22 Jun, 2026

Geek Feed

Latest IT News & Tech Trends

Contact Us
Breaking News
CISA warns Fortinet users to secure devices after FortiBleed leak

CISA warns Fortinet users to secure devices after FortiBleed leak

Gentlemen ransomware uses multiple EDR killers to disable defenses

Gentlemen ransomware uses multiple EDR killers to disable defenses

Nintendo confirms data stolen in WebMD subsidiary cyberattack

Nintendo confirms data stolen in WebMD subsidiary cyberattack

USB worm spreads crypto-stealing malware via Windows shortcut files

USB worm spreads crypto-stealing malware via Windows shortcut files

Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks

Klue OAuth breach linked to ‘Icarus’ Salesforce data theft attacks

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

CISA warns Fortinet users to secure devices after FortiBleed leak

geekfeed0Tagged , , , , ,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed “FortiBleed.” This warning comes after threat actors used compromised credentials to target internet-accessible Fortinet devices across government and private-sector organizations worldwide. “CISA is aware of global reports that malicious […]

Read More
3 mins read

Gentlemen ransomware uses multiple EDR killers to disable defenses

geekfeed0Tagged , , ,

The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in attacks. The gang employs a collection of EDR-killing tools, most notably a utility that researchers dubbed GentleKiller. The tool has at least eight variants and impersonates various legitimate security products, including Kaspersky, […]

Read More
2 mins read

Nintendo confirms data stolen in WebMD subsidiary cyberattack

geekfeed0Tagged , , , , , ,

Nintendo of America has confirmed to GeekFeed that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. The company’s statement comes after claims from the Shadowbyt3$ “extortion-as-a-service” threat group that they exfiltrated sensitive data related to Nintendo of America employees. “We are aware of an issue […]

Read More
3 mins read

USB worm spreads crypto-stealing malware via Windows shortcut files

geekfeed0Tagged , , , , ,

Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication. The campaign has been active since at least February and relies on LNK (shortcut) files on USB drives to push clipper malware that monitors clipboard contents and replaces cryptocurrency wallet addresses with ones controlled by […]

Read More
2 mins read

Klue OAuth breach linked to ‘Icarus’ Salesforce data theft attacks

geekfeed0Tagged , , , , ,

Market intelligence platform Klue suffered a OAuth breach that enabled the “Icarus” threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign. Sources told GeekFeed of the attack yesterday, telling us that numerous organizations had their Salesforce data stolen and were now being extorted by the relatively new extortion group. […]

Read More
5 mins read

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

geekfeed0Tagged , , , , ,

International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group. This joint action (supported by Europol and Eurojust) was part of Operation Endgame, a major law enforcement operation targeting cybercrime now aimed at disrupting a key infection […]

Read More
2 mins read

ShapedPlugin update flow hacked to infect WordPress sites

geekfeed0Tagged , , , , , ,

Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor’s official update system. The malware delivered this way installed a fake plugin that impersonates WooCommerce components, steals credentials, and grants operators remote file-writing capabilities. ShapedPlugin is a WordPress plugin vendor specializing in front-end/UI […]

Read More
3 mins read

FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.

geekfeed0Tagged , , , , ,

A newly discovered data leak dubbed “FortiBleed” has exposed what appears to be a collection of Fortinet and FortiGate VPN credentials for 73,932 firewall URLs at organizations worldwide. The exposed data was first discovered by security researcher Bob Diachenko, who says he found a server containing what appeared to be valid Fortinet VPN credentials, including […]

Read More
5 mins read

Apple fixes Beats Studio Buds flaw that let hackers spy on conversations

geekfeed0Tagged , , , , ,

Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users’ conversations. “An attacker within Bluetooth range may be able to listen through the microphone of a device which is not yet paired and actively seeking pair requests,” […]

Read More
2 mins read

Telegram admits it couldn’t police exam-leak channels, India tells court

geekfeed0Tagged , , , ,

India’s government has told the Delhi High Court that Telegram was warned about two weeks before it was blocked, and that the platform conceded it could not proactively detect the channels selling leaked exam papers. The nationwide block, imposed ahead of a national medical exam, disrupted Telegram access well beyond India, reaching users as far away […]

Read More
3 mins read