Join cybersecurity experts Ben and Chloe as they break down the latest cyber threats, data breaches, and security vulnerabilities affecting organizations worldwide. This week's episode dives deep into the most critical security incidents and emerging threats that every technology professional needs to know about.

Major Data Breaches and Attacks

This episode covers several high-profile security incidents that made headlines this week. The hosts discuss the OpenAI data breach involving third-party analytics provider Mixpanel, which exposed API client metadata but fortunately left sensitive credentials untouched. They also examine the devastating Cl0p ransomware attack on Dartmouth College and other prestigious institutions including Harvard University, where attackers exploited Oracle zero-day vulnerabilities to steal personal information, Social Security numbers, and financial data.

Perhaps most concerning is the cyberattack on Crisis24's OnSolve CodeRED emergency alert platform, which manages critical public safety notifications for state and local governments across the United States. The INC Ransomware gang compromised this essential infrastructure, stealing user data including plaintext passwords and creating potential national security risks.

Emerging Vulnerabilities and Botnet Activity

Ben and Chloe explore the latest variant of the notorious Mirai botnet called ShadowV2, which is actively exploiting known vulnerabilities in IoT devices including routers, network-attached storage systems, and DVRs to build massive botnets for distributed denial-of-service attacks.

The episode also highlights a shocking discovery involving over 17,000 exposed credentials found across 5.6 million public GitLab repositories. These credentials include active API keys for major platforms like Google Cloud, MongoDB, Telegram, and OpenAI, with some dating back to 2009.

Advanced Threat Campaigns

The hosts provide detailed analysis of sophisticated attack campaigns including Shai-Hulud 2.0, a massive npm supply chain compromise that infected over 600 packages and 25,000 GitHub repositories. They also discuss GhostAd, an Android adware campaign involving at least 15 Google Play applications with millions of installations that secretly drain device resources and exfiltrate sensitive files.

Future Cyber Risks and Predictions

Looking ahead to 2026, Ben and Chloe examine emerging cybersecurity challenges including the convergence of artificial intelligence, quantum computing, and Web 4.0 technologies. They discuss the chilling concept of quantum harvest-now decrypt-later attacks, where threat actors are stealing encrypted data today with the expectation that future quantum computers will be able to break current encryption standards.

The episode concludes with an exploration of HashJack, a novel indirect prompt injection technique that manipulates AI browser assistants by embedding malicious instructions in URL fragments and other elements, potentially leading to data theft and credential compromise.

Why Listen

This podcast delivers actionable cybersecurity intelligence in an accessible format, making complex technical threats understandable for IT professionals, security teams, and technology leaders. Ben and Chloe's engaging discussion style transforms dry security reports into compelling conversations that keep listeners informed about the rapidly evolving threat landscape.

Whether you're a cybersecurity professional, IT administrator, or simply someone who wants to stay informed about digital security, this podcast provides the critical intelligence you need to protect yourself and your organization from emerging cyber threats.