Claim OwnershipDaily Cyber Briefing
Subscribed: 0Played: 0
Subscribe
© 2026 Daily Cyber Briefing
Description
The Daily Cyber Briefing delivers concise, no-fluff updates on the latest cybersecurity threats, breaches, and regulatory changes. Each episode equips listeners with actionable insights to stay ahead of emerging risks in today’s fast-moving digital landscape.
62 Episodes
Reverse
On today's episode of Cyber Scoops & Digital Shenanigans, host Mike Housch breaks down ten stories rattling the security world this week — from a Chrome zero-day already being exploited in the wild and a Chinese espionage group quietly living inside Dell infrastructure for 18 months, to ShinyHunters going car shopping at CarGurus and Texas AG Ken Paxton picking a legal fight with TP-Link over alleged CCP ties. It's a packed house — buckle up.
Today we dive into a wave of supply chain attacks hitting everything from Notepad++ to antivirus software, nation-state hackers targeting power grids, and why 175,000 exposed AI servers might be the next big headache for security teams. Plus, the White House just threw out software security rules—what could possibly go wrong?
In this eye-opening episode, Mike Housch covers the shocking story of US cybersecurity professionals who pleaded guilty to participating in ALPHV ransomware attacks, plus critical vulnerabilities like the React2Shell exploit affecting 85,000 systems, major data breaches at Covenant Health and the European Space Agency, WhatsApp metadata leaks, and a devastating $8.5M cryptocurrency wallet supply chain attack. From insider threats to IoT botnets, this episode covers the full spectrum of cybers...
We're talking zero-days getting hammered left and right, embedded browsers that are more vintage than secure, and some serious exploitation happening in the wild.
We break down the newest frontiers of cyber defense and attack, including how Google is using a new User Alignment Critic to shield Chrome's agentic AI from prompt injection, and why a critical flaw in the Ruby SAML library demands immediate patching,. Plus, a deep dive into the sophisticated vishing campaign that weaponizes Microsoft Teams and QuickAssist to deploy fileless .NET malware,.
Host Mike Housch dives into the chaotic fallout from the maximum-severity React2Shell vulnerability, which caused a massive Cloudflare outage and rapid exploitation by threat actors. We also analyze another critical 10.0-rated flaw in Apache Tika, the surprising scale of global ransomware payouts, and the strategic shift toward phishing-resistant authentication like Passkeys.
This week, we dive deep into the sophisticated China-nexus threat WARP PANDA, which is relentlessly exploiting VMware vCenter environments with the BRICKSTORM malware, alongside urgent warnings about the actively exploited React2Shell vulnerability. We also analyze the destructive Shai-Hulud 2.0 supply chain attack that compromised thousands of repositories and review the latest defensive strategies unveiled at AWS re:Invent 2025.
We break down Google's urgent Android patches, including two actively exploited zero-days, and analyze the appearance of the new ShadowV2 IoT botnet leveraging known flaws. Plus, we look into why an AI-generated recipe card landed Google in hot water over content scraping and monetization.
Host Mike Housch dives into the latest major breaches, including 146,000 records stolen from Delta Dental of Virginia, and dissects critical zero-day exploitation confirmed by CISA. We also explore the emerging risks of Agentic AI, and hear from CISO experts aiming to retire cybers...
Today we dive into Cloudflare's massive outage caused by a database mishap and track the alarming rise of ransomware targeting Amazon S3 misconfigurations. Plus, we uncover a global espionage network hidden inside 50,000 compromised Asus routers.
Threat actors are leveraging AI to run sophisticated phishing campaigns that mimic Fortune-500 marketing departments, making identity the most vulnerable target. We also dive into critical zero-day exploits impacting FortiWeb and the Ray AI framework, and explore the necessary shift toward b...
Today, we dive into a massive internet disruption that wasn't a cyberattack, as Cloudflare confirms a service-crashing bug, and we cover the urgent need to patch the seventh Google Chrome zero-day found this year. We also dissect a pervasive WhatsApp screen-sharing scam resulting in major losses and examine why Generation Z has the worst password security habits.
Today. I dive into how decades-old tech, like the "Finger" protocol, is being weaponized in modern ClickFix attacks, alongside major zero-day exploitation news affecting FortiWeb and Logitech. We also unpack the sophisticated techniques used by threat actors like Dragon Breath to disable security tools and the concerning new ways researchers are bypassing AI guardrails.
We dive into a massive NPM registry attack where a self-replicating worm polluted the software supply chain with over 150,000 packages seeking cryptocurrency rewards. Then, we analyze how state-sponsored threat actors used Anthropic’s Claude AI to automate 90% of a targeted espionage campaign against critical global organizations.
Today we expose the 'Whisper Leak' LLM attack that infers sensitive conversation topics from encrypted metadata. Plus, we break down the start of CMMC enforcement and why supply chain risks are soaring, according to the new OWASP Top 10 list.
Australia steps up sanctions against North Korean cyber operations funding weapons programs, while the Cl0p gang continues to expose victims of the Oracle EBS hack. Plus, we break down the evolving threat landscape from sophisticated ClickFix scams targeting macOS to mobile zero-day spyware aimed at the Middle East.
We dive into how AI is complicating the threat landscape, covering an "AI Slop" ransomware test sneaked onto the VS Code marketplace and novel prompt injection hacks against ChatGPT memories. We also break down critical high-severity browser flaws in Chrome 142 and the escalating geopolitical tension around US hyperscalers and European data sovereignty.
Today we dive into alarming new reports, including how state-sponsored hackers stole firewall backups and how AI is enabling malware to mutate autonomously during execution. We also cover the costly Nevada ransomware recovery, critical Cisco patches, and the perennial problem of weak passwords.
Today, we expose a sophisticated campaign where hackers use Remote Monitoring and Management tools to hijack physical cargo, leading to billions in losses, and analyze the dangerous new trend of malware like SesameOp abusing trusted AI APIs for stealthy command-and-control operations. Plus, we cover the major patches released by both Apple and Google, including a critical Android Remote Code Execution flaw that requires zero user interaction.
Today, we dissect how a suspected Chinese APT used the new 'Airstalk' malware to compromise BPOs in targeted supply chain attacks, and why the Claude AI model was successfully tricked into exfiltrating user data. Plus, we look at the rising threat of cybercriminals exploiting legitimate RMM tools to steal physical cargo from logistics networks.
Comments
Download from Google Play
Download from App Store
United States