Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Software Patch Podcasts
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today’s interconnected world. Tune in every week to discover invaluable insights, strateg ...
…
continue reading
IT and Cybersecurity news geared towards people involved in the IT industry including vendors, VARs, MSPs, MSSPs, SOCs, NOCs, Resellers, and other industry professionals. Our topics cover industry news, partner programs, cybersecurity, AI and more.
…
continue reading
Music Technology discussions - from the inside. With regular contributions from musicians, producers, software developers, journalists and other industry people. Sonicstate.com editor Nick Batt is joined by others for the latest news and trends in technology that affects the creation and distribution of music - and a few tasty stories from the studio too. Video is streamed live every Wednesday at 4pm UK time (sonicstate.com/live).
…
continue reading
…
continue reading
Welcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own. Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering Buy me a coffee https://www.buymeacoffee.com/hnasr 🧑🏫 Courses I Te ...
…
continue reading
Endpoint Management Today is a podcast brought to you by Rhonda and James from the BigFix team. Listen in to understand how IT operations and security teams fully automate discovery, management and remediation of endpoints – whether on-premise, virtual, or cloud – regardless of operating system, location or connectivity. Hear from technical experts, customers, thought leaders and more as we bring you new episodes each month. FIND more. FIX more. DO more.
…
continue reading
The world’s most popular daily video game news podcast hosted by Greg “GameOverGreggy” Miller, Tim Gettys, and Blessing Adeoye Jr, alongside a cast of games industry veterans and guests covering the latest in PlayStation, Xbox, Nintendo and all of gaming.
…
continue reading
Hacker Public Radio is an podcast that releases shows every weekday Monday through Friday. Our shows are produced by the community (you) and can be on any topic that are of interest to hackers and hobbyists.
…
continue reading
Interviews with end users and industry experts in, IT, AV and security about commercial technologies that can help institutions from enterprise to education to healthcare and beyond.
…
continue reading
Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities
…
continue reading
Welcome to the Flexera Security Vulnerability Insight Podcast, your go-to source for all things related to cybersecurity, software vulnerabilities, and threat intelligence. In this engaging podcast series, we will dive deep into the ever-evolving world of digital security, providing you with valuable insights, expert interviews, and the latest industry trends. Hosted by Jeroen Braak and leading experts in the field, each episode explores critical topics such as: Vulnerability Management: Sta ...
…
continue reading
Master the CompTIA Server+ exam with Audio Course—your audio companion for server hardware, administration, security, and troubleshooting. Every episode simplifies exam objectives into practical insights you can apply in real-world IT environments. Produced by BareMetalCyber.com, where you’ll find more prepcasts, books, and resources to power your certification success.
…
continue reading
SAM is the leading provider of cloud-native security and intelligence services for unmanaged networks and IoTs, covering upwards of 500 million connected devices globally. With its powerful and intuitive AI technology, SAM addresses the challenges of our hyperconnected world, in which an explosion of IoT devices exposes potential attack surfaces for companies and consumers alike. SAM's device-agnostic software provides deep network visibility to not only protect against sophisticated cyber- ...
…
continue reading
The Power of Digital Policy is a podcast that teaches you and your organization how to balance the risks and opportunities that come with operating websites, social media, mobile applications, voice assistants, AI and other channels. Through a monthly focus on individual topics, such as accessibility, cookies, copyrights, social media faux pas, data breaches, and data privacy, you will learn how to develop guardrails to maximize digital opportunity and minimize risk. Whether you work for a s ...
…
continue reading
The Natural Reward podcast will focus on questions of innovation, progress and advancement in the evolution of life. We will discuss the evolution of scientific theories, how to think critically about science, and questions of progress and advancement in technology and human culture. The Natural Reward podcast will cover the philosophy and history of science, evolutionary theory, and economic theory. Music by Christian Bjoerklund.
…
continue reading

1
Episode 120 — OS and Software Problems — Login Issues and Patch Failures
10:50
10:50
Play later
Play later
Lists
Like
Liked
10:50This episode addresses troubleshooting operating system and application problems, including failed logins, service outages, and patch installation errors. We explain how authentication misconfigurations, expired credentials, or corrupted profiles can block user access, while incomplete or incompatible patches can destabilize services. We connect th…
…
continue reading

1
HoundBytes Launches WorkHorse to Eliminate SOC Tier 1 Bottlenecks
20:34
20:34
Play later
Play later
Lists
Like
Liked
20:34Cybersecurity firm HoundBytes has officially launched WorkHorse, an automated security analyst designed to solve one of the biggest pain points in modern Security Operations Centers (SOCs): the Tier 1 bottleneck. Overwhelmed by a constant flood of raw alerts, Tier 1 analysts often suffer from burnout and slow triage times, putting organizations at …
…
continue reading

