

Stellar Cyber has announced he general availability of version 6.4.0 of its platform. With this release, Stellar Cyber delivers new Autonomous SOC capabilities designed to reduce alert noise, accelerate investigations, and transform the day-to-day experience of security analysts. Ushering in the human-augmented Autonomous SOC Security teams are overwhelmed by escalating alert volumes and increasingly complex…

Read more →

AI, Global Security News, Network Security, privacy

Microsoft Edge 146 adds IP privacy and local network access controls

Microsoft Edge version 146 (Stable) became available on March 13, 2026, bringing updates to tracking protection, IP privacy, and enterprise network security policies. One change affects tracking prevention in InPrivate browsing. InPrivate windows use the same tracking prevention level configured for standard browsing sessions. The separate option that previously allowed a different tracking setting for…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management, Russia

CleanMyMac Imposter Site Installs SHub Stealer on Macs

A fake version of the popular Mac utility CleanMyMac is being used to trick users into installing data-stealing malware. The campaign uses a fraudulent website that instructs visitors to manually run a command in Terminal, which secretly installs a macOS infostealer known as SHub Stealer.  This malware steals “… sensitive data including saved passwords, browser…

Read more →

AI, Global Security News

OpenAI Updates ChatGPT with GPT-5.3 Instant Model

OpenAI has released GPT-5.3 Instant, a new version of the model that powers much of the day-to-day ChatGPT experience. The focus this time is something more practical than just reasoning benchmarks; it’s focused on improving reliability, response speed, and conversational quality. OpenAI promises a 26 percent reduction in hallucinations According to OpenAI, GPT-5.3 Instant reduces…

Read more →

AI, Apps, Global Security News, Risk Management

Protectt.ai enhances AppProtectt with advanced RASP and AI-driven mobile threat protection

Protectt.ai has launched the latest version of AppProtectt, its mobile application security solution featuring advanced Runtime Application Self-Protection (RASP) and AI-led behavioral monitoring. Protectt.ai works with leading banking, financial services, insurance, and digital-first enterprises to secure high-risk mobile applications against fraud, tampering, and emerging cyber threats. The latest release introduces enhanced runtime protection capabilities and…

Read more →

AI, Global Security News

Virtana expands MCP Server to bring full-stack enterprise context to AI agents

Virtana announced the latest version of its Model Context Protocol (MCP) Server, bringing full-stack enterprise visibility directly to AI agents and LLMs so machines can understand enterprise operations as complete systems rather than isolated signals. Opening the Virtana platform to a broad ecosystem of AI agents, automation systems, and large language models (LLMs), such as…

Read more →

AI, Global Security News, malware

REMnux v8 brings AI integration to the Linux malware analysis toolkit

REMnux, a specialized Linux distribution for malware analysis, has released version 8 with a rebuilt platform based on Ubuntu 24.04 and a new capability aimed at connecting AI agents directly to its toolset. REMnux is designed for analyzing malicious software, phishing artifacts, suspicious documents, and related forensic data. The project includes more than 200 preconfigured…

Read more →

AI, Global Security News

LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi

The Acronis Threat Research Unit (TRU) has identified a new and significantly enhanced version of the LockBit ransomware, LockBit 5.0, currently being deployed in active campaigns. The latest variant demonstrates expanded cross-platform capabilities, enabling attackers to target Windows, Linux, and VMware ESXi systems within a single coordinated attack. According to analysis, LockBit 5.0 introduces dedicated…

Read more →

Compliance, Data Breaches, Global Security News, Risk Management

Passwork 7.4 enhances enterprise security with centralized User vault restrictions

Passwork has released version 7.4, introducing restrictive settings for User vaults along with enhancements to improve security and user experience. The update enables administrators to enforce stricter controls over password sharing and distribution, reducing data breach risks and supporting compliance with strong security policies. Key features of Passwork 7.4 Restrictive settings for User Vaults: Administrators…

Read more →

AI, Global Security News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload. Specifically, the attack relies on using the “nslookup” (short for nameserver lookup) command to execute a custom…

Read more →

AI, GitHub, Global Security News, News, open source, OpenVPN, Software

OpenVPN releases version 2.7.0 with expanded protocol and platform updates

OpenVPN version 2.7.0 is now available. The update advances support for multi-address server configurations and updates client functionality across operating systems. The release includes enhancements in data channel handling and support for evolving kernel and cryptographic components. Server enhancements Version 2.7.0 adds multi-socket support for server instances. This allows servers to manage multiple addresses, ports,…

