In this episode, we cover the latest cybersecurity threats and data breaches making headlines. Meta users face a phishing scam installing FileFix malware, while the Rhadamanthys stealer now uses AI to steal cryptocurrency seed phrases. Renault and Dacia UK customers are warned after a third-party data breach, and NHS Highland reports unauthorized disclosure of staff and patient information. We also highlight Android spyware disguised as Signal and ToTok updates, and Signal rolls out quantum-safe cryptography to protect users’ messages. Stay informed and stay safe.
In this episode, Edd Hall discusses the recent wave of cybersecurity events, starting with the Red Hat breach that exposed internal project data, the surge in CVEs and how insurers are reacting, and the Kodex outage caused by social engineering. He also covers the emergence of the Klopatra Android trojan, new CISA advisories and additions to the KEV catalog, along with major data breaches impacting Allianz Life and WestJet customers.
Stay up to date with today’s top cybersecurity stories. From Google’s new F‑Droid restrictions and emerging Android malware like Klopatra and MatrixPDF, to DNS-based attacks, VMware exploits, and North American data breaches exposing millions of users, we cover the latest threats and vulnerabilities affecting individuals and organizations. Tune in for a concise, journalist-style briefing on the key cyber risks you need to know today.
In this episode, Edd Hall discusses the latest wave of global cyber threats — from Chinese espionage operations using NET-STAR malware to critical vulnerabilities in Palo Alto’s GlobalProtect, Google Gemini AI, and Linux sudo. He also covers CISA’s funding shift for MS-ISAC, the major cyberattack on Asahi Group, hijackings of Microsoft SQL Servers with XiebroC2, and the Harrods data breach impacting hundreds of thousands of customers.
Today’s episode covers the latest cybersecurity news, including the Postmark MCP server code hijack, AI-generated copyright scams targeting social media, and Nimbus Manticore’s expanding cyber-espionage operations in Europe. We also discuss recent data breaches at Gaylord Specialty Healthcare and Harrods, as well as hackers spreading fake apps and weaponized Microsoft Teams installers. Stay informed on today’s top threats and learn how attackers are exploiting both individuals and organizations.
In this episode Mark and Diana discuss the latest cybersecurity developments, including the push for simplicity in SecOps, Microsoft’s warning about the XCSSET macOS malware, and GitLab’s high-severity vulnerabilities. They also cover major healthcare breaches affecting nearly 150,000 patient records, the Ascension class action lawsuit, and a UK nursery hack that exposed sensitive children’s data. Additionally, the episode highlights CISA’s emergency directive on Cisco devices, critical Cisco vulnerabilities flagged by NCSC and CISA, and Google’s alert on the Brickstorm backdoor targeting U.S. legal and tech sectors. Finally, they revisit the evolution of XCSSET malware and what these threats mean for organizations worldwide.
A wave of new cyber incidents is making headlines worldwide. From hackers abusing GitHub notifications and fake copyright takedowns to ransomware leaking children’s data, DNS-based malvertising, and multimillion-dollar corporate losses, these stories reveal the growing sophistication of today’s cybercriminals. We also cover fresh AI vulnerabilities and stealthy long-term breaches, highlighting the urgent need for stronger digital defenses.
In this episode, we discuss the latest cybersecurity incidents and vulnerabilities affecting organizations worldwide. Topics include Chinese state-backed supply chain attacks, a UK arrest linked to airport disruptions, critical flaws in Salesforce CLI and enterprise software, and GitHub’s efforts to secure the npm ecosystem. We also cover the ShadowV botnet-for-hire and recent breaches of U.S. federal agencies and casino employee data, highlighting the ongoing risks and importance of robust security measures.
This episode delivers a sharp roundup of the week’s top cybersecurity stories, including hackers weaponizing oversized SVG files to spread AsyncRAT, malware spoofing trusted tools like ChatGPT and Microsoft Office, a critical bug in Libraesva Email Security Gateway exploited by state actors, IIS server hijacking through malicious modules, new Supermicro firmware flaws that allow malicious updates, a widespread macOS infostealer campaign using fake GitHub repositories, and Microsoft’s patch for a severe Entra ID token-validation vulnerability. Stay informed on these critical threats and the urgent fixes protecting users worldwide.
Microsoft patched a major Entra ID flaw that could have allowed large-scale account impersonation, while Collins Aerospace faced a ransomware attack that disrupted European airports. The healthcare cybersecurity market is set for rapid growth as attacks intensify, and criminals are impersonating the FBI’s IC3 to steal sensitive data. Malware infections are rising on Windows, with ransomware and info-stealers leading the trend, while macOS infections decline. Steam faced two major incidents: one game diverted cancer treatment donations, and another stole $150,000 in cryptocurrency. A BBC report further highlighted how ransomware is increasingly threatening critical services like healthcare, aviation, and utilities, underscoring the urgent need for stronger defenses.