1
Toronto’s Mycroft Raises $3.5M to Bring AI Security Officers to Startups
29:58
29:58
Play later
Play later
Lists
Like
Liked
29:58Toronto-based cybersecurity startup Mycroft has stepped out of stealth with a bold promise: to give startups and small-to-midsize businesses (SMBs) the kind of enterprise-grade security typically reserved for Fortune 500 companies. Acting as an AI-powered “Security and Compliance Officer,” Mycroft deploys autonomous AI agents that manage an organiz…
…
continue reading

1
EDR-Freeze, DeepMind persuasion, vendors exit ATT&CK
7:46
7:46
Play later
Play later
Lists
Like
Liked
7:46EDR-Freeze tool suspends security software DeepMind updates Frontier Safety Framework Major vendors withdraw from MITRE EDR Evaluations Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyo…
…
continue reading

1
SANS Stormcast Tuesday, September 23rd, 2025: Ivanti EPMM Exploit; GitHub Impersonation
4:49
4:49
Play later
Play later
Lists
Like
Liked
4:49CISA Reports Ivanti EPMM Exploit Sightings Two different organizations submitted backdoors to CISA, which are believed to have been installed using Ivanti vulnerabilities patched in May. https://www.cisa.gov/news-events/analysis-reports/ar25-261a Lastpass Observes Impersonation on GitHub Lastpass noted a number of companies being impersonated via f…
…
continue reading

1
FBI Issues Guidance as Fraudsters Pose as IC3 to Extort Victims
10:29
10:29
Play later
Play later
Lists
Like
Liked
10:29The FBI has issued a warning to the public about a cyber campaign impersonating the Internet Crime Complaint Center (IC3), using spoofed websites to trick victims into handing over sensitive information and money. Between December 2023 and February 2025, the agency received more than 100 reports of malicious activity tied to fake IC3 domains. Threa…
…
continue reading

1
Fraudulent GitHub Repos Spread Atomic Stealer Malware Targeting macOS Users
22:08
22:08
Play later
Play later
Lists
Like
Liked
22:08A new cyber campaign is actively targeting macOS users with the Atomic Stealer (AMOS) malware, leveraging fake GitHub repositories disguised as legitimate software downloads. Security researchers tracking the campaign report that the operators are impersonating trusted brands such as LastPass, 1Password, Dropbox, Notion, and Shopify to lure unsuspe…
…
continue reading

1
Netskope’s IPO Raises $908M: SASE Leader Surges 18% on First Trading Day
10:50
10:50
Play later
Play later
Lists
Like
Liked
10:50Netskope, a California-based cybersecurity firm specializing in secure access service edge (SASE) solutions, has officially gone public in one of the largest cybersecurity IPOs of 2025. Trading on the Nasdaq under the ticker symbol NTSK, the company raised more than $908 million by selling shares at $19 each. Investor enthusiasm was evident as the …
…
continue reading

1
Xbox Console Prices Are Going Up in the U.S. AGAIN - Kinda Funny Games Daily 09.22.25
1:02:21
1:02:21
Play later
Play later
Lists
Like
Liked
1:02:21Go to http://shadyrays.com and use code FUNNY for 35% off polarized sunglasses. Go to http://factormeals.com/kindafunny50off and use code kindafunny50off to get 50% off your first box, plus Free Breakfast for 1 Year. Xbox console prices are going up in the U.S, Silent Hill F reviews are in, and new details about the cancelled Perfect Dark. Thank yo…
…
continue reading

1
SPLX Exposes AI Exploit: Prompt Injection Tricks ChatGPT Into Solving CAPTCHAs
24:17
24:17
Play later
Play later
Lists
Like
Liked
24:17A startling new report from AI security platform SPLX reveals how attackers can bypass the built-in guardrails of AI agents like ChatGPT through a sophisticated exploit involving prompt injection and context poisoning. Traditionally, AI models are programmed to refuse solving CAPTCHAs, one of the most widely deployed tools for distinguishing humans…
…
continue reading

1
Brussels, Berlin, London Hit Hard as Cyber Disruption Sparks Flight Chaos
23:50
23:50
Play later
Play later
Lists
Like
Liked
23:50A cyberattack on Collins Aerospace, a U.S.-based provider of passenger check-in and baggage handling software, plunged major European airports into chaos over the weekend. Beginning late Friday, the disruption rippled across hubs in Brussels, Berlin, and London, crippling critical check-in systems and forcing a reversion to manual operations. Bruss…
…
continue reading

