Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
…
continue reading
Protection Encryption Podcasts
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
…
continue reading
CDW Canada Tech Talks: Discussing the Latest Technology Innovations Experts from CDW and our partners tackle hot topics including generative AI, FinOps, the new cybersecurity landscape and more.
…
continue reading
1
Encrypted Ambition: Where Ambition Meets Encryption - Inside The Minds Of Disruptors.
Craig Petronella
12
90
Where raw ambition meets real execution. Encrypted Ambition explores the vision, grit, and game plans behind today’s most disruptive founders and technologists. From startup trenches to boardroom breakthroughs, the Petronella team dives into the future of business, AI, and digital resilience.
…
continue reading
Scramblex.com has released a free encryption service that will protect sensitive data from unauthorised access and the potential for identity or financial theft.
…
continue reading
Some cryptography & security people talk about security, cryptography, and whatever else is happening.
…
continue reading
Welcome to ”The Cyber Cookie,” the go-to podcast for all things related to Cyber Security and Data Protection. Produced by CommSec, a renowned name in the field of security and communication, this podcast is tailored for those looking to stay abreast of the latest trends, threats, and solutions in the ever-evolving world of cyber security.Hosted by a team of seasoned experts, ”The Cyber Cookie” breaks down complex issues into easily digestible episodes, guiding listeners through the intricat ...
…
continue reading
Podcast about Passwordless Password Management, Identity Theft Protection, Cloud Storage Encryption and Passwordless MFA. Made by https://logmeonce.com/
…
continue reading
10 Minutes could save your wallet! In Scams, Hacks, and Frauds, we delve into true crime stories involving real scams, hacks, and frauds. Each episode seeks to uncover the methods behind scams and provide listeners with essential tips to protect themselves and their loved ones from falling victim to fraud.
…
continue reading
Security Insider is your resource for information on the latest developments in data security, regulatory compliance issues, technology, and trends affecting the industry.
…
continue reading
Security News Podcast features information security specialist Ira Victor and award-winning journalist Samantha Stone in a fast-paced news program about data security, the law, and the digital underworld. Your security depends on these weekly updates, with topics spanning data confidentiality, disaster recovery, encryption, open source and more.
…
continue reading
Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities
…
continue reading
This is a podcast about innovation, game-changing, up-leveling and trailblazing business concepts and trends mostly technology focused. We discuss current events, news and provide interviews all centered on answering the crucial question, IS MY BRAND PROTECTED? Listening to this podcast is NOT to be construed as LEGAL ADVICE. Sometimes we do not discuss legal topics at all, sometimes we just chat about innovation but we are lawyers. We may help you realize that you really need to seek profes ...
…
continue reading
Featuring interviews, analysis, and discussions covering leading issues of the day related to electromagnetic spectrum operations (EMSO). Topics include current events and news worldwide, US Congress and the annual defense budget, and military news from the US and allied countries. We also bring you closer to Association of Old Crow events and provide a forum to dive deeper into policy issues impacting our community.
…
continue reading
When Russian hackers break into your business’s computers, what will they find and how much will it cost you? How long will it take you to recover? Can you recover? Here’s the sad truth: 97% of breaches could have been prevented with basic security measures; but once you’ve been hit… you can never get UnHacked! UnHacked is a weekly cybersecurity podcast for SMB business owners and leaders that helps them sort through the overwhelming security costs and recommendations, and focus on the best ...
…
continue reading
Introduction: Cryptocurrency mining can be an exciting and profitable venture, but it often comes with challenges like high initial investment, maintenance of equipment, and expensive electricity costs. Gomining has revolutionized the mining process by offering cloud mining services, which allow users to mine Bitcoin (BTC), Ethereum (ETH), and other cryptocurrencies without the need for heavy investments in mining hardware. Additionally, with Gomining Promo Code “q01MI”, you can enjoy a 10% ...
