20 Feb, 2025

Geek Feed

Latest IT News & Tech Trends

Contact Us
Breaking News
Phishing attack hides JavaScript using invisible Unicode trick

Phishing attack hides JavaScript using invisible Unicode trick

New FrigidStealer infostealer infects Macs via fake browser updates

New FrigidStealer infostealer infects Macs via fake browser updates

Australian fertility services giant Genea hit by security breach

Australian fertility services giant Genea hit by security breach

Palo Alto Networks tags new firewall bug as exploited in attacks

Palo Alto Networks tags new firewall bug as exploited in attacks

Russian phishing campaigns exploit Signal's device-linking feature

Russian phishing campaigns exploit Signal’s device-linking feature

New WinRAR version strips Windows metadata to increase privacy

New WinRAR version strips Windows metadata to increase privacy

CVE-2025-21298: A Critical Windows OLE Zero-Click Vulnerability

geekfeed0Tagged , , , , , , , , , , , ,

Explore CVE-2025-21298, a critical Windows OLE zero-click flaw enabling RCE via email. Learn its risks, impact, and how to defend against attacks. In January 2025, a critical security vulnerability identified as CVE-2025-21298 was disclosed, affecting Windows Object Linking and Embedding (OLE) technology.   This vulnerability, with a CVSS score of 9.8, allows for remote code execution (RCE) through specially crafted emails, posing significant […]

Read More
3 mins read

Chinese cyberspies use new SSH backdoor in network device hacks

geekfeed0Tagged , , , , , , , ,

A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. The newly identified attack suite has been used in attacks since mid-November 2024, attributed to the Chinese Evasive Panda, aka DaggerFly, cyber-espionage group. As per the findings of Fortinet’s Fortiguard researchers, the attack […]

Read More
3 mins read

Netgear warns users to patch critical WiFi router vulnerabilities

geekfeed0Tagged , , , , , , , ,

Netgear has fixed two critical vulnerabilities affecting multiple WiFi router models and urged customers to update their devices to the latest firmware as soon as possible. The security flaws impact multiple WiFi 6 access points (WAX206, WAX214v2, and WAX220) and Nighthawk Pro Gaming router models (XR1000, XR1000v2, XR500). Although the American computer networking company did not disclose more details […]

Read More
2 mins read

California man steals $50 million using fake investment sites, gets 7 years

geekfeed0Tagged , , , , , ,

A 59-year-old man from Irvine, California, was sentenced to 87 months in prison for his involvement in an investor fraud ring that stole $50 million between 2012 and October 2020. Allen Giltman and other fraudsters used over 150 fraudulent sites impersonating financial institutions that advertised various investment opportunities (primarily certificates of deposit with higher than […]

Read More
2 mins read

7-Zip MotW bypass exploited in zero-day attacks against Ukraine

geekfeed0Tagged , , , , , , , , , ,

A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024. According to Trend Micro researchers, the flaw was used in SmokeLoader malware campaigns targeting the Ukrainian government and private organizations in the country. The Mark of the Web […]

Read More
3 mins read

GrubHub data breach impacts customers, drivers, and merchants

geekfeed0Tagged , , , ,

Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. “Our investigation found that the intrusion originated with an account belonging to a third-party service provider that provided support services to Grubhub,” the company said on […]

Read More
2 mins read

First Apple-notarized porn app available to iPhone users in Europe

geekfeed0Tagged , , , , , , ,

The first Apple-notarized porn app, “Hot Tub,” is now available to iPhone users in Europe through the alternative app marketplace, AltStore PAL. Apple does not allow pornographic or adult content apps on the official Apple App Store. However, to comply with the EU’s Digital Markets Act (DMA), Apple is now required as a “gatekeeper” to allow […]

Read More
3 mins read

Amazon Redshift gets new default settings to prevent data breaches

geekfeed0Tagged , , , , , , ,

Amazon has announced key security enhancements for Redshift, a popular data warehousing solution, to help prevent data exposures due to misconfigurations and insecure default settings. Redshift is widely used by enterprises for business intelligence and big data analytics for data warehousing, competing with Google BigQuery, Snowflake, and Azure Synapse Analytics. It’s valued for its petabyte-scale […]

Read More
2 mins read

Google fixes Android kernel zero-day exploited in attacks

geekfeed0Tagged , , , , , , ,

The January 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability tagged as exploited in the wild. This high-severity zero-day (tracked as CVE-2024-53104) is a privilege escalation security flaw in the Android Kernel’s USB Video Class driver that allows authenticated local threat actors to elevate privileges in low-complexity attacks. The issue occurs because the driver […]

Read More
2 mins read

Canadian charged with stealing $65 million using DeFI crypto exploits

geekfeed0Tagged , , , , , , , ,

The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols. DeFI platforms are blockchain-based systems that facilitate peer-to-peer financial services, eliminating the need for conventional centralized financial intermediaries like banks or brokerages. These platforms deliver various financial services related to digital assets, enabling their […]

Read More
2 mins read