Today’s cybersecurity roundup covers a critical Nokia vulnerability, research showing how ChatGPT agents can be tricked into solving CAPTCHAs, and a new exploit called ShadowLeak targeting Gmail integrations. We also look at major data breaches impacting healthcare and luxury brands, a maximum-severity flaw in Fortra’s GoAnywhere MFT, and the rise of AI-powered phishing campaigns. Stay informed on the latest threats shaping the digital landscape.
In this episode, Edd Hall discusses Google’s urgent patch for a Chrome zero-day, a Russian disinformation network spreading fake news with AI, and a new zero-click exploit targeting ChatGPT’s Research Agent to steal Gmail secrets. He also covers the alarming rise in healthcare cyberattack losses revealed by Netwrix, CISA’s latest advisories on industrial control system vulnerabilities, and the growing financial and cyber pressures on safety-net hospitals. The episode closes with insights into a major breach affecting 850,000 Americans, highlighting the escalating risks across technology, infrastructure, and healthcare.
In today’s cybersecurity roundup, we cover 224 malicious Android apps removed from Google Play, a new BiDi Swap vulnerability, and a supply chain attack targeting npm packages. We also look at SonicWall’s cloud portal breach, the FileFix phishing campaign, Microsoft’s takedown of the RaccoonO365 phishing service, and TA558’s use of AI-generated scripts in hotel attacks. Stay informed on the latest threats shaping the digital landscape.
In this episode, Edd Hall discusses the latest cybersecurity developments, including Microsoft’s September updates breaking SMBv1 shares, the KillSec ransomware attack on a Brazilian healthcare software provider, and an insider breach at FinWise Bank affecting nearly 700,000 customers. He also explores the clash between U.S. senators and the FBI’s cyber chief over staffing issues, the risks of threat actors misusing AI code assistants, and the newly disclosed FileFix attack method. Additionally, Edd highlights CISA’s release of eight advisories for industrial control systems and the data breach impacting luxury fashion brands Gucci, Balenciaga, and Alexander McQueen.
This episode covers the latest in cybersecurity, from hackers using AI-powered phishing schemes to a new Phoenix Rowhammer attack targeting DDR5 memory. We dive into insider and financial data breaches, Microsoft’s Windows 10 end-of-support warning, and a surge of malicious WhiteCobra extensions in developer tools. Plus, we look at how AI is reshaping clinical trial site selection with major implications for data security.
In this episode, Mark and Diana discuss the latest wave of cybersecurity developments, from the emergence of HybridPetya ransomware that bypasses Secure Boot to Akira’s exploitation of a SonicWall flaw. They cover the critical Cursor editor vulnerability, CISA’s warning about active attacks on Dassault’s manufacturing software, and new patches from Cisco and Samsung. The conversation also explores Microsoft’s fresh security challenges—including political scrutiny and new Teams protections—alongside a major UK train operator breach, the appearance of a mysterious Chinese AI pentesting tool, and the growing cyber risks facing the pharmaceutical industry.
In today’s cybersecurity briefing: a critical Apple CarPlay flaw leaves vehicles exposed, Microsoft battles a major Exchange outage, and a new phishing-as-a-service platform emerges. Oracle unveils AI-powered patient tools, researchers warn of the VMScape CPU attack, and Apple alerts users to state-sponsored spyware threats. Plus, ransomware surges across the Middle East, putting banking and oil sectors under siege.
In this episode, Edd Hall discusses the latest cybersecurity developments, including Microsoft’s streaming fixes, SAP and Patch Tuesday updates, delayed hospital breach disclosures, federal cyber priorities, the rise of CyberVolk ransomware, cryptojacking campaigns targeting Docker APIs, GitLab security patches, and data breaches affecting UK police forces. He breaks down the risks, impacts, and key takeaways for organizations and individuals navigating today’s evolving threat landscape.
Today’s cybersecurity roundup covers a major npm supply chain attack, warnings from Czech authorities about Chinese espionage risks, and the indictment of a ransomware operator tied to LockerGoga, MegaCortex, and Nefilim. We also highlight a Plex data breach, a Microsoft anti-spam bug disrupting safe links, a FortiDDoS vulnerability, and a new Linux botnet combining cryptomining with DDoS attacks.
This episode covers the latest in cybersecurity, from the GPU-based “GPUGate” malware campaign and SVG image phishing kits to a major GitHub breach and hijacked npm packages with billions of downloads. We also look at new spyware enabling sextortion, phishing abuse of Amazon’s email service, and a data breach at Canadian fintech firm Wealthsimple. Stay updated on the threats shaping today’s digital landscape.