…
continue reading
In the world of stock trading, finding a platform that offers both ease of use and robust features is key to success. Dhan App is one such platform designed for individuals and traders who want to experience seamless trading, from equities to futures and options. If you're a newcomer or an experienced trader, Dhan App provides a wide range of tools to meet your needs. By using the Dhan App Referral Code "ASAR14", you can unlock a 500 Rs bonus to kickstart your trading journey. This article w ...
…
continue reading
1
Blofin Referral Code ”mNbmMf” 2025: Get $99 Bonus + 35% Cashback Instantly | Blofin Promo Code
helpwf
01
In the dynamic world of cryptocurrency trading, Blofin has emerged as one of the leading platforms for traders of all levels. Whether you’re a seasoned trader looking for advanced tools or a beginner wanting a user-friendly interface, Blofin has something to offer. If you’re looking to get the most out of your trading experience, using the Blofin Referral Code ”mNbmMf” will give you instant access to valuable rewards. By signing up with this referral code, new users can enjoy an immediate $9 ...
…
continue reading
1
Axiom Trade Invite Code: ”kickback” – Save 15% on Trading Fees and Maximize Your Profits
shaileshs
01
If you're an avid cryptocurrency trader or someone just getting started, you understand that fees can quickly eat into your profits. Fortunately, Axiom Trade offers a solution with its Axiom Trade Invite Code "kickback", which allows users to save 15% on trading fees. Whether you're making your first trade or you're a seasoned trader, using the referral code ensures that you can keep more of your profits. This article will explain how you can take advantage of this offer, why Axiom Trade is ...
…
continue reading
Introduction: Discover the Power of Poloniex for Crypto Trading The world of cryptocurrency is filled with opportunities, but it’s essential to choose the right exchange platform to maximize your profits and trading potential. Poloniex has firmly established itself as one of the most popular and reliable exchanges in the industry, offering an array of features that cater to both beginner and advanced traders. Poloniex offers a seamless trading experience, low fees, and a wide variety of digi ...
…
continue reading
The Agenda podcast explores the promises of crypto, blockchain and Web3, and how everyday people level up and improve their lives with these new technologies. It covers everything from new blockchain tech to Bitcoin mass adoption and cultural shifts in Web3. Every two weeks, Cointelegraph’s The Agenda podcast tackles a new topic by speaking with the innovators and experts building the Web3 the world actually needs. After all, crypto is for everyone, not just rocket scientists, venture capita ...
…
continue reading
Bitunix Referral Code: TOPTOP – Unlock Up to 5,500 USDT Bonus + 50% Trading Fee Discount Looking for a powerful crypto trading platform that offers real rewards? Bitunix is your gateway to smart trading in 2025. Whether you're new to crypto or already trading daily, Bitunix combines speed, security, and high-value bonuses to help you get ahead. By using the exclusive Bitunix referral code: TOPTOP, you’ll unlock up to 5,500 USDT in bonuses and receive a 50% discount on trading fees—making it ...
