Geek-Guy.com

Tag: warn

AI, Global Security News, Network Security

BlackFile actively extorting data-theft victims in retail and hospitality sector

Researchers warn that BlackFile, an extortion group likely associated with The Com, continues to impersonate IT support in voice-phishing and social engineering attacks that have impacted organizations in multiple industries, including healthcare, technology, transportation, logistics, wholesale and retail. Attackers have been actively targeting organizations in the retail and hospitality industry since February, according to Unit…

Read more →

AI, Apps, Global Security News, Network Security, Risk Management

Bitwarden CLI password manager trojanized in supply chain attack

Researchers warn of a new software supply chain attack that resulted in a malicious version of Bitwarden CLI, the terminal version of the extremely popular open-source password manager. The attack is believed to be related to the string of recent supply chain compromises attributed to a group called TeamPCP. “The attack appears to have leveraged…

Read more →

AI, Endpoint, Exploits, Global Security News, Network Security

Old Docker authorization bypass pops up despite previous patch

Researchers warn about a new vulnerability that allows attackers to bypass authorization plug-ins in Docker Engine and gain root-level access to host systems. The flaw has the same root cause as another authorization bypass vulnerability patched in 2024, but the underlying problem has been known since 2016. Tracked as CVE-2026-34040, the new vulnerability is rated…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers are targeting internet-exposed Rockwell/Allen-Bradley PLCs used in critical infrastructure. The agencies published a joint advisory involving multiple federal organizations. “Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity…

Read more →

AI, Global Security News, Risk Management

Phantom Labs Analysis of BeyondTrust’s Identity Security Insights Data Finds Enterprise AI Agents Growing 466.7% Year Over Year

GUEST RESEARCH:   BeyondTrust researchers warn of a rapidly expanding “shadow AI workforce” creating new identity security risks, based on data uncovered through Identity Security Insights® Some organisations operate well over 1,000 AI agents, many of which security teams were not aware existed within their environments

Read more →

Global Security News, malware

Messenger can warn you about sketchy links without knowing what you clicked

Meta’s Advanced browsing protection (ABP) helps Messenger identify and warn users about potentially harmful websites they open from a chat. Malicious sites can try to steal passwords, collect personal information, or install malware. Advanced browsing protection (Source: Meta) “In its standard setting, Safe Browsing uses on-device models to analyze malicious links shared in chats. But…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Government & Policy, malware, Risk Management

Phishing campaign exploits OAuth redirection to bypass defenses

Microsoft researchers warn that threat actors abuse OAuth redirects to target government users and deliver malware. Microsoft has warned of phishing campaigns targeting government and public-sector organizations by abusing OAuth URL redirection. Instead of stealing credentials or exploiting software flaws, attackers leverage OAuth’s legitimate by-design behavior to bypass email and browser defenses. The tactic redirects…

Read more →

AI, Exploits, Global Security News, Network Security

Critical BeyondTrust RS vulnerability exploited in active attacks

Researchers warn that a critical vulnerability patched this week in BeyondTrust Remote Support is being exploited in the wild to compromise self-hosted deployments, including Bomgar remote support appliances, which included affected versions of the impacted software. Bomgar, a provider of privileged identity and access management products, acquired BeyondTrust in 2018, adopting the latter’s brand name.…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

OpenClaw, the viral open-source AI agent that security firms warn is “insecure by default,” has integrated VirusTotal’s malware scanning into its ClawHub skills marketplace following weeks in which security researchers documented malicious extensions and widespread unauthorized deployments in enterprises. The integration automatically scans all published skills before making them available for download, according to the…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

OpenClaw, the viral open-source AI agent that security firms warn is “insecure by default,” has integrated VirusTotal’s malware scanning into its ClawHub skills marketplace following weeks in which security researchers documented malicious extensions and widespread unauthorized deployments in enterprises. The integration automatically scans all published skills before making them available for download, according to the…

Read more →