20 Feb, 2025

Geek Feed

Latest IT News & Tech Trends

Contact Us
Breaking News
Phishing attack hides JavaScript using invisible Unicode trick

Phishing attack hides JavaScript using invisible Unicode trick

New FrigidStealer infostealer infects Macs via fake browser updates

New FrigidStealer infostealer infects Macs via fake browser updates

Australian fertility services giant Genea hit by security breach

Australian fertility services giant Genea hit by security breach

Palo Alto Networks tags new firewall bug as exploited in attacks

Palo Alto Networks tags new firewall bug as exploited in attacks

Russian phishing campaigns exploit Signal's device-linking feature

Russian phishing campaigns exploit Signal’s device-linking feature

New WinRAR version strips Windows metadata to increase privacy

New WinRAR version strips Windows metadata to increase privacy

Microsoft: Hackers steal emails in device code phishing attacks

geekfeed0Tagged , , , , , , ,

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East. Microsoft Threat Intelligence Center tracks the threat […]

Read More
3 mins read

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS

geekfeed0Tagged , , , , , , ,

Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication. The security issue received a high-severity score and impacts the PAN-OS management web interface and allows an unauthenticated attacker on the network to bypass authentication and invoke certain PHP scripts, potentially compromising integrity and confidentiality. In […]

Read More
2 mins read

SonicWall firewall bug targeted in attacks after PoC exploit release

geekfeed0Tagged , , , , , ,

Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code. This security flaw (CVE-2024-53704), tagged by CISA as critical severity and found in the SSLVPN authentication mechanism, impacts SonicOS versions 7.1.x (up to 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035, used by multiple models of Gen 6 and […]

Read More
2 mins read

Malicious PirateFi game infects Steam users with Vidar malware

geekfeed0Tagged , , , , , , , ,

A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. The title was present in the Steam catalog for almost a week, between February 6th and February 12th, and was downloaded by up to 1,500 users. The distribution service is sending notices to potentially impacted users, […]

Read More
3 mins read

PostgreSQL flaw exploited as zero-day in BeyondTrust breach

geekfeed0Tagged , , , , , , ,

Rapid7’s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. Less than one […]

Read More
3 mins read

Chinese hackers breach more US telecoms via unpatched Cisco routers

geekfeed0Tagged , , , , , , , ,

China’s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. Recorded Future’s Insikt Group threat research division states that the Chinese hacking group (tracked Salt Typhoon and RedMike) has exploited the CVE-2023-20198 privilege escalation and CVE-2023-20273 Web UI command injection vulnerabilities. These ongoing attacks have […]

Read More
3 mins read

Microsoft fixes bug causing Windows Server 2025 boot errors

geekfeed0Tagged , , , , ,

​Microsoft has fixed a known issue causing “boot device inaccessible” errors during startup on some Windows Server 2025 systems using iSCSI. “This is observed on servers operating under NDIS Poll Mode booting from an iSCSI LUN,” the company explained when it acknowledged the bug in late October. “Under such configuration, the server will experience the error during […]

Read More
2 mins read

whoAMI attacks give hackers code execution on Amazon EC2 instances

geekfeed0Tagged , , , , , ,

Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. Dubbed “whoAMI,” the attack was crafted by DataDog researchers in August 2024, who demonstrated that it’s possible for attackers to gain code execution within AWS accounts by exploiting how […]

Read More
4 mins read

Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster

geekfeed0Tagged , , , , , , ,

The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. Specifically, the operators of Zservers were accused of facilitating LockBit ransomware […]

Read More
2 mins read

Hacker leaks account data of 12 million Zacks Investment users

geekfeed0Tagged , , , , , ,

Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. Zacks is an American investment research company  that provides its customers data-driven insights through a proprietary stock performance assessment tool called ‘Zacks Rank’, to help with making informed financial decisions. In late January, a […]

Read More
3 mins read