1
European airport cyberattack, SMS celltower scam, GPT4-powered ransomware
8:26
8:26
Play later
Play later
Lists
Like
Liked
8:26European airport disruption due to cyberattack check-in and baggage software SMS scammers now using mobile fake cell towers GPT-4-powered MalTerminal malware creates ransomware and Reverse Shell Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you’re drowning in chaos, you’re not alone. Endless spreadsheets, portal…
…
continue reading

1
Extinction Level Cyber Vulnerability Now Fixed
15:22
15:22
Play later
Play later
Lists
Like
Liked
15:22Cybersecurity Today: Major Vulnerabilities and Attacks Uncovered Join host David Shipley for today's cybersecurity updates on the last day of summer 2025. In this episode, we delve deep into Microsoft's critical Entra ID vulnerability, a cyber attack crippling major European airports, the rise of SpamGPT targeting phishing operations, and the alarm…
…
continue reading

1
Situational Awareness & Family Safety: Staying Alert in Today’s World with Andy Murphy
30:55
30:55
Play later
Play later
Lists
Like
Liked
30:55Join the Shared Security Podcast for a critical discussion about situational awareness with special guest, Andy Murphy, host of the Secure Family Podcast. In a world where mass shootings and violence in public places are alarming realities, staying alert to your surroundings has never been more important. Andy shares his expertise on personal and f…
…
continue reading

1
SANS Stormcast Monday, September 22nd, 2025: Odd HTTP Reuqest; GoAnywhere MFT Bug; EDR Freeze
9:02
9:02
Play later
Play later
Lists
Like
Liked
9:02Help Wanted: What are these odd requests about? An odd request is hitting a number of our honeypots with a somewhat unusual HTTP request header. Please let me know if you no what the request is about. https://isc.sans.edu/forums/diary/Help+Wanted+What+are+these+odd+reuqests+about/32302/ Forta GoAnywhere MFT Vulnerability Forta s GoAnywhere MFT prod…
…
continue reading

1
CST Replay: The Ransomware Ecosystem with Tammy Harper
1:14:24
1:14:24
Play later
Play later
Lists
Like
Liked
1:14:24Unveiling the Ransomware Ecosystem with Tammy Harper In this compelling episode, Jim is joined by Tammy Harper from Flair.io to re-air one of their most popular and insightful episodes. Dive into the intricate world of ransomware as Tammy, a seasoned threat intelligence researcher, provides an in-depth introduction to the ransomware ecosystem. Expl…
…
continue reading

1
Novakon Ignored Security Reports on ICS Weaknesses, Leaving 40,000+ Devices Exposed
22:35
22:35
Play later
Play later
Lists
Like
Liked
22:35A new security report has revealed serious, unpatched vulnerabilities in industrial control system (ICS) products manufactured by Novakon, a Taiwan-based subsidiary of iBASE Technology. Security researchers at CyberDanube identified five categories of flaws affecting Novakon’s Human-Machine Interfaces (HMIs), including an unauthenticated buffer ove…
…
continue reading

1
Week in Review: Student hackers increase, CISA wants CVE, Microsoft called hypocritical
35:56
35:56
Play later
Play later
Lists
Like
Liked
35:56Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust C…
…
continue reading

1
RevengeHotels Cybercrime Group Adopts AI and VenomRAT in Hotel Credit Card Theft Campaign
23:00
23:00
Play later
Play later
Lists
Like
Liked
23:00The cybercrime group known as RevengeHotels, also tracked as TA558, has launched a new wave of attacks against the hospitality sector, evolving its tactics with the help of Artificial Intelligence (AI) and a powerful new malware strain, VenomRAT. Active since 2015, RevengeHotels has long targeted hotels, travel agencies, and tourism businesses to s…
…
continue reading

1
ShadowLeak: Server-Side Data Theft Attack Discovered Against ChatGPT Deep Research
26:15
26:15
Play later
Play later
Lists
Like
Liked
26:15A groundbreaking new cyberattack dubbed ShadowLeak has been uncovered targeting ChatGPT’s Deep Research capability, marking a dangerous escalation in AI-related threats. Unlike prior exploits such as AgentFlayer and EchoLeak, which operated on the client side, ShadowLeak weaponized OpenAI’s own cloud infrastructure to silently exfiltrate sensitive …
…
continue reading

