In this episode, we break down the seismic implications of Google’s proposed $32 billion acquisition of Wiz, the world’s largest cybersecurity unicorn—and why this isn’t just another tech deal. At the core is the U.S. Department of Justice's antitrust investigation, triggered by concerns that the deal could tighten Google’s grip on a critical secto…

In this critical episode, we dive into the alarming exploitation of CVE-2024-57727, a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software actively leveraged by ransomware operators since early 2025. This isn't just a theoretical risk—it's already being used to compromise utility billing providers and downstream MSP customers…

In this episode, we dissect UNK_SneakyStrike—a major account takeover campaign targeting Microsoft Entra ID users with precision and scale. Tracked by Proofpoint, this campaign began in December 2024 and has since escalated, leveraging TeamFiltration, a legitimate penetration testing tool, to enumerate users and launch password spraying attacks tha…

In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center stage with three high-severity vulnerabilities discovered in Tenable’s Nessus Agent for Windows. We break down CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633, which, when exploited, allow a n…

A major cyberattack has rocked Canada's second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this is more than just a corporate incident. It’s the latest sign of a broader, escalating crisis in aviation cybersecurity. In this episode, we examine the WestJ…

In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic of China—as a cyber weapon against U.S. critical infrastructure. Drawing from recent DHS intelligence briefings and independent cybersecurity analyse…

In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a “responsible alternative” to the NSO Group’s Pegasus, Graphite is now implicated in the surveillance of journalists, humanitarian activists, and civil society figures—contrary to the ve…

zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means for the future of supply chain security, and why investors are betting on open hardware to fix vulnerabilities baked into modern chips. We explore how geopolitical tension, forced labor en…

The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports detailing a relentless rise in cyberattacks targeting banks and financial institutions across the globe. We examine the surge in sophisticated attacks that blend legitimate to…

In this episode, we break down Trend Micro’s urgent June 10th security update that patched ten high- and critical-severity vulnerabilities—some with CVSSv3.1 scores as high as 9.8—across Apex Central and Endpoint Encryption PolicyServer (TMEE). While no active exploitation has been observed, the risks are too severe to ignore. We spotlight the most…

In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws in the wild. Recently, security researchers uncovered a trio of dangerous vulnerabilities, including CVE-2024-35286 (a SQL injection flaw), CVE-2024-41713 (an authentic…

Join us for a gripping discussion on "Operation Secure," a landmark international crackdown that reverberated through the dark corners of the cybercriminal world between January and April 2025. Led by INTERPOL and involving law enforcement from 26 countries, primarily across the Asia-Pacific region, this massive coordinated effort, bolstered by cri…

On June 5, 2025, GreyNoise flagged a massive spike in coordinated brute-force login attempts targeting Apache Tomcat Manager interfaces. Nearly 400 unique IP addresses, many traced back to DigitalOcean infrastructure, were involved in a widespread and opportunistic campaign. In this episode, we dissect the attack pattern, what makes Apache Tomcat a…

On May 12, 2025, the Texas Department of Transportation (TxDOT) disclosed a significant data breach that compromised crash reports containing personal data of over 423,000 individuals. In this episode, we take a forensic look at what went wrong, how one compromised account enabled unauthorized downloads of sensitive crash data, and what this means …

What happens when hundreds of thousands of college applications are submitted—not by hopeful students, but by bots using stolen identities? In this episode, we dive deep into the alarming rise of financial aid fraud in U.S. higher education, driven by "ghost students" and increasingly sophisticated scams powered by AI. From fraud rings applying for…

In this episode, we break down the massive supply chain attack that rocked the React Native ecosystem beginning on June 6, 2025. Over 16 NPM packages, collectively downloaded over one million times per week, were silently weaponized with a Remote Access Trojan (RAT) embedded in obfuscated code. The attack, linked to the same threat actor behind the…

In this episode, we dive into the latest wave of active Mirai botnet campaigns exploiting high-severity remote code execution (RCE) vulnerabilities in critical enterprise and IoT systems. The Mirai malware—still evolving nearly a decade after its first appearance—has adapted its tactics to weaponize recent CVEs with CVSS scores of 9.8 and 9.9, impa…

On June 5, 2025, United Natural Foods Inc. (UNFI)—North America's largest publicly traded wholesale food distributor and primary supplier for Whole Foods—was struck by a major cyberattack that forced the company to shut down key IT systems. The result: widespread delivery disruptions to over 30,000 locations across the U.S. and Canada, eerily empty…