…
continue reading
1
Cato Networks Acquires Aim Security to Bolster AI Defense in SASE
51:24
51:24
Play later
Play later
Lists
Like
Liked
51:24
Cato Networks, a leader in Secure Access Service Edge (SASE), has made its first acquisition, purchasing Aim Security, an AI security startup founded in 2022. The acquisition, valued at an estimated $300–350 million, represents a major step in addressing the growing risks tied to generative AI adoption in enterprises. As organizations increasingly …
…
continue reading
1
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
48:00
48:00
Play later
Play later
Lists
Like
Liked
48:00
Cybersecurity startup Tidal Cyber, founded in 2022 by three former MITRE experts, has raised $10 million in Series A funding, bringing its total capital to $15 million. The funding will accelerate the company’s product innovation and expansion, advancing its mission to operationalize the MITRE ATT&CK framework and empower organizations with threat-…
…
continue reading
1
Disney Fined $10M for COPPA Violations Over Mislabeling Kids’ Content on YouTube
36:38
36:38
Play later
Play later
Lists
Like
Liked
36:38
Disney has reached a $10 million settlement with the U.S. Federal Trade Commission (FTC) after being found in violation of the Children’s Online Privacy Protection Act (COPPA). At the heart of the case is Disney’s failure to properly label child-directed content on YouTube as “Made for Kids” (MFK). Instead, many videos — including clips from Frozen…
…
continue reading
1
Google Patches 111 Android Flaws in September 2025, Including Two Zero-Days Under Attack
30:17
30:17
Play later
Play later
Lists
Like
Liked
30:17
Google has released its September 2025 Android security patches, addressing a staggering 111 unique vulnerabilities, including two actively exploited zero-day flaws that are already being used in targeted attacks. These zero-days — CVE-2025-38352, a Linux kernel race condition, and CVE-2025-48543, a flaw in the Android Runtime — allow attackers to …
…
continue reading
1
Google Warns of Sitecore Zero-Day: ViewState Deserialization Under Fire
56:06
56:06
Play later
Play later
Lists
Like
Liked
56:06
A critical zero-day vulnerability, CVE-2025-53690, is being actively exploited in the wild, targeting Sitecore Experience Manager (XM) and Experience Platform (XP) systems deployed with outdated ASP.NET machine keys. Google and Microsoft threat intelligence teams have confirmed that attackers are leveraging ViewState deserialization attacks to achi…
…
continue reading
1
SN 1041: Covering All the Bases - SHAKEN Networks, Uncontrollable AI, and Robocall Reckoning
3:03:29
3:03:29
Play later
Play later
Lists
Like
Liked
3:03:29
When even the Department of Defense can't properly vet its software dependencies, what chance do the rest of us have? Steve Gibson reveals how "fast-glob" became a case study in supply chain blindness, explores whether AI can ever truly be controlled after Meta's celebrity chatbot disaster, and celebrates BYTE Magazine's 50th anniversary with a loo…
…
continue reading
1
SN 1041: Covering All the Bases - SHAKEN Networks, Uncontrollable AI, and Robocall Reckoning
3:03:29
3:03:29
Play later
Play later
Lists
Like
Liked
3:03:29
When even the Department of Defense can't properly vet its software dependencies, what chance do the rest of us have? Steve Gibson reveals how "fast-glob" became a case study in supply chain blindness, explores whether AI can ever truly be controlled after Meta's celebrity chatbot disaster, and celebrates BYTE Magazine's 50th anniversary with a loo…
…
continue reading
1
Brokewell Malware Targets Android Users via Fake TradingView Ads on Meta
29:20
29:20
Play later
Play later
Lists
Like
Liked
29:20
A new and highly sophisticated Android malware campaign, dubbed Brokewell, has emerged as one of the most dangerous mobile threats of 2024–2025. First spotted in April 2024 disguised as fake browser updates, Brokewell has since evolved into a fully featured spyware and remote access trojan (RAT), delivered through deceptive Meta (Facebook) advertis…
…
continue reading
1
Von der Leyen and Shapps Flights Hit by Suspected Russian Electronic Warfare
