Geek-Guy.com

New Trustifi CEO: Channel Partners Are Our Number One Priority

Trustifi, an AI-driven, next-generation email cybersecurity solutions provider, has appointed Jeff Spirdgeon as its new CEO, a channel and technology industry veteran. Prior to joining Trustifi, Spridgeon was with Aware, an AI-powered collaboration security platform that protects unstructured data in workplace communications tools. Aware was acquired by Mimecast in 2024. In an interview with Channel…

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution on the host. A brief description of the high-severity vulnerabilities is as follows – GHSA-hjr6-g723-hmfm (CVSS score: 8.8) – An operating system

This new Windows malware can take over your PC and wipe it clean

Microsoft published new research on GigaWiper, a modular Golang backdoor for Windows that combines robust remote access with multiple ways to permanently destroy systems and data. GigaWiper is a Windows backdoor that Microsoft has observed in intrusions since October 2025. Rather than being a single-purpose wiper, it’s an operational platform that blends command‑and‑control (C2), data…

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON. Chinese cybersecurity company QiAnXin said that while the threat cluster may appear like a low-sophistication, high-activity operation that propagates malware via counterfeit installers using SEO poisoning techniques, it belies their true organizational

Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018

Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide between January 2018 and July 2026, tracking incidents only when verified through victim disclosures, regulatory filings, official statements, or credible press reporting. Leak-site listings alone don’t qualify, operators…

Incode brings on-device processing to age estimation for privacy-focused verification

Incode has launched On-Device Age Estimation, an age verification capability that performs age estimation and liveness detection directly on the user’s device, without transmitting facial data off the device. The company’s age estimation models are now available to run entirely on-device. The solution combines on-device age estimation with deepfake and spoofing detection. More than 30…

From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale

Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report, only 45% of organizations consolidate their asset and exposure data into a single view, and every downstream security program inherits whatever the inventory gets wrong.…

222 GitHub Repositories Linked to Fake Go Package Malware Operation

Researchers uncovered 222 GitHub repositories spreading malware through fake Go packages, delivering loaders, stealers, RATs, and cryptominers. Socket’s security research team started with the investigation of a single malicious Go module: github[.]com/kaleidora/dnsub-scanning-tool, which presented itself as a DNS and subdomain scanning utility. Pulling on that thread exposed something significantly larger: a network of 222 confirmed…

Mission Cloud Sees AI Projects Shift from POCs to Production

Mission Cloud, a CDW company, is seeing enterprise AI conversations shift from experimental proof-of-concept work to production-ready deployments tied to business outcomes, according to President Ted Stuart. Stuart said Mission Cloud, now operating as CDW’s dedicated AWS practice for private-sector customers, has completed more than 400 AI projects and is increasingly working with customers who…

The ultimate guide to Android contacts management

You’d think keeping tabs on your contacts would be about the simplest and most straightforward task imaginable in our modern connected world — wouldn’t you? I sure would. But as I’ve learned over the years, that perfectly understandable instinct couldn’t be more inaccurate. Effectively wrangling your contacts on Android and keeping ’em manageable, organized, and…

Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang

A former ransomware negotiator was sentenced to nearly six years for secretly helping BlackCat extort victims while betraying his clients. A U.S. court sentenced former ransomware negotiator Angelo Martino, 41, to 70 months in prison for conspiring with the BlackCat ransomware gang. While negotiating on behalf of five victims, he secretly shared confidential information about…

The business case for burning down security debt: A practical approach for CISOs

Security leaders have made strong progress in visibility. Most organizations can now identify vulnerabilities across their applications, dependencies and development pipelines with far more consistency than in the past. Yet a fundamental imbalance remains: Vulnerabilities are being discovered faster than they can be remediated. That imbalance is growing. Today, 82% of organizations carry security debt,…

Microsoft uncovers GigaWiper, a backdoor designed for destruction on demand

Microsoft is warning defenders about a new backdoor that blurs the line between espionage malware and wipers. In a technical analysis published on Thursday, Microsoft Threat Intelligence detailed GigaWiper, a Golang-based implant first observed in October 2025 intrusions that combines remote administration capabilities with multiple disk-wiping and ransomware routines. Rather than building a new destructive…

Cyber Insurance in 2026: What MSPs Need to Know

Cyber insurance is becoming a core risk management tool for MSPs in 2026 as ransomware, data breaches, AI-enabled attacks, and client liability risks grow more complex.  For managed service providers overseeing multiple customer environments, the right policy can help cover incident response, business interruption, legal costs, and certain third-party claims following a cyber event. This…

GigaWiper Merges Three Malware Families Into One Destructive Backdoor

Microsoft uncovered GigaWiper, a modular Go backdoor combining three malware families with espionage, remote control, and destructive wiping features. In October 2025, Microsoft’s threat intelligence team identified destructive wiping activity inside compromised environments and traced it to a previously unknown piece of malware they’re now calling GigaWiper. The malicious code is written in Go, it…

Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks

A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware operators to extort multiple victims and working with two other cybersecurity professionals to target additional victims in 2023. In a sentencing memorandum, federal prosecutors described…

Microsoft is rewriting Windows patch guidance because of AI

Microsoft is recommending that organizations shorten Windows update deployment timelines, warning that advances in AI are reducing the time attackers need to identify and exploit vulnerabilities after security updates are released. The company says organizations should reassess how quickly they roll out monthly security updates, particularly on devices where shorter deployment windows can be implemented…

AWS gives its ERP agent deny-by-default rules and a separate identity

Accounts receivable teams at large companies spend hours each day matching incoming bank payments to invoices by hand. When those payments sit unmatched for days, cash flow suffers and days sales outstanding climbs. The same pattern repeats across blocked invoices, purchase order approval holds, month-end close, and intercompany reconciliations in almost every industry. Built-in ERP…

Only 28% of financial workforce MFA is phishing-resistant

Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to a new Secret Double Octopus report. Key challenges preventing universal implementation of phishing-resistant MFA (Source: Secret Double Octopus) Workforce authentication trends Banks and financial organizations use a mix of authentication methods, combining phishing-resistant…

New infosec products of the week: July 10, 2026

Here’s a look at the most interesting products from the past week, featuring releases from Attestiv, Automox, Codenotary, and First Recon AI. Codenotary launches AI security platform that learns from AI agent behavior Codenotary has announced AgentMon 3, the latest generation of its enterprise AI security platform, introducing adaptive runtime security policies. These continuously evolve…

Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail

A former ransomware negotiator for DigitalMint was sentenced to 70 months in jail for deceiving his employer’s clients and conspiring with ransomware affiliates to extort a combined $75.3 million from five U.S. companies he was entrusted to aid during their moments of extreme crisis, the Justice Department said Thursday.  Angelo John Martino III shared confidential…

Introducing OAuth Support for AWS MCP Server

AWS MCP Server using the same credentials and sign-in methods that you already use for connecting to the AWS Management Console or AWS Command Line Interface (AWS CLI) through a familiar browser-based experience powered by industry-standard OAuth. This new sign-in path supports AWS Identity and Access Management (IAM) federation, AWS IAM Identity Center, and root…