23 Jun, 2026

Geek Feed

Latest IT News & Tech Trends

Contact Us
Breaking News
CISA warns Fortinet users to secure devices after FortiBleed leak

CISA warns Fortinet users to secure devices after FortiBleed leak

Gentlemen ransomware uses multiple EDR killers to disable defenses

Gentlemen ransomware uses multiple EDR killers to disable defenses

Nintendo confirms data stolen in WebMD subsidiary cyberattack

Nintendo confirms data stolen in WebMD subsidiary cyberattack

USB worm spreads crypto-stealing malware via Windows shortcut files

USB worm spreads crypto-stealing malware via Windows shortcut files

Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks

Klue OAuth breach linked to ‘Icarus’ Salesforce data theft attacks

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

Windows 11 KB5089549 & KB5087420 cumulative updates released

geekfeed0Tagged , , , , , ,

Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. Today’s updates are mandatory as they contain the May 2026 Patch Tuesday security patches for 120 vulnerabilities discovered in previous months. You can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can also manually download and […]

Read More
6 mins read

Å koda warns of customer data breach after online shop hack

geekfeed0Tagged , , , ,

Å koda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. The 130-year-old Czech car maker has over 34,000 employees and reported sales of more than €27 billion and a profit of nearly €2 […]

Read More
3 mins read

Android 17 to expand banking scam call and privacy protections

geekfeed0Tagged , , , , , , ,

Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. Google will be expanding protections against scammers spoofing caller IDs to impersonate financial institutions and trick users into transferring money or revealing account-related information. Android will work with banking apps to detect […]

Read More
3 mins read

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

geekfeed0Tagged , , , , , , ,

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. The attacker hijacked valid OpenID Connect (OIDC) tokens to publish malicious package versions with verifiable provenance attestation (SLSA Build Level 3) Attributed to the TeamPCP threat group, the attack started with compromising dozens of TanStack […]

Read More
5 mins read

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

geekfeed0Tagged , , , , , , ,

SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA. Commerce Cloud is an enterprise-grade e-commerce platform used by online stores owned by large retailers and global brands, while S/4HANA is a cloud-based Enterprise Resource Planning (ERP) suite that will replace the company’s […]

Read More
2 mins read

GM agrees to $12.75M California settlement over sale of drivers’ data

geekfeed0Tagged , , , , , , ,

California Attorney General Rob Bonta announced a $12.75 million settlement agreement with General Motors (GM) over allegations that the company violated the California Consumer Privacy Act (CCPA). The violations arise from allegations that the car maker illegally collected and sold Californians’ driving and location data to data brokers Verisk Analytics and LexisNexis Risk Solutions, between 2020 and […]

Read More
2 mins read

Official CheckMarx Jenkins package compromised with infostealer

geekfeed0Tagged , , , , ,

Checkmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been published on the Jenkins Marketplace. The compromise was claimed by the TeamPCP hacker group, which initiated a spree of supply-chain attacks that included the Shai-Hulud campaigns on npm and the Trivy vulnerability scanner breach, resulting in the delivery of credential-stealing […]

Read More
3 mins read

New GhostLock tool abuses Windows API to block file access

geekfeed0Tagged , , , ,

A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. This technique, created by Kim Dvash of Israel Aerospace Industries, abuses the Windows ‘CreateFileW‘ API and file-sharing modes to prevent other users and […]

Read More
3 mins read

Instructure confirms hackers used Canvas flaw to deface portals

geekfeed0Tagged , , , , ,

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion message. GeekFeed has learned that both the breach and defacements involved multiple cross-site scripting (XSS) vulnerabilities that enabled the attacker to obtain authenticated admin sessions. The second hack was to draw attention and to pressure […]

Read More
2 mins read

Google: Hackers used AI to develop zero-day exploit for web admin tool

geekfeed0Tagged , , , , , , ,

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. The exploit could be leveraged to bypass the two-factor authentication (2FA) protection in a popular open-source, web-based system administration tool that remains unnamed. Although the attack was foiled before the mass exploitation […]

Read More
3 mins read