Latest IT News & Tech Trends
Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. The flaw is tracked as CVE-2026-4020 and received a medium severity rating. It affects all versions of the plugin from 2.1.4 and older and has been addressed in version 2.1.5, released on March 17. WordPress security […]
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. The Texas Cyber Command discovered the intrusion and launched an investigation to determine the extent and impact of the unauthorized access. The state authority found that Social Security Numbers […]
Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin. “When permanently deleting a single item from the Recycle Bin, the confirmation dialog displays the internal Recycle Bin filename (for example, $Rxxxxx.ext) instead of the original filename,” the company explained in a […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks. Tracked as CVE-2026-20253, this security flaw affects Splunk Enterprise (versions 10.2.0 to 10.2.3 and 10.0.0 to 10.0.6) and allows remote attackers without privileges to create or truncate arbitrary […]
A New York man faces cyberstalking charges after allegedly sharing AI-generated nude images and fabricated racist messages using fake social media profiles to harass a Georgia college student. 21-year-old Anthony Belford was arraigned June 10 after a federal grand jury returned an indictment charging him with one count of cyberstalking. Belford and the victim had […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed “FortiBleed.” This warning comes after threat actors used compromised credentials to target internet-accessible Fortinet devices across government and private-sector organizations worldwide. “CISA is aware of global reports that malicious […]
The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in attacks. The gang employs a collection of EDR-killing tools, most notably a utility that researchers dubbed GentleKiller. The tool has at least eight variants and impersonates various legitimate security products, including Kaspersky, […]
Nintendo of America has confirmed to GeekFeed that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. The companyâs statement comes after claims from the Shadowbyt3$ âextortion-as-a-serviceâ threat group that they exfiltrated sensitive data related to Nintendo of America employees. âWe are aware of an issue […]
Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication. The campaign has been active since at least February and relies on LNK (shortcut) files on USB drives to push clipper malware that monitors clipboard contents and replaces cryptocurrency wallet addresses with ones controlled by […]
Market intelligence platform Klue suffered a OAuth breach that enabled the “Icarus” threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign. Sources told GeekFeed of the attack yesterday, telling us that numerous organizations had their Salesforce data stolen and were now being extorted by the relatively new extortion group. […]
