Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

23/01/2026 CyberGeek 0 Comments 0 tags

Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. “In the last 24 hours,

Read More

TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order

23/01/2026 CyberGeek 0 Comments 0 tags

TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new venture, named TikTok

Read More

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

23/01/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software for persistent remote access to compromised hosts.

Read More

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

23/01/2026 CyberGeek 0 Comments 0 tags

Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. “The campaign abused SharePoint file‑sharing services to deliver

Read More

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

22/01/2026 CyberGeek 0 Comments 0 tags

Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator in Southeast Asia in November 2025. The attack leveraged a

Read More

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

22/01/2026 CyberGeek 0 Comments 0 tags

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061, is rated 9.8 out

Read More

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories

22/01/2026 CyberGeek 0 Comments 0 tags

Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted

Read More

Filling the Most Common Gaps in Google Workspace Security

22/01/2026 CyberGeek 0 Comments 0 tags

Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience.

Read More

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

22/01/2026 CyberGeek 0 Comments 0 tags

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner,

Read More

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

22/01/2026 CyberGeek 0 Comments 0 tags

A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. The vulnerability, which currently does

Read More