Geek-Guy.com

Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack. The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was observed using an “unprecedented” four-tier blockchain-based command-and-control (C2) infrastructure spanning Tron,

IBM Q2 Revenue Warning Sends Stock Down 25%

IBM surprised investors Tuesday with an early warning that its second-quarter results will come in below expectations, sending the company’s stock plummeting roughly 25% and dragging other software and consulting names lower.  For partners, this offers yet another data point about how enterprise customers make purchasing decisions in today’s market. Customers redirect spending toward scarce…

Attackers are Exploiting Trust in 2026, not Just Technology

When UltraViolet Cyber evaluated major trends across security threats in Q2, the landscape covered a lot of ground.  Highly active threat actors, exploited vulnerabilities, ransomware operations, AI-driven social engineering, identity-based intrusions, and a fast-growing family of “Fix-type” attacks all shaped the quarter.  But there was one pattern that kept showing up across categories that don’t…

Pax8 Explains Microsoft Pricing and Partner Benefit Changes

Cloud marketplace distributor Pax8 is advising Microsoft partners to prepare for a series of changes affecting Microsoft 365 pricing, cloud benefit redemption, and partner enablement as the company rolls out updates that could influence customer renewals and operational workflows. The guidance highlights Microsoft’s July 1 pricing changes, a new process for redeeming partner cloud benefits…

GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine. Expel, which shared technical details of the event, described the threat actor as a sub-group of GoldenEyeDog (aka APT-Q-27, Dragon Breath, and Miuuti Group), a Chinese cybercrime group known for its targeting of the gambling and gaming sectors…

July’s Patch Tuesday sees an end-of-support collision amidst a massive, record-setting patch wave

Microsoft addressed 722 CVEs this month once the 427 Chromium upstream relays are set aside — roughly three times a normal cycle and one of the largest single months in recent memory. Two vulnerabilities arrive under active exploitation: an elevation of privilege in Active Directory Federation Services (CVE-2026-56155), and an elevation of privilege in SharePoint…

State officials, election experts pan Trump speech: ‘This is what desperation looks like’

State and local officials and election security experts largely panned a Thursday night primetime speech by President Donald Trump, saying it was reflective of White House “desperation” to find any credible evidence to support their claims that U.S. elections have been rigged against the two-term president. While the White House teased explosive new claims about…

WatchGuard Report Finds Shadow AI Raising SMB Cyber Risk

WatchGuard Technologies, a unified cybersecurity organization for managed service providers (MSPs), recently unveiled new research which found that employee behavior has led to significant and sometimes unseen cybersecurity risks for small- and medium-sized businesses (SMBs). Unauthorized AI use creates visibility gaps The 2026 Cybersecurity Hygiene Report found that 64 percent of employees surveyed admit to…

Zero-Days, AI Governance Gaps, and Global Cybercrime Define This Week’s Security Landscape in July 2026

Major Threats & Vulnerabilities Record Patch Releases and Actively Exploited Zero-Days Microsoft’s July 2026 Patch Tuesday addressed a record 570 vulnerabilities, including three zero-days and two under active exploitation. Of these, 59 were rated critical, many enabling remote code execution. Organizations are urged to prioritize patching actively exploited vulnerabilities, apply compensating controls, and validate patch…

Apple widens OpenAI trade secrets fight with preservation orders

Dozens of former Apple employees now working at OpenAI have been put on notice after Apple reportedly sent legal letters ordering them to preserve documents and communications relevant to its trade secrets lawsuit against OpenAI.  The Financial Times reports that “around 40” employees have been targeted with these letters, which repeat Apple’s claim that its confidential information…

The Race to Field Military Autonomy Is On, Can Trusted Information Infrastructure Keep Pace?

Military forces are under increasing pressure to field autonomous capabilities faster than ever before. Across the U.S., UK, and NATO, new investment, evolving defense strategies, and accelerated acquisition pathways are transforming how capability is delivered, rewarding programs that can move from concept to operational deployment at commercial speed. Now the focus shifts to the trusted

How to use GitHub safely

GitHub is rapidly becoming the go-to platform for sharing software. Originally built for developers to collaborate on code, it now hosts millions of projects ranging from hobby scripts to widely used applications. That popularity, however, has also made it an attractive delivery platform for cybercriminals. For most home users, GitHub is not something you need…

Claude can now sign into websites with 1Password without exposing your credentials

1Password has introduced 1Password for Claude, a beta integration that lets Anthropic’s AI assistant complete browser tasks requiring authentication without accessing users’ passwords or other secrets. The integration is available to paid Claude subscribers (Pro, Max, Team, and Enterprise) using Claude Desktop on macOS and to 1Password customers on individual, family, and business plans. It…

New Russian Campaign Uses Fake Webex and Zoom Installers to Deploy Starland RAT

Russian-speaking UAT-11795 spreads trojanized Zoom, Webex, and MobaXterm installers to deliver Starland RAT and the WLDR memory-only implant. Cisco Talos researchers published a detailed technical report on July 16 disclosing UAT-11795, a financially motivated, Russian-speaking threat actor that has been running a malware campaign against users in the United States and Europe since at least…

New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage

Cybersecurity researchers have discovered a previously undocumented malware called GoSerpent that has been put to use in cyber attacks targeting entities in Southeast Asia since late 2025 with a focus on long-term access and intelligence gathering. Russian cybersecurity company Kaspersky, which uncovered the activity in February 2026, said it was aimed at government and diplomatic…

U.S. CISA adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities (KEV) catalog. The flaws added to the catalog are: CVE-2023-4346 KNX Association KNX Protocol…

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 19, 2026. The vulnerability in question is CVE-2026-58644 (CVSS score: 9.8), a critical deserialization

New infosec products of the week: July 17, 2026

Here’s a look at the most interesting products from the past week, featuring releases from Cloudflare, Lineation.ai, Nudge Security, and Polygraf AI. Polygraf AI Meeting Guard delivers real-time deepfake detection for enterprise meetings Polygraf AI has announced Meeting Guard, a real-time AI fraud detection solution for enterprise meetings built to detect fraud and protect meeting…

Zoom Patches Critical Account Takeover Vulnerability for Windows 

A critical vulnerability in Zoom’s Windows software could allow an unauthenticated attacker to hijack user accounts over the network.  The latest security release also addresses several high-severity vulnerabilities affecting privilege management and privilege escalation.  “Vulnerability notices create a race between an organization’s endpoint strategy and hackers for control of these attractive high-value targets,” said Romanus…