1
Fortnite Creators Will Be Allowed to Sell In-Game Items - Kinda Funny Games Daily 09.19.25
1:05:28
1:05:28
Play later
Play later
Lists
Like
Liked
1:05:28Go to http://shadyrays.com and use code FUNNY for 35% off polarized sunglasses. Go to http://factormeals.com/kindafunny50off and use code kindafunny50off to get 50% off your first box, plus Free Breakfast for 1 Year. Fortnite creators are gonna be able to sell things in game, Nintendo goes after video game mods, and Cyberpunk’s sequel could include…
…
continue reading

1
WatchGuard Firebox Vulnerability Could Let Hackers Take Over Networks
28:50
28:50
Play later
Play later
Lists
Like
Liked
28:50A new critical vulnerability, CVE-2025-9242, has been discovered in WatchGuard Firebox firewalls, putting thousands of networks worldwide at risk. The flaw stems from an out-of-bounds write bug in the Fireware OS’s iked process, which could allow a remote, unauthenticated attacker to execute arbitrary code. If exploited, this would grant full contr…
…
continue reading

1
How SystemBC’s 1,500 Infected VPS Servers Fuel Ransomware and Fraud
32:02
32:02
Play later
Play later
Lists
Like
Liked
32:02The SystemBC proxy botnet has quietly become one of the most persistent pillars of the cybercrime ecosystem. First detected in 2019, SystemBC is less about stealth and more about scale. It maintains an average of 1,500 compromised commercial virtual private servers (VPS) around the world, providing a powerful, high-bandwidth proxy network for cyber…
…
continue reading

1
Google patches zero-day, Copilot’s forced installation, Scattered Spider arrests
8:07
8:07
Play later
Play later
Lists
Like
Liked
8:07Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your secu…
…
continue reading
Cybersecurity Today: The Good News Edition In this episode, host Jim Love addresses a previous mistake regarding the location of Yellowknife and announces a special 'good news' edition. Key stories include Microsoft's dismantling of a global phishing-as-a-service operation Raccoon 0365, the recovery of nearly $2 million lost to a business email com…
…
continue reading

1
SANS Stormcast Friday, September 19th, 2025: Honeypot File Analysis (@sans_edu); SonicWall Breach; DeepSeek Bias; Chrome 0-day
7:14
7:14
Play later
Play later
Lists
Like
Liked
7:14Exploring Uploads in a Dshield Honeypot Environment This guest diary by one of our SANS.edu undergraduate interns shows how to analyze files uploaded to Cowrie https://isc.sans.edu/diary/Exploring%20Uploads%20in%20a%20Dshield%20Honeypot%20Environment%20%5BGuest%20Diary%5D/32296 Sonicwall Breach SonicWall MySonicWall accounts were breached via crede…
…
continue reading

1
Why Hollow Knight Silksong is So Hard, Team Cherry Explains - Kinda Funny Games Daily 09.18.25
1:12:31
1:12:31
Play later
Play later
Lists
Like
Liked
1:12:31Go to http://shadyrays.com and use code FUNNY for 35% off polarized sunglasses. Go to http://factormeals.com/kindafunny50off and use code kindafunny50off to get 50% off your first box, plus Free Breakfast for 1 Year. Hollow Knight Silksong’s difficulty explained, Tencent fires back at PlayStation over Horizon Zero Dawn, and Dying Light The Beas…
…
continue reading

1
Tiffany & Co. Data Breach Exposes Gift Card Details of 2,500+ Customers
12:33
12:33
Play later
Play later
Lists
Like
Liked
12:33Tiffany and Company, the iconic luxury jeweler under the LVMH umbrella, has confirmed a serious data breach impacting over 2,500 customers across the United States and Canada. On or around May 12, 2025, hackers infiltrated Tiffany’s internal systems, compromising sensitive customer data tied to gift cards. Exposed information includes names, email …
…
continue reading

1
Insight Partners warns thousands, Scattered Spider feigns retirement, Consumer Reports calls Microsoft 'hypocritical'
7:58
7:58
Play later
Play later
Lists
Like
Liked
7:58Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture i…
…
continue reading

1
SonicTALK 861 - Tonverk, Roland Flute, AI Synth Patching, Tiny Vinyl
1:03:20
1:03:20
Play later
Play later
Lists
Like
Liked
1:03:20Guests Rich Hilton - Nile Rodgers Studio guy, keyboards for Chic Steve Hillier - producer, songwriter, educator Robbie Puricelli Pro Synth Network SonicTALK 861 on YouTube: https://youtube.com/live/qzGf5iVJSRs For preshow and Ad free version and much more: Patreon.com/sonicstate Native Instruments Modular Icons vintage modular synth sounds from ico…
…
continue reading

