Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices

02/08/2025 CyberGeek 0 Comments 0 tags

SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple

Read More

Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection

01/08/2025 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution. The vulnerability, tracked as CVE-2025-54135

Read More

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

01/08/2025 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks.

Read More

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

01/08/2025 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced license validation

Read More

You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them

01/08/2025 CyberGeek 0 Comments 0 tags

Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the

Read More

Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks

01/08/2025 CyberGeek 0 Comments 0 tags

The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2)

Read More

Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

31/07/2025 CyberGeek 0 Comments 0 tags

The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM)

Read More

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

31/07/2025 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. “Link wrapping is designed

Read More

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

31/07/2025 CyberGeek 0 Comments 0 tags

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. “Under the guise of freelance

Read More

AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals

31/07/2025 CyberGeek 0 Comments 0 tags

Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and

Read More