Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

12/12/2025 CyberGeek 0 Comments 0 tags

The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the

Read More

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

12/12/2025 CyberGeek 0 Comments 0 tags

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure.

Read More

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

12/12/2025 CyberGeek 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation. The critical vulnerability,

Read More

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

12/12/2025 CyberGeek 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active

Read More

The Impact of Robotic Process Automation (RPA) on Identity and Access Management

11/12/2025 CyberGeek 0 Comments 0 tags

As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have

Read More

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

11/12/2025 CyberGeek 0 Comments 0 tags

This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants

Read More

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

11/12/2025 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report from Elastic Security

Read More

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

11/12/2025 CyberGeek 0 Comments 0 tags

An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag

Read More

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

11/12/2025 CyberGeek 0 Comments 0 tags

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw,

Read More

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

11/12/2025 CyberGeek 0 Comments 0 tags

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated

Read More