Geek-Guy.com

Category: malware

Stay ahead of cyber threats with the latest malware news, ransomware alerts, and virus analysis. Geek-Guy tracks emerging infections and removal trends.

AI, Global Security News, malware

Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware

Cybercriminals are using TikTok and Instagram Reels videos to spread Vidar, an infostealer malware, through fake downloads for popular paid software, according to ReversingLabs. The researchers uncovered two campaigns behind the activity, each using a different approach to draw in viewers before sending them to external download sites. One campaign centered on fake software installation…

Read more →

AI, Global Security News, malware, Network Security

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials. The bigger problem is how polished…

Read more →

AI, Exploits, Global Security News, malware, Risk Management

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

GreatXML bypasses BitLocker via Defender offline scan artifacts, giving SYSTEM shell in Recovery Mode. No patch exists. Any machine that ran an offline scan is vulnerable. On June 10, security researcher Chaotic Eclipse (aka Nightmare Eclipse) published a new working exploit dubbed GreatXML that bypasses BitLocker and opens a command shell with full SYSTEM privileges…

Read more →

AI, Compliance, Cybersecurity, Europe, Global Security News, malware, Network Security, Risk Management

From Infosecurity Europe to CONFidence and C1b3rWall: What Security Teams Are Prioritizing in 2026

Three cities, three cybersecurity conferences, and plenty of conversations with security professionals across Europe.  Over the past few weeks, the ANY.RUN team joined Infosecurity Europe in London, CONFidence Conference in Kraków, and C1b3rWall Congress in Ávila. While every event had its own focus, the discussions pointed in the same direction: security teams need faster investigations,…

Read more →

AI, Apps, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security

JDY Botnet Evolves After KV Takedown, Targets Military Networks

JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of the JDY botnet, a covert reconnaissance network tied to Chinese state-sponsored hacking groups including Volt Typhoon. The network was first spotted in late 2023 as a cluster inside KV-botnet. The U.S. government…

Read more →

AI, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Who Runs the Ransomware Group ‘The Gentlemen?’

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator…

Read more →

AI, Endpoint, Exploits, Global Security News, Government & Policy, malware, Russia

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088

Despite a 2025 patch, Russian-linked groups still exploit a WinRAR flaw (CVE-2025-8088) to deploy malware via phishing archives. CVE-2025-8088 is a path traversal flaw in WinRAR that lets an attacker write files outside the extraction directory using NTFS Alternate Data Streams. WinRAR fixed it in version 7.13 in July 2025. Nearly a year later, Trend…

Read more →

AI, Cybersecurity, Endpoint, Europe, Global Security News, malware, Network Security, Risk Management

Intelligence-Driven Threat Hunting: How SOCs Find What Alerts Miss

Talk to any threat hunter long enough, and beneath the polished case studies and conference talks, the same frustrations surface. Hunting is supposed to be proactive. In practice, it often feels reactive. You are chasing whispers of activity through log noise, querying SIEM fields that barely reflect real attacker behavior and writing detections against technique descriptions that…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices. A group of researchers from the University of Toronto has demonstrated how open-source artificial intelligence models can be used to create a new category of computer worms capable of autonomously…

Read more →

AI, Data Breaches, Global Security News, malware

Miasma Worm Compromises 73 Microsoft GitHub Repositories

The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, malware

Security shifts to the human layer as AI scams surge

Cybercriminals are increasingly reshaping familiar social-engineering campaigns around the way employees use AI, with separate advisories from Microsoft and Google documenting how attackers are adapting scams to AI-powered tools, trusted digital services, and changing workplace behavior. Microsoft Threat Intelligence, in its advisory, said threat actors are “leveraging the wider global interest around AI itself as…

Read more →

AI, Compliance, Cybersecurity, Data Security, Endpoint, Global Security News, malware, Network Security, Risk Management

Protecting 50,000 Users: How ANY.RUN Drives Incident Prevention at UMass Boston

Securing a university means defending a highly open environment, where thousands of users, devices, and external connections create constant exposure to risk. We had a unique opportunity to get an inside look at how these operations are run at a powerhouse R1 institution, the University of Massachusetts Boston.    We sat down with Daniel Mayer, Endpoint…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security

Meet Hades: The malware that lies to AI security agents

Threat actors are continuing their onslaught against software supply chains, now with malware named after death itself. The newly-discovered Hades Campaign is a “highly sophisticated” supply chain compromise that targets Python developer environments and runs as soon as infected packages are imported. It uses the popular Bun toolkit to silently execute multi-layer payloads that can…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management

TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)

This diary continues the Internet Storm Center’s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the Security Scanner Became the Weapon and most recently in the handler diary Activity Through 2026-05-24. Since that update, the story moved into two new places: the United States government, which formally caught up to the…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

Operationalizing AWS security: A maturity roadmap

Enabling security tooling is the starting point. Making it operational—where findings drive decisions, response times are measurable, and your security posture improves week over week—is where most organizations struggle. This blog post provides a phased maturity roadmap for organizations that have already enabled AWS Security Hub and Amazon GuardDuty. These two services form the foundation…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Threat Intelligence Group published a detailed report documenting an active extortion campaign carried out by the cybercrime group UNC3753 (aka Luna Moth, Chatty Spider, and…

Read more →

AI, Exploits, Global Security News, malware, Network Security

IoT Botnet C0XMO Adds Competitor-Killing Capability

C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In March 2026, FortiGuard Labs discovered a new variant of the Gafgyt botnet, dubbed C0XMO, which is noticeably more capable than its predecessors. The malware spreads through CVE-2021-27137, a stack buffer overflow in…

Read more →

AI, china, Cybersecurity, Global Security News, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Targeting WordPress Abuses Steam Community Profiles for Command & Control Operations   Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens   Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia

Security Affairs newsletter Round 580 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog Report: Anthropic Deploys Engineers…

Read more →

AI, Global Security News, malware

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. “Access to this

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management

AI Threats, Zero-Days, and Data Breaches Define This Week of June 2026 in Cybersecurity

Major Threats & Vulnerabilities Zero-Day Exploits and Critical Vulnerabilities A newly discovered Comodo zero-day vulnerability can crash Windows systems through a malformed IPv6 packet. Researcher Marcus Hutchins identified the flaw, but Comodo has yet to issue a patch. Users are advised to filter suspicious IPv6 headers and test incident response plans. Google patched an Android…

Read more →

AI, Apps, Cybersecurity, Europe, Global Security News, malware, Network Security

Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure

Researchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S. law firms and businesses. Resecurity uncovered the Silent Ransom Group (SRG)’s Fast Flux network infrastructure and shares available intelligence with the cybersecurity community to disrupt their malicious activities and enable ISP/DNS providers to counter this threat.…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Risk Management

CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution

Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker with netadmin privileges to execute arbitrary commands as root by uploading a crafted file. Cisco says exploitation has already been observed in limited cases,…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source: govlens[.]net,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy, Risk Management

Leader in Malware Analysis: ANY.RUN Named Top Vendor in G2 Summer 2026 Awards

We are proud to announce that ANY.RUN has earned the title of Momentum Leader and ranked #1 in the Relationship Index in the latest G2 Summer Reports. Reflecting real security teams’ actual experience, these rankings once again prove how critical ANY.RUN’s solutions are for daily SOC operations in modern enterprises.  Why ANY.RUN’s Momentum Leader Title Matters for Your Team  G2 awards…

Read more →

AI, Europe, Exploits, Global Security News, malware, Network Security

PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 cloud servers across Amazon Web Services, Google Cloud, and Microsoft Azure and turned them into a covert email relay network. Hunt.io researchers discovered the operation because PCPJack…

Read more →

AI, Compliance, Cybersecurity, Data Security, Europe, Global Security News, malware, Network Security, Risk Management

May 2026 Leadership Recap: Channel Execs Move Toward AI

We’re barreling toward the midway point of the year, and May has seen a number of new executive leadership shuffles to guide organizations through the second half of the year and beyond. Organizations across the ecosystem have made shifts to their leadership teams, including new hires, promotions, and the addition of their first-ever AI executives.…

Read more →

AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Russia

AI tools becoming hot commodities on ransomware marketplaces

Sales of AI-based tools is accelerating within underground ransomware marketplaces, lowering the barrier to entry for new actors in the process. An analysis of Telegram channels, 20 dark web forums, and five underground markets by anti-ransomware platform vendor Halcyon found that AI utility posts grew to 1,486 in February 2026, up from just 38 in…

Read more →

china, Europe, Global Security News, malware

China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a “rapid operational tempo” and a continually evolving malware arsenal comprising known families like ValleyRAT (aka Winos 4.0) and Atlas RAT (aka AtlasCross RAT),…