Read more →

AI, Global Security News, malware, Malwarebytes, News, Proxy, YouTube

Trojanized 7-Zip downloads turn home computers into proxy nodes

A trojanized version of the popular 7-Zip software is quietly turning home computers into residential proxy nodes, Malwarebytes warns. Spurred by a Reddit post in which a user complained about getting infected with malware after downloading 7-Zip from 7zip[.]com instead of the legitimate 7-zip.org, Malwarebytes researchers looked into the matter and found that the malicious…

Read more →

AI, Global Security News, LLMs, Chatbots, and Agents, Network Security

NetBrain R12.3 Brings Agentic AI to Network Operations

NetBrain Technologies has released version 12.3 of its network operations platform, adding agentic AI capabilities designed to autonomously investigate network issues, recommend fixes, and guide engineers through remediation across hybrid and cloud environments. NetBrain Technologies touts manual workload reduction and time savings for engineers The Burlington, Mass.-based vendor positions the release as a step toward…

Read more →

AI, Global Security News

VIDEO: Think Small to Win Big – How Helikai Is Proving That Micro AI Agents Beat the Billion-Dollar Brute-Force Approach

Every CEO in the Fortune 500 has issued some version of the same mandate: We need an AI strategy. Most of them have also experienced the same humbling result – twelve months of well-funded engineering effort that produced little more than a glossy slide deck and a bruised budget. So, how does going micro produce macro results?…

Read more →

AI, Apps, Automation, AWS Security Hub, Cloud Security, Compliance, Cybersecurity, Global Security News, Intermediate (200), Risk Management, Security, Identity, & Compliance, Technical How-to

Streamline security response at scale with AWS Security Hub automation

A new version of AWS Security Hub, is now generally available, introducing new ways for organizations to manage and respond to security findings. The enhanced Security Hub helps you improve your organization’s security posture and simplify cloud security operations by centralizing security management across your Amazon Web Services (AWS) environment. The new Security Hub transforms…

Read more →

AI, Apps, Automation, AWS Security Hub, Cloud Security, Compliance, Cybersecurity, Global Security News, Intermediate (200), Risk Management, Security, Identity, & Compliance, Technical How-to

Streamline security response at scale with AWS Security Hub automation

A new version of AWS Security Hub, is now generally available, introducing new ways for organizations to manage and respond to security findings. The enhanced Security Hub helps you improve your organization’s security posture and simplify cloud security operations by centralizing security management across your Amazon Web Services (AWS) environment. The new Security Hub transforms…

Read more →

AI, Apps, Automation, AWS Security Hub, Cloud Security, Compliance, Cybersecurity, Global Security News, Intermediate (200), Risk Management, Security, Identity, & Compliance, Technical How-to

Streamline security response at scale with AWS Security Hub automation

A new version of AWS Security Hub, is now generally available, introducing new ways for organizations to manage and respond to security findings. The enhanced Security Hub helps you improve your organization’s security posture and simplify cloud security operations by centralizing security management across your Amazon Web Services (AWS) environment. The new Security Hub transforms…

Read more →

AI, Apps, Automation, AWS Security Hub, Cloud Security, Compliance, Cybersecurity, Global Security News, Intermediate (200), Risk Management, Security, Identity, & Compliance, Technical How-to

Streamline security response at scale with AWS Security Hub automation

A new version of AWS Security Hub, is now generally available, introducing new ways for organizations to manage and respond to security findings. The enhanced Security Hub helps you improve your organization’s security posture and simplify cloud security operations by centralizing security management across your Amazon Web Services (AWS) environment. The new Security Hub transforms…

Read more →

AI, Apps, AWS Security Hub, Cloud Security, Compliance, Cybersecurity, Global Security News, Intermediate (200), Security, Identity, & Compliance, Technical How-to

Security Hub CSPM automation rule migration to Security Hub

A new version of AWS Security Hub is now generally available with new capabilities to aggregate, correlate, and contextualize your security alerts across Amazon Web Services (AWS) accounts. The prior version is now known as AWS Security Hub CSPM and will continue to be available as a unique service focused on cloud security posture management…

Read more →

AI, Apps, AWS Security Hub, Cloud Security, Compliance, Cybersecurity, Global Security News, Intermediate (200), Security, Identity, & Compliance, Technical How-to

Security Hub CSPM automation rule migration to Security Hub

A new version of AWS Security Hub is now generally available with new capabilities to aggregate, correlate, and contextualize your security alerts across Amazon Web Services (AWS) accounts. The prior version is now known as AWS Security Hub CSPM and will continue to be available as a unique service focused on cloud security posture management…

Read more →