In this episode, we dissect one of the most sophisticated ongoing cybercrime trends—malware campaigns weaponizing GitHub repositories to compromise developers, gamers, and even rival hackers. By abusing GitHub’s search functionality and reputation signals, threat actors are pushing backdoored code under the guise of popular tools, game cheats, and …

In this episode, we dive deep into ClickFix, also tracked as ClearFix or ClearFake—a highly effective and deceptive malware delivery tactic that emerged in early 2024. ClickFix exploits the human tendency to trust browser prompts by using fake error messages, CAPTCHA pages, and verification requests to convince users to execute malicious PowerShell…

Cybercrime is rapidly evolving—and so are its tactics. In this episode, we dissect the findings of SoSafe’s Cybercrime Trends 2025 report and explore the six key trends reshaping the global threat landscape, including AI as an attack surface, multichannel intrusions, and the rising exploitation of personal identities. But we don’t stop at theory. W…

In this episode, we dive deep into three actively exploited zero-day vulnerabilities discovered in Google Chrome in 2025, each of which was patched in rapid succession following targeted attacks. At the center is CVE-2025-5419, a high-severity out-of-bounds read/write flaw in the V8 JavaScript engine that allows attackers to exploit heap corruption…

Australia just made cyber history. On May 30, 2025, the nation became the first in the world to enforce mandatory ransomware payment reporting under the newly enacted Cyber Security Act 2024. In this episode, we dissect what this means for businesses, law enforcement, and the global cybersecurity landscape. We break down the key aspects of the legi…

In this episode, we dive into Trustifi’s recent $25 million Series A funding round, led by growth equity firm Camber Partners. Specializing in AI-powered email security, Trustifi has now raised a total of $29 million to accelerate its product development, go-to-market strategy, and global marketing initiatives—especially in the MSP space. We unpack…

In this episode, we dissect Google's recent and upcoming decisions to distrust several Certificate Authorities (CAs) within the Chrome Root Store, including Entrust, Chunghwa Telecom, and Netlock. These high-impact moves are rooted in Chrome's strict enforcement of compliance, transparency, and security standards for public trust. We explore the ro…

Two critical, actively exploited vulnerabilities in vBulletin forum software—CVE-2025-48827 and CVE-2025-48828—have put thousands of websites at immediate risk of full system compromise. In this episode, we dissect how these flaws, triggered by insecure usage of PHP’s Reflection API and abuse of vBulletin’s template engine, allow unauthenticated at…

In this episode, we dissect the JINX-0132 cryptojacking campaign — a real-world example of how threat actors are exploiting cloud and DevOps environments to mine cryptocurrency at scale. We unpack how cybercriminals targeted misconfigured Docker APIs, publicly exposed HashiCorp Nomad and Consul servers, and vulnerable Gitea instances — turning ente…

In this episode, we unpack two newly disclosed Linux vulnerabilities—CVE-2025-5054 and CVE-2025-4598—discovered by the Qualys Threat Research Unit (TRU). These race condition flaws impact Ubuntu’s apport and Red Hat/Fedora’s systemd-coredump, exposing a little-known but critical attack vector: core dumps from crashed SUID programs. We dive into how…

Recent phishing campaigns have entered a new phase—one where trust is weaponized. In this episode, we break down how cybercriminals are exploiting legitimate services like Google Apps Script and Google Firebase Storage to host phishing pages, evade detection, and steal credentials. Using cleverly crafted lures such as fake DocuSign notifications, i…

In this episode, we unpack the international takedown of AVCheck, one of the largest counter antivirus (CAV) services used by cybercriminals to test and fine-tune malware before deployment. Led by Dutch authorities and supported by agencies from the U.S., Germany, France, and others, this operation marks a major win in Operation Endgame—a sweeping …

ConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to a sophisticated nation-state actor and linked to CVE-2025-3935, a critical ViewState code injection vulnerability that could allow Remote Code Execution (RCE). In this ep…

In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went wrong, we review reports from across the web detailing how the update wreaked havoc for Windows users running NVIDIA graphics cards—particularly those with multi-monitor setups using mixed refresh rat…

In this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in enterprise AI: how to stop employees from leaking sensitive data through ungoverned use of Generative AI tools. Unbound’s AI Gateway aims to be the missing link between rapid AI adoption and responsible usa…

Microsoft is taking direct aim at one of the biggest pain points in the Windows ecosystem: update fragmentation. In this episode, we dive deep into the details of Microsoft’s newly announced Windows-native update orchestration platform, currently in private preview. We explore how this unified infrastructure aims to centralize updates for all apps,…