34:15
34:15
Play later
Play later
Lists
Like
Liked
34:15
Aviation safety and geopolitics collided when multiple flights carrying high-ranking European and UK officials were hit by suspected Russian GPS jamming. European Commission President Ursula von der Leyen’s flight to Bulgaria experienced a severe GPS outage, forcing a manual landing. EU officials immediately pointed the finger at Moscow, calling th…
…
continue reading
1
Salesforce and Google Workspace Compromised in Largest SaaS Breach
43:38
43:38
Play later
Play later
Lists
Like
Liked
43:38
In August 2025, the largest SaaS breach of the year shook the enterprise world when a newly identified threat actor, UNC6395, orchestrated a supply-chain attack through compromised Salesloft Drift and Drift Email applications. By stealing OAuth tokens, the attackers gained unauthorized access to Salesforce and Google Workspace environments of more …
…
continue reading
1
Chained Zero-Days: WhatsApp and Apple Exploits Used in Sophisticated Spyware Attacks
26:10
26:10
Play later
Play later
Lists
Like
Liked
26:10
A pair of newly discovered zero-day vulnerabilities—CVE-2025-43300 in Apple’s ImageIO framework and CVE-2025-55177 in WhatsApp—have been confirmed as part of a sophisticated spyware campaign targeting both iPhone and Android users. Security researchers revealed that attackers chained these flaws together in seamless zero-click exploits, requiring n…
…
continue reading
1
Dhan App Referral Code "ASAR14" – Get 500 Rs Bonus
2:36
2:36
Play later
Play later
Lists
Like
Liked
2:36
Dhan App Referral Code "ASAR14" – Get 500 Rs BonusBy operationsa4
…
continue reading
In this episode, KJ Burke and Qaiser Habib, head of engineering, Canada at Snowflake, discuss the challenges and strategies for unlocking the power of data within organizations. They explore the evolution of data management, the changing role of IT teams, the importance of data quality, and the shift towards unstructured data. The conversation also…
…
continue reading
1
66. Turn Hackers Into Your Security Team - with Grant McCracken
42:42
42:42
Play later
Play later
Lists
Like
Liked
42:42
Hosts: Justin Shelley - https://www.phoenixitadvisors.com/ | Mario Zaki - https://www.mazteck.com/ | Bryan Lachapelle - https://www.b4networks.ca/ Guest: Grant McCracken - https://darkhorse.sh What if the best way to secure your business was to invite hackers to attack it? In this eye-opening episode, ethical hacker Grant McCracken reveals how bug …
…
continue reading
1
Love and Fraud: The Heartbreak of Romance Scams
9:15
9:15
Play later
Play later
Lists
Like
Liked
9:15
This week on Scams, Hacks, and Frauds, we uncover the heart-wrenching reality of romance scams, where love can lead to devastating financial loss. Join us as we share the true story of Alison Peters, a British grandmother who fell victim to a fraudulent relationship, losing a staggering £120,000 to a man she believed was her soulmate. Alison's jour…
…
continue reading
1
Miljödata Cyberattack: 80% of Swedish Municipalities Hit in Extortion Strike
52:07
52:07
Play later
Play later
Lists
Like
Liked
52:07
Sweden is reeling from one of the largest public sector cyber incidents in its history. A ransomware attack on Miljödata, an IT services provider supporting nearly 80% of Sweden’s municipalities and several regions, has left critical systems inaccessible and raised fears of a massive leak of sensitive personal data. The stolen information could inc…
…
continue reading
1
PromptLock Ransomware: How AI is Lowering the Bar for Cybercrime
44:37
44:37
Play later
Play later
Lists
Like
Liked
44:37
The cybersecurity world has entered a new era: AI-powered ransomware. Researchers recently uncovered PromptLock, a proof-of-concept malware that uses OpenAI’s gpt-oss:20b model and Lua scripting to autonomously generate malicious code, encrypt data, and exfiltrate files across Windows, Linux, and macOS. While still experimental, PromptLock demonstr…
…
continue reading
1
Hybrid AD at Risk: Storm-0501 Exploits Entra ID for Cloud-Native Ransomware
40:34
40:34
Play later
Play later
Lists
Like
Liked
40:34