Read more →

AI, Apps, Exploits, Global Security News, malware, Network Security, privacy, Risk Management

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

A high severity vulnerability in Hugging Face Transformers enables attackers to compromise systems that use the popular Python library to test and run AI models. The flaw impacts library versions that continue to be actively downloaded and comes at a time when attackers are increasingly targeting the AI supply chain, including through malicious models hosted…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, privacy, Risk Management

Q1 2026 Cyber Risk Report: Insights from 2.1 Million Malware and Phishing Investigations 

Based on 2,101,483 malware and phishing investigations from Q1 2026, ANY.RUN‘s Cyber Risk report provides a real-world view of modern attack trends.  It covers trending malware families, TTPs, and other technical observations, while also delivering executive insights CISOs and SOC teams can use to connect attacker behavior to business risk.  Combining data-backed malware trends with strategic guidance for security leaders, the report reveals critical gaps in detection, response, and visibility that directly impact business resilience, and outlines solutions organizations can use…

Read more →

AI, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets

Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen…

Read more →

Cybersecurity, Global Security News, malware

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System (TDS) and deliver malware families like Remus Stealer, AnimateClipper, and the SessionGate framework. “The sites are well-designed and often look like legitimate project portals at a glance, sometimes referencing

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming

International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down. An international law enforcement operation, codenamed Operation KRATOS and involving 13 countries (Belgium, Bulgaria, Croatia, France, Greece, Ireland, Italy, the Netherlands, Poland, Romania, Spain, the UK, and the US), spent seven months quietly dismantling the…

Read more →

AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia

Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware

Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The…

Read more →

AI, Global Security News, malware

Malware campaign targeting Minecraft users infects over 116,000 systems

A Malware-as-a-Service (MaaS) operation named WeedHack is targeting Minecraft users and allows threat actors to gain remote access to victims’ screens, webcams, and files through a web-based dashboard, McAfee researchers found. Minecraft, developed by Mojang Studios and released in 2011, is one of the best-selling video games of all time, with more than 350 million…

Read more →

AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Release Notes: Decision-Ready SOC Reporting, Elastic Security Integration, and 1400+ Threat Coverage Updates

Security leaders are under growing pressure to reduce the time between threat detection and response without adding more complexity to already overloaded SOC workflows. ANY.RUN’s May updates help teams act on security risks more efficiently, improve consistency across investigations, and maintain stronger protection as attacker tactics continue to evolve. Discover the updates your team can…

Read more →

AI, Cybersecurity, Global Security News, malware

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims’ systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating the activity has been active since January 2026 and impersonates Minecraft clients and mods to infect users. In all, 3820

Read more →

AI, Apps, Exploits, Global Security News, malware, Russia

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware

Instagram Account Hijacks Expose the Security Risks of AI-Powered Support

Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. The issue affected several users, including high-profile accounts, before Instagram fixed the flaw. Security researcher Jane Wong and other…

Read more →

AI, Cybersecurity, Global Security News, malware

Infected Red Hat npm packages expose developer credentials

Developers who pulled packages from Red Hat’s @redhat-cloud-services npm namespace over the weekend got a secret-stealing worm instead. Security researchers from several cybersecurity outlets are warning of a new supply chain attack compromising over 30 Red Hat Cloud Services-related npm packages to steal credentials, authentication tokens, and other secrets from developer environments. The campaign, which…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Attackers exploit Palo Alto GlobalProtect flaw days after disclosure

A Palo Alto Networks vulnerability that allows attackers to establish unauthorized VPN access into corporate networks is being actively exploited in the wild, weeks after the company disclosed the flaw as a medium-severity issue and said it was unaware of any attacks. However, according to Rapid7, threat actors began exploiting the bug within days of…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security

From Fake Purchase Orders to Remote Access: Analyzing the JS.MonoGlyphRAT Threat to US Enterprises

A previously unidentified cyberattack is quietly spreading through US businesses — and most security tools are not catching it. Researchers at ANY.RUN have identified a new backdoor called JS.MonoGlyphRAT, an advanced piece of malware delivered as an ordinary-looking JavaScript file disguised as a purchase order, quote, or business proposal. Once an employee opens the file,…

Read more →

AI, Endpoint, Global Security News, malware

Sophos uncovers AI-powered malware lab built for EDR evasion

A threat actor used AI technologies to build a malware-testing framework for developing and refining endpoint detection and response (EDR) evasion techniques, according to Sophos. The investigation began after an anomalous endpoint in a customer environment triggered alerts tied to malicious payloads originating from a testing directory. The files pointed to a broader framework focused…

