Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

02/02/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer’s resources to push malicious updates to

Read More

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

31/01/2026 CyberGeek 0 Comments 0 tags

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses. The

Read More

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

31/01/2026 CyberGeek 0 Comments 0 tags

Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters. The

Read More

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

31/01/2026 CyberGeek 0 Comments 0 tags

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a

Read More

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

30/01/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question

Read More

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

30/01/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco

Read More

Badges, Bytes and Blackmail

30/01/2026 CyberGeek 0 Comments 0 tags

Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in

Read More

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

30/01/2026 CyberGeek 0 Comments 0 tags

SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-24423, carries a

Read More

Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup

30/01/2026 CyberGeek 0 Comments 0 tags

A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ)

Read More

Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released

30/01/2026 CyberGeek 0 Comments 0 tags

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added

Read More