Geek-Guy.com

How to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secrets

If you manage secrets across multiple AWS accounts or need faster secret access for latency-sensitive applications, this post shows you how to meet those requirements using two new features of the AWS Workload Credentials Provider (provider). You will learn how to configure role chaining for cross-account secret retrieval and prefetching of secrets to reduce cold-start…

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates “resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass,” Adobe said in an alert released Tuesday. The vulnerabilities are listed

Dropzone AI Expands EMEA Channel with QBS Software Partnership

Dropzone AI has signed an exclusive distribution agreement with QBS Software to bring its Agentic SOC platform to managed security service providers (MSSPs) and value-added resellers (VARs) across Europe, the Middle East, and Africa (EMEA). Exclusive distribution agreement targets MSSPs and VARs with agentic SOC capabilities The partnership expands access to Dropzone AI’s autonomous security…

Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire’s Threat Response Unit (TRU). The Canadian cybersecurity company said it identified exploitation attempts targeting CVE-2026-8037 (CVSS score: 9.6), an operating system (OS) command injection flaw that could be exploited to achieve

CyberFOX Acquires Timus to Add SASE to Platform

CyberFOX is adding another puzzle piece to its cybersecurity platform, this time by acquiring Timus Networks, a cloud-native Secure Access Service Edge (SASE) vendor focused on Zero Trust Network Access (ZTNA). The deal is designed to bring secure remote access, secure web browsing, adaptive policy enforcement, and always-on connectivity to the CyberFOX platform.  It’s also…

NetRise Launches Partner-Led Federal Security Service

NetRise is bringing a managed software supply chain risk management offering to the federal market through a partner-led model, giving federal integrators and managed service providers a new way to help agencies evaluate software risk beyond vendor questionnaires, attestations, and traditional software bills of materials. NetRise targets federal software supply chain visibility The offering is…

Exabeam Adds AI Agent Security Capabilities in Platform

Exabeam has expanded its security operations platform with new capabilities to help enterprises detect, investigate, and mitigate risks associated with AI agents, autonomous workflows, and human-to-agent activity. The July release broadens Exabeam’s Agent Behavior Analytics, Outcomes Navigator, Nova, Threat Center, Attack Surface Insights, and data collection workflows.  For channel partners, the update reflects a growing…

AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining “unrealistic browser-malware concepts with a real browser capability” to turn it into a working ransomware technique that runs entirely inside the browser on both Windows and Android devices. “This is the first documented case where a frontier…

Netzilo adds runtime governance for AI agents across major platforms

Netzilo has announced expanded AI agent governance and runtime enforcement capabilities for Amazon Bedrock AgentCore and other major AI agent harnesses. As enterprises move AI agents from experimentation into production, agents are becoming a new enterprise edge. They operate across cloud platforms, agent runtimes, orchestration frameworks, developer environments, user devices, mobile phones, and on-premises systems.…

Dawnguard launches platform to automate secure cloud architecture

Dawnguard announced the public launch of its security architecture automation platform, making it available to organizations looking to design, build, and operate secure cloud-native systems from day zero through production. The launch marks the company’s move from enterprise design partnerships into general availability, following a year of platform development and customer validation. Alongside the product…

CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks

CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers to escalate privileges locally in Microsoft Defender. The vulnerability, along with two other zero-days dubbed…

Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique

Research by: Alexey Bukhteyev Key Takeaways AI can turn high-level malicious ideas into concrete techniques, and can independently design and implement novel attack paths that have not yet appeared in real-world campaigns. In this research, DeepSeek connected unrealistic browser-malware concepts with a real browser capability, turning an AI-generated malware hallucination into a plausible browser-native ransomware technique.…

ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365

Cisco Talos identified a fully-featured phishing-as-a-service (PhaaS) operator panel, branded “ARToken,” that shares infrastructure, API contracts, and operational patterns with the EvilTokens platform documented by Sekoia and Microsoft in early 2026. The ARToken panel exposes 80+ API endpoints for device code phishing, Primary Refresh Token (PRT) persistence, email access, business email compromise (BEC) operations, and…

This phishing kit looks more like BEC-as-a-service

Toolkits to wage phishing campaigns are a now-venerable instrument for cybercriminals, but researchers recently turned up details on something like a full-fledged “business email compromise-as-a-service” platform. Cisco Talos said Wednesday that it had found an operator panel dubbed ARToken, which shares infrastructure and other things in common with, and as an affiliate to, the EvilTokens…

Auvik: Agentic AI Drives Practical MSP Automation

Agentic AI is entering a new phase for managed service providers, with early deployments shifting from chatbots toward practical network automation, according to Auvik President Mark Ralls.  Rather than replacing engineers, Ralls says the technology is helping MSPs reduce operational overhead, improve technician efficiency, and proactively resolve network issues. How AI adoption is maturing across…

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/32) controlled by internet infrastructure provider LSHIY LLC (AS32167). “Between June 12 and June 26, the threat

The Platform You Trust Is the Platform They Target

By: Max Gannon, Cofense Intelligence Cofense Intelligence is observing a clear shift in phishing operations: threat actors are moving beyond broad, one-size-fits-all campaigns and adopting platform-aware delivery that adapts to the victim’s device, browser, and environment. What began as simple Windows-focused malware distribution campaigns has evolved into more sophisticated campaigns that can selectively deliver credential…

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition. The vulnerabilities are listed below – CVE-2026-8451 (CVSS score: 8.8) – An insufficient input validation

Global Market Trends and Business Developments Shaping the Future

In this post, I will talk about the global market trends and business developments shaping the future. Global markets are changing faster than ever, creating both opportunities and challenges for businesses, investors, and professionals. You may find it increasingly difficult to predict customer demand, keep pace with technological advancements, respond to economic uncertainty, or identify…