11 Jul, 2026

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution.  Available on GitHub and also as an npm package, the tool works by hooking into the user’s shell (zsh, bash, fish, PowerShell) and inspecting every command the user pastes for execution. The idea […]

3 mins read

The biggest cyber security and cyberattack stories of 2025

2025 was a big year for cyber security, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents. Some stories, though, were more impactful or popular with our readers than others. Below are fifteen of what GeekFeed believes are the most impactful cyber security topics of […]

19 mins read

Microsoft Teams to let admins block external users via Defender portal

Microsoft announced that security administrators will soon be able to block external users from sending messages, calls, or meeting invitations to members of their organization via Teams. The new feature will start rolling out in early January, integrating Microsoft Teams with Defender for Office 365, and enabling admins to manage blocked external contacts through the […]

2 mins read

Microsoft Teams strengthens messaging security by default in January

Microsoft announced that Teams will automatically enable messaging safety features by default to strengthen defenses against content tagged as malicious. The change will roll out starting January 12, 2026, to tenants still using the default configuration and who haven’t previously modified messaging safety settings. “We’re improving messaging security in Microsoft Teams by enabling key safety […]

2 mins read

Docker Hardened Images now open source and available for free

More than a 1,000 Docker Hardened Images (DHI) are now freely available and open source for software builders, under the Apache 2.0 license. Docker is a popular platform that enables developers to build, test, and deploy applications quickly inside container images that include the required dependencies, allowing for predictable and repeatable results across various systems and environments. DHIs, launched in May […]

2 mins read

Microsoft Teams to warn of suspicious traffic with external domains

Microsoft is working on a new Teams security feature that will analyze suspicious traffic with external domains to help IT administrators tackle potential security threats. As explained in a Microsoft 365 roadmap update this week, the “External Domains Anomalies Report” will help admins protect their organizations without disrupting legitimate business communications. The new tool will do […]

1 min read

Tor switches to new Counter Galois Onion relay encryption algorithm

Tor has announced improved encryption and security for the circuit traffic by replacing the old tor1 relay encryption algorithm with a new design called Counter Galois Onion (CGO). One reason behind this decision is to make the network more resilient against modern traffic-interception attacks that could compromise data security and undermine Tor user anonymity. The Tor network is […]

3 mins read

WordPress security plugin exposes private data to site subscribers

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposing private information. The plugin provides malware scanning and protection against brute-force attacks, exploitation of known plugin flaws, and against database injection attempts. Identified as CVE-2025-11705, the […]

2 mins read

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named ‘PhantomRaven’ is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials. The activity started in August and deployed 126 npm packages that counted more than 86,000 downloads. The Node Package Manager (NPM) is the default package manager for Node.js, used by JavaScript developers […]

2 mins read

Docker makes Hardened Images Catalog affordable for small businesses

The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs. Starting today, container images that have been verified to be free of known vulnerabilities (near-zero CVEs), are available to all users through a subscription and a 30-day free […]

2 mins read