21 Feb, 2025

Geek Feed

Latest IT News & Tech Trends

Contact Us
Breaking News
Chinese hackers use custom malware to spy on US telecom networks

Chinese hackers use custom malware to spy on US telecom networks

Microsoft testing fix for Windows 11 bug breaking SSH connections

Microsoft testing fix for Windows 11 bug breaking SSH connections

Darcula PhaaS can now auto-generate phishing kits for any brand

Darcula PhaaS can now auto-generate phishing kits for any brand

New NailaoLocker ransomware used against EU healthcare orgs

New NailaoLocker ransomware used against EU healthcare orgs

CISA and FBI: Ghost ransomware breached orgs in 70 countries

CISA and FBI: Ghost ransomware breached orgs in 70 countries

Phishing attack hides JavaScript using invisible Unicode trick

Phishing attack hides JavaScript using invisible Unicode trick

New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA

geekfeed0Tagged , , , , , ,

A new Microsoft 365 phishing-as-a-service platform called “FlowerStorm” is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service. First documented by Trustwave in late November 2024, Rockstar2FA operated as a PhaaS platform facilitating large-scale adversary-in-the-middle (AiTM) attacks targeting Microsoft 365 credentials. The service offered advanced evasion mechanisms, a user-friendly panel, and numerous […]

Read More
3 mins read

Google Chrome uses AI to analyze pages in new scam detection feature

geekfeed0Tagged , , , , , , , ,

Google is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web. As spotted by Leo on X, a new flag in Chrome Canary enables a feature called “Client Side Detection Brand and Intent for Scam Detection” that uses an LLM, or Large Language […]

Read More
2 mins read

Malicious Rspack, Vant packages published using stolen NPM tokens

geekfeed0Tagged , , , , , , ,

Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. The supply chain attack, spotted by both Sonatype and Socket researchers, deployed the XMRig cryptocurrency miner on compromised systems for mining the hard-to-trace Monero privacy cryptocurrency. Additionally, Sonatype discovered that all three npm packages […]

Read More
3 mins read

US charges Russian-Israeli as suspected LockBit ransomware coder

geekfeed0Tagged , , , , , , , ,

The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. According to a criminal complaint unsealed today in the District of New Jersey, Rostislav Panev, 51, a dual Russian and Israeli national, allegedly helped develop LockBit ransomware encryptors and a custom […]

Read More
4 mins read

Sophos discloses critical Firewall remote code execution flaw

geekfeed0Tagged , , , , ,

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. The vulnerabilities affect Sophos Firewall version 21.0 GA (21.0.0) and older, with the company already releasing hotfixes that are installed by default and permanent fixes […]

Read More
3 mins read

Krispy Kreme breach, data theft claimed by Play ransomware gang

geekfeed0Tagged , , , ,

​The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. Krispy Kreme disclosed the incident and subsequent disruptions to its online ordering system in an SEC filing submitted on December 11. The company detected unauthorized activity on some of its information technology systems […]

Read More
2 mins read

Ascension: Health data of 5.6 million stolen in ransomware attack

geekfeed0Tagged , , , , , , ,

​Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. The health network reported a total revenue of $28.3 billion in 2023 and operates 140 hospitals and 40 senior […]

Read More
3 mins read

Massive live sports piracy ring with 812 million yearly visits taken offline

geekfeed0Tagged , , , , , , , , ,

​The Alliance for Creativity and Entertainment (ACE) has taken down one of the world’s largest live sports streaming piracy rings, with over 821 million visits last year. ACE says the Markkystreams Vietnam-based operation was the largest illegal sports streaming service it has shut down to date.  The piracy ring primarily targeted audiences across the United States and Canada, streaming sports events […]

Read More
2 mins read

Romanian Netwalker ransomware affiliate sentenced to 20 years in prison

geekfeed0Tagged , , , , ,

​Daniel Christian Hulea, a Romanian man charged for his involvement in NetWalker ransomware attacks, was sentenced to 20 years in prison after pleading guilty to computer fraud conspiracy and wire fraud conspiracy in June. Hulea was extradited to the United States after being arrested by Romanian police in Cluj in July 2023 at a request […]

Read More
2 mins read

BadBox malware botnet infects 192,000 Android devices despite disruption

geekfeed0Tagged , , , ,

The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. Researchers from BitSight warn that the malware appears to have expanded its targeting scope beyond no-name Chinese Android devices, now infecting more well-known and trusted brands like Yandex TVs […]

Read More
5 mins read