Linux systems are under siege—particularly in the world of IoT and internet-exposed servers. In this episode, we dissect PumaBot, a new GoLang-based botnet that's turning Linux IoT devices into cryptomining workhorses. We’ll break down how attackers brute-force SSH credentials, install malware disguised as legitimate services, and use systemd for s…

On December 25, 2024, while most businesses were offline, a serious data breach struck LexisNexis Risk Solutions—exposing the personal data of over 360,000 individuals. The twist? The attack vector wasn’t a direct hack, but an indirect compromise through a third-party GitHub repository. Even more concerning, the breach went undetected until April 1…

On this episode, we dissect the ransomware attack that brought MathWorks—a cornerstone software provider for engineers, scientists, and educators—to a grinding halt. The attack, which began on May 18, 2025, and was officially confirmed on May 26, crippled a wide range of customer-facing and internal systems, from MATLAB Online and ThingSpeak to lic…

The cybersecurity market is booming, projected to triple in size from $215 billion in 2025 to $697 billion by 2035. This explosive growth is being fueled by rising cyber threats, the digital transformation of global businesses, and an urgent need for advanced security operations. One of the clearest signals of this momentum? Zscaler’s acquisition o…

In this episode, we unpack a critical supply chain breach that’s rattled the cybersecurity world: the exploitation of multiple zero-day vulnerabilities in SimpleHelp Remote Support Software — most notably CVE-2024-57726, a privilege escalation flaw scored 9.9 by the NVD. Threat actors linked to the DragonForce ransomware operation and the Scattered…

This episode dives deep into Operation RapTor, one of the largest international crackdowns on dark web crime to date. We analyze how coordinated law enforcement actions across ten countries led to the arrest of 270 individuals, the seizure of $200 million in currency and digital assets, and the dismantling of major darknet marketplaces including In…

In this episode, we take a deep dive into the recent Marlboro-Chesterfield Pathology (MCP) ransomware attack—one of the most significant healthcare breaches of 2025. On January 16th, MCP detected unauthorized activity on its internal systems. Just days later, the SAFEPAY ransomware group claimed responsibility, posting stolen data—over 30GB of sens…

In this episode, we dive deep into the underground cybercrime ecosystem powering the surge of modern infostealers—Stealc, Vidar, and LummaC2. These malware strains aren't just code—they're full-service products sold as Malware-as-a-Service (MaaS), giving even low-skilled attackers access to powerful data theft tools. We break down how these stealer…

In this episode, we dive deep into the growing tension between AI innovation and data privacy through the lens of a major controversy: Microsoft’s Windows 11 Recall feature. Designed to screenshot nearly everything a user does every few seconds, Recall creates a searchable visual archive of on-screen activity. But while Microsoft claims it enhances…

In this episode, we break down the resurgence of the Bumblebee malware loader and its latest distribution method: blackhat SEO campaigns and trojanized software installers. By mimicking legitimate download pages through typosquatted domains and poisoning Bing search results, attackers are tricking IT professionals into unknowingly infecting their o…

In this episode, we dive into the evolving tactics of the Silent Ransom Group (SRG)—also known as Luna Moth—a cybercriminal outfit that has shifted from traditional phishing to a new, more deceptive strategy: impersonating IT support over the phone. Their latest victims? U.S. law firms, targeted for the sensitive data they hold and the large financ…

A growing cyber threat is targeting macOS users who rely on Ledger cold wallets to secure their cryptocurrency. In this episode, we dissect the anti-Ledger malware campaign—an increasingly sophisticated phishing operation that impersonates the trusted Ledger Live application to trick users into revealing their 24-word recovery phrases. Once entered…

In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ransomware ecosystem. Between May 19–22, authorities executed a sweeping takedown of 300 servers, neutralized 650 domains, and seized €3.5 million in cryptocurrency, adding to a total of €…

In this episode, we dive into the alarming surge of infostealer malware campaigns leveraging social media platforms, particularly TikTok, as their distribution vector. Threat actors are exploiting trending content—especially around AI tools like Sora, ChatGPT, and Google Gemini AI, and popular software like CapCut and MidJourney—to bait unsuspectin…

In this episode, we dive into the ransomware attack that struck Kettering Health, a major healthcare provider, and the evolving tactics of the Interlock ransomware group behind it. Interlock, active since late 2024, has adopted advanced techniques including double extortion, credential theft, and PowerShell-based backdoors to compromise healthcare …

As digital deception evolves, so must our defenses. In this episode, we dive deep into the escalating battle for trust in our increasingly connected world. From nation-state-level authentication models to real-time behavioral biometrics on your mobile device, the tools to verify identity are becoming more sophisticated—and more essential—than ever.…