Read more →

AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Risk Management

Attack targeting OpenAI Codex users exposes AI software supply chain risks

A malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication tokens, after attackers allegedly published code to npm that was not visible in the project’s public GitHub repository. Researchers at Aikido said the package, called codexui-android, appeared to offer legitimate functionality while collecting authentication tokens and sending them to…

Read more →

AI, Apps, Global Security News, malware, Network Security

GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management

Fake Claude Code Installers Deliver Credential-Stealing Malware 

Developers searching for Claude Code installation instructions could be walking into a sophisticated malware campaign that disguises itself as legitimate AI tooling documentation.  Researchers found dozens of fake Claude Code and developer platform sites designed to steal credentials, API keys, and cryptocurrency.  “The attack chain runs on the same unchecked trust that makes AI developer…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps and OpenStreetMap with markers, listings, and location search. It’s a store locator tool. Unremarkable. The plugin is installed on over 15,000 websites, according to sale…

Read more →

AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Windows 11 Smart App Control explained

In the ever-evolving cybersecurity landscape, Microsoft has introduced various new features in Windows 11 designed to protect users from modern workplace threats. Among such features, Smart App Control (SAC) changes how Windows devices handle, and occasionally block, unwanted or potentially malicious applications. But what exactly is Smart App Control? How does it work, who benefits…

Read more →

AI, Global Security News, malware, Network Security

Unidentified RAT pushes NetSupport RAT, (Mon, Jun 1st)

Introduction This diary provides indicators from an unidentified RAT infection on Wednesday 2026-05-27 that was followed by a malicious NetSupport Manager RAT package. This originated from the SmartApeSG ClickFix campaign. I still don’t know the name of the initial RAT, but it has consistently been generating encoded (not HTTPS/SSL/TLS) traffic to a command and control…

Read more →

AI, Europe, Exploits, Global Security News, malware, Network Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks   TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io   RemotePE: The Lazarus RAT that lives…

Read more →

AI, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Politics, privacy, Risk Management, Russia

Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers Signal Phishing Campaign Targets Journalists and…

Read more →

AI, Exploits, Global Security News, malware, Risk Management, Russia

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just future chats. A phishing campaign is currently targeting Signal users with text messages that impersonate Signal Support and ask them to hand over their backup recovery key. The message looks urgent,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Botnet of 17 Million Devices Dismantled in the Netherlands

Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Botnet of 17 Million Devices Dismantled in the Netherlands

Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following…

Read more →

AI, Apps, Global Security News, Government & Policy, malware, Network Security, Russia

Russia-aligned crime group Greyvibe extensively uses AI in attacks

Researchers have uncovered a previously undocumented Russian group that makes extensive use of large language models (LLMs) in its attacks against private, government, and military organizations in Ukraine. It uses a variety of attack vectors along with custom malware, with the goal of intelligence gathering for the ongoing war. Dubbed Greyvibe by researchers from WithSecure,…

Read more →

AI, Global Security News, Government & Policy, malware, Network Security, Russia

Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it’s part spy op, part crime gang. Security firm WithSecure has been tracking a previously unknown Russian-linked APT group called GREYVIBE since at least August 2025. The group targets Ukraine and Ukrainian-related organizations across military, government, civilian,…

Read more →

AI, Compliance, Europe, Global Security News, Government & Policy, malware, Risk Management

AI in the UK: Driving Innovation Without Expanding Cyber Risk

Written by Sean Tilley, Senior Sales Director EMEA at 11:11 Systems  Artificial intelligence is no longer a future ambition for UK organisations. It is already shaping how decisions are made, how services are delivered, and how quickly businesses can respond to change. From automation and analytics to customer engagement and operational optimisation, AI is becoming an integral part of…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, privacy, Risk Management

AI Threats, Data Breaches, and Supply Chain Risks Define This Week of May 2026 in Cybersecurity

Major Threats & Vulnerabilities Data Breaches and Credential Exposures The hacking group ShinyHunters claims responsibility for stealing over 42 million customer records from Charter Communications. The alleged breach, conducted through social engineering and Microsoft Entra compromise, is under investigation. Organizations are urged to review MFA enforcement and monitor SaaS environments for suspicious activity. Read more…

Read more →