Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

22/04/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus

Read More

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

22/04/2026 CyberGeek 0 Comments 0 tags

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score

Read More

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

22/04/2026 CyberGeek 0 Comments 0 tags

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the

Read More

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

22/04/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector. “The backdoor communicates with a dynamic DNS-based

Read More

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

21/04/2026 CyberGeek 0 Comments 0 tags

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the

Read More

22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters

21/04/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged

Read More

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

21/04/2026 CyberGeek 0 Comments 0 tags

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, Florida, teamed

Read More

5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time

21/04/2026 CyberGeek 0 Comments 0 tags

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption,

Read More

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

21/04/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted file-creation

Read More

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

21/04/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took the

Read More