The 2025 Purple Knight Report paints a stark picture of enterprise identity security: the average security assessment score for hybrid Active Directory (AD) and Entra ID environments has plummeted to just 61%—a failing grade and an 11-point decline since 2023. This troubling trend underscores the persistent challenges organizations face in protecti…
…
continue reading
1
AI-Powered Polymorphic Phishing: The New Era of Social Engineering
1:10:14
1:10:14
Play later
Play later
Lists
Like
Liked
1:10:14
Cybercrime is entering a new phase—one marked by AI-powered phishing attacks, the weaponization of legitimate remote access tools, and the rise of professionalized underground markets. Recent reports highlight the alarming growth of AI-driven polymorphic phishing, where malicious emails are automatically tailored, randomized, and adapted in real ti…
…
continue reading
1
Salesforce Breach: How OAuth Token Theft Exposed Hundreds of Organizations
40:17
40:17
Play later
Play later
Lists
Like
Liked
40:17
The recent Salesforce data breach underscores a growing reality in cybersecurity: even when core SaaS platforms are secure, their third-party integrations often aren’t. Between August 8–18, 2025, attackers from the group UNC6395 exploited compromised OAuth tokens from the Salesloft Drift AI chat integration, systematically exporting data from hundr…
…
continue reading
1
Silk Typhoon’s Fake Adobe Update: How China-Backed Hackers Target Diplomats
40:33
40:33
Play later
Play later
Lists
Like
Liked
40:33
A new and highly sophisticated cyber espionage campaign attributed to Silk Typhoon—also known as Mustang Panda, TEMP.Hex, or UNC6384—has been uncovered, targeting diplomats and government entities across Southeast Asia. Researchers from Google’s Threat Intelligence Group (GTIG) revealed that the attackers deployed Adversary-in-the-Middle (AitM) tec…
…
continue reading
1
FTC Warns Tech Giants: Don’t Weaken Encryption for Foreign Governments
37:13
37:13
Play later
Play later
Lists
Like
Liked
37:13
The fight over encryption has entered a new phase. The Federal Trade Commission (FTC), led by Chairman Andrew Ferguson, has issued a strong warning to major U.S. technology companies: resist foreign government demands to weaken encryption. At stake is nothing less than the security of millions of Americans’ private communications, financial data, a…
…
continue reading
1
Invisible Prompts: How Image Scaling Attacks Break AI Security
23:03
23:03
Play later
Play later
Lists
Like
Liked
23:03
Researchers have uncovered a new form of indirect prompt injection that leverages a simple but powerful trick: image scaling. This novel attack involves hiding malicious instructions inside high-resolution images, invisible to the human eye. When AI systems automatically downscale these images during preprocessing, the hidden prompt becomes visible…
…
continue reading
1
"And Scene!"...Using Movies and Culture to Advance Innovation
46:54
46:54
Play later
Play later
Lists
Like
Liked
46:54
Innovation is a buzzword to showcase game-changing technologies and capabilities. But how do you get the people’s attention to consider the possibilities, risks, and opportunities? How do you raise awareness to move innovative ideas from the mind to the lab and to the field, not to mention the average household? So much innovation is downstream fro…
…
continue reading
1
Healthcare Services Group Breach Exposes 624,000 Individuals’ Sensitive Data
1:04:53
1:04:53
Play later
Play later
Lists
Like
Liked
1:04:53
The healthcare sector has been rocked yet again by a massive cybersecurity incident. Healthcare Services Group (HCSG), a provider of dining and laundry services to healthcare facilities, disclosed a data breach that compromised the personal information of over 624,000 individuals. Between late September and early October 2024, hackers gained unauth…
…
continue reading
1
Auchan Data Breach: Hundreds of Thousands of Loyalty Accounts Compromised
40:09
40:09
Play later
Play later
Lists
Like
Liked
40:09
