TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

28/03/2026 CyberGeek 0 Comments 0 tags

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The

Read More

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

28/03/2026 CyberGeek 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing

Read More

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

27/03/2026 CyberGeek 0 Comments 0 tags

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the

Read More

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

27/03/2026 CyberGeek 0 Comments 0 tags

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.

Read More

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

27/03/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX’s pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension

Read More

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

27/03/2026 CyberGeek 0 Comments 0 tags

Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated

Read More

We Are At War

27/03/2026 CyberGeek 0 Comments 0 tags

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it.  Introduction:

Read More

Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware

27/03/2026 CyberGeek 0 Comments 0 tags

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent

Read More

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

27/03/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source

Read More

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

26/03/2026 CyberGeek 0 Comments 0 tags

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting

Read More