French retail giant Auchan has confirmed a massive data breach that compromised the personal details of hundreds of thousands of customers. The stolen data includes names, addresses, phone numbers, email addresses, and loyalty card numbers—though banking details, passwords, and PINs were reportedly not affected. Despite this, the breach is serious …
…
continue reading
1
SN 1040: Clickjacking "Whac-A-Mole" - Inside the Password Manager Clickjacking Frenzy and What It Means
2:51:07
2:51:07
Play later
Play later
Lists
Like
Liked
2:51:07
Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Micr…
…
continue reading
1
SN 1040: Clickjacking "Whac-A-Mole" - Inside the Password Manager Clickjacking Frenzy and What It Means
2:51:07
2:51:07
Play later
Play later
Lists
Like
Liked
2:51:07
Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Micr…
…
continue reading
1
Docker Desktop Vulnerability: Why Containers Aren’t as Safe as You Think
46:31
46:31
Play later
Play later
Lists
Like
Liked
46:31
A critical vulnerability in Docker Desktop, CVE-2025-9074, has shaken the container security world. Scoring 9.3 on the CVSS scale, this flaw exposed an unauthenticated Docker Engine API (192.168.65.7:2375) to any container running on Windows and macOS. With nothing more than a few HTTP requests—or even three lines of Python code—attackers could esc…
…
continue reading
1
Arch Linux Website, Forums, and AUR Targeted in Sustained Cyber Assault
40:04
40:04
Play later
Play later
Lists
Like
Liked
40:04
The Arch Linux community has just endured more than a week of turbulence as a massive distributed denial-of-service (DDoS) attack disrupted its most critical services, including the main website, the Arch User Repository (AUR), and community forums. Beginning in mid-August 2025, the sustained volumetric and protocol-level assault overwhelmed hostin…
…
continue reading
1
65. 80 Clients, 2,500 Computers, 100% Encrypted: A Survival Story Every CEO Needs to Hear - with Robert Cioffi
1:01:08
1:01:08
Play later
Play later
Lists
Like
Liked
1:01:08
Hosts: Justin Shelley - https://www.phoenixitadvisors.com/ | Mario Zaki - https://www.mazteck.com/ Guest: Robert Cioffi - https://www.patreon.com/CyberRISE and https://cyberrise.org/ In July 2021, Robert Cioffi's MSP business was completely destroyed in 90 minutes. 80 clients, 200 locations, 2,500 endpoints - 100% encrypted by ransomware through a …
…
continue reading
1
Data I/O Ransomware Attack: Supply Chain Cybersecurity in Crisis
37:08
37:08
Play later
Play later
Lists
Like
Liked
37:08
Cyberattacks against supply chains are no longer isolated disruptions—they are systemic threats with the power to cascade across industries and nations. The recent ransomware attack on Data I/O, a chip programming firm whose customers include global giants like Apple, Microsoft, Amazon, and Bosch, demonstrates how one breach can disrupt manufacturi…
…
continue reading
1
Axiom Trade Invite Code : (kickback) Save 15% Discount On Trading Fees | Axiom Trade Referral Code
2:36
2:36
Play later
Play later
Lists
Like
Liked
2:36
Axiom Trade Invite Code : (kickback) Save 15% Discount On Trading Fees | Axiom Trade Referral CodeBy shaileshs
…
continue reading
1
BianLian Ransomware Strikes Aspire Rural Health: 138,000 Patients Exposed
44:33
44:33
Play later
Play later
Lists
Like
Liked
44:33
The U.S. healthcare sector continues to face relentless cyberattacks, and rural hospitals are increasingly at the center of this crisis. The recent Aspire Rural Health System breach in Michigan—attributed to the BianLian ransomware group—exposed the personal and medical data of nearly 140,000 patients and staff. From Social Security numbers and fin…
…
continue reading
1
OneFlip: How a Single Bit-Flip Can Hack AI Models
49:40
49:40
Play later
Play later
Lists
Like
Liked
49:40
Artificial Intelligence (AI) models are shaping the future of industries from healthcare and finance to autonomous vehicles and national infrastructure. But with this rise comes a hidden battlefield: adversarial attacks designed to manipulate AI systems in subtle yet devastating ways. One of the most alarming threats is the OneFlip attack, a method…
…
continue reading
1
Do Encryption backdoors benefit Hackers and Scammers? Governments Vs Privacy.
10:16
10:16
Play later
Play later
Lists
Like
Liked
10:16
In this week's episode of Scams, Hacks, and Frauds, we explore the nuanced relationship between encryption backdoors and the activities of hackers and scammers. With the rise of end-to-end encryption, user privacy is at the forefront of technology discussions. However, governments are increasingly pushing for access to encrypted data, raising conce…
…
continue reading
1
Stop Using Encrypted Email with William Woodruff
1:11:07
1:11:07
Play later
Play later
Lists
Like
Liked
1:11:07
There was a bug in an OpenPGP library which finally gave us an excuse to tear encrypted email via PGP to shreds. Our special guest William Woodruff joined us to help explain the vuln and indulge our gnashing of teeth on why email was never meant to be encrypted and how other modern tools do the job much, much better. Watch on YouTube: https://www.y…
…
continue reading
1
Gomining Promo Code "q01MI" – Start Mining Today!
2:36
2:36
Play later
Play later
Lists
Like
Liked
2:36
Gomining Promo Code "q01MI"By dasmili341
…
continue reading
1
PyPI Cracks Down on Domain Expiration Attacks to Protect Python Packages
45:01
45:01
Play later
Play later
Lists
Like
Liked
45:01
The Python Package Index (PyPI), the backbone of the global Python ecosystem, has rolled out new security safeguards aimed at stopping a dangerous form of supply-chain attack: domain resurrection attacks. These attacks exploit a subtle but devastating weakness—when a maintainer’s email domain expires, attackers can re-register it, hijack the email,…
…
continue reading
1
AI Joins the Fight Against Exploits: Google and Mozilla Patch Dangerous Vulnerabilities
59:42
59:42
Play later
Play later
Lists
Like
Liked
59:42
Both Google and Mozilla have rolled out urgent security updates to patch multiple high-severity vulnerabilities in their flagship browsers—Google Chrome and Mozilla Firefox—underscoring the constant arms race between developers and cyber attackers. Google’s update addresses a critical out-of-bounds write vulnerability (CVE-2025-9132) within Chrome’…
…
continue reading
1
Britain Backs Down: UK Drops Encryption Backdoor Demand on Apple
20:29
20:29
Play later
Play later
Lists
Like
Liked
20:29
A major international clash over encryption has come to a dramatic resolution. Earlier this year, the U.K. government, acting under its controversial Investigatory Powers Act of 2016 (IPA)—better known as the “Snoopers’ Charter”—issued a secret Technical Capacity Notice to Apple, demanding that the company weaken its Advanced Data Protection (ADP) …
…
continue reading
1
PipeMagic Backdoor: How Ransomware Actors Exploited a Windows Zero-Day
54:55
54:55
Play later
Play later
Lists
Like
Liked
54:55
In early 2025, Microsoft and security researchers uncovered PipeMagic, a modular and memory-resident backdoor that has been quietly leveraged in ransomware campaigns worldwide. Disguised as a legitimate ChatGPT desktop application, this sophisticated malware granted persistent access, precise control, and stealthy communication channels to its oper…
…
continue reading
1
270,000 Intel Employee Records at Risk from Authentication Bypass and Hardcoded Credentials
36:28
36:28
Play later
Play later
Lists
Like
Liked
36:28
In late 2024, Intel faced a major cybersecurity wake-up call when security researcher Eaton Zveare uncovered a series of vulnerabilities inside the company’s internal systems—flaws that exposed employee and supplier data at unprecedented scale. These vulnerabilities, later confirmed and patched by Intel, included authentication bypasses in web appl…
…
continue reading
1
SN 1039: The Sad Case of ScriptCase - Data Brokers Dodge Deletion
2:51:58
2:51:58
Play later
Play later
Lists
Like
Liked
2:51:58
What AI website summaries mean for Internet economics. Time to urgently update Plex Servers (again). Allianz Life stolen data gets leaked. Chrome test Incognito-mode fingerprint script blocking. Chrome 140 additions coming in 2 weeks. Data brokers hide opt-out pages from search engines. Secure messaging changes in Russia. NIST rolls-out lightweight…
…
continue reading