1
SANS Stormcast Thursday, September 18th, 2025: DLL Hooking; Entra ID Actor Tokens; Watchguard and NVidia Patches
6:31
6:31
Play later
Play later
Lists
Like
Liked
6:31CTRL-Z DLL Hooking Attackers may use a simple reload trick to overwrite breakpoints left by analysts to reverse malicious binaries. https://isc.sans.edu/diary/CTRL-Z%20DLL%20Hooking/32294 Global Admin in every Entra ID tenant via Actor tokens As part of September s patch Tuesday, Microsoft patched CVE-2025-55241. The discoverer of the vulnerability…
…
continue reading

1
Lakera’s Gandalf Network Joins Check Point in $300M AI Security Deal
24:33
24:33
Play later
Play later
Lists
Like
Liked
24:33In a major strategic move, Check Point Software Technologies has announced the acquisition of Lakera, a Zurich and San Francisco–based AI security firm founded by former Google and Meta AI researchers. Valued at around $300 million, the acquisition will close in late 2025 and serve as the foundation for Check Point’s new Global Center of Excellence…
…
continue reading

1
Shai-Hulud Exposes Fragility of the Open-Source Software Supply Chain
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50A major supply chain attack is underway in the npm ecosystem. Dubbed Shai-Hulud, this worm-style campaign began with the compromise of the popular @ctrl/tinycolor package and has since infected at least 187 npm packages, including some published under CrowdStrike’s official account. The malware, designed to spread automatically, abuses the legitima…
…
continue reading

1
Sega's Leaks The Next Yakuza Game?! - Kinda Funny Games Daily 09.17.25
1:20:15
1:20:15
Play later
Play later
Lists
Like
Liked
1:20:15Go to http://shadyrays.com and use code FUNNY for 35% off polarized sunglasses. Go to http://factormeals.com/kindafunny50off and use code kindafunny50off to get 50% off your first box, plus Free Breakfast for 1 Year. The next Yakuza game was reportedly leaked on RGG’s website, Assassin’s Creed Black Flag Remake is adding content, and Silksong is al…
…
continue reading

1
ChatGPT Calendar Vulnerability Exposes User Emails in New AI Attack
20:27
20:27
Play later
Play later
Lists
Like
Liked
20:27A critical vulnerability has been uncovered in ChatGPT’s new calendar integration, exposing how attackers could exfiltrate sensitive user data—particularly emails—through a deceptively simple exploit. Security researchers at EdisonWatch, led by Eito Miyamura, demonstrated how a malicious calendar invitation could contain hidden instructions that Ch…
…
continue reading

1
Cybersecurity Defense Ecosystem Episode 5: AI Policy and Shadow IT Challenges
42:03
42:03
Play later
Play later
Lists
Like
Liked
42:03Send us a text Presenters: Evgeniy Kharam, Cybersecurity Architect | Evangelist | Consultant | Advisor | Podcaster | Visionary | Speaker | Nim Nadarajah, C.CISO, Cyber Security, Compliance & Transformation Expert | Executive Board Member | Keynote Speaker Julian Lee, Publisher, Community Builder, Speaker, Channel Ecosystem Developer with a focus on…
…
continue reading

1
CrowdStrike Acquires Pangea to Launch AI Detection and Response (AIDR)
22:03
22:03
Play later
Play later
Lists
Like
Liked
22:03At Fal.Con 2025, CrowdStrike announced one of its boldest moves yet: the acquisition of AI security startup Pangea. The deal signals CrowdStrike’s intent to redefine the future of cybersecurity by protecting not just endpoints and networks, but the entire AI lifecycle. Pangea, founded in 2021, is known for cutting-edge tools like AI Guard, which pr…
…
continue reading

1
RaccoonO365: $100K Phishing-as-a-Service Scheme Taken Down
27:03
27:03
Play later
Play later
Lists
Like
Liked
27:03Microsoft and Cloudflare have successfully dismantled RaccoonO365, a global phishing-as-a-service (PhaaS) operation that had been running for over a year. This criminal platform, marketed on Telegram and used by up to 200 subscribers, enabled attackers to craft realistic Microsoft 365 phishing campaigns, complete with fake login pages, email lures,…
…
continue reading

1
Cyber programs extended, older Apple devices attacked, chatbots aid phishing scams
7:16
7:16
Play later
Play later
Lists
Like
Liked
7:16House lawmakers move to extend two key cyber programs Apple 0-day likely used in spy attacks affected older devices Reuters crafts phishing scam with AI chatbot help Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one…
…
continue reading

1
Shai-Hulud Worm - A Self Propagating Supply Chain Threat
8:48
8:48
Play later
Play later
Lists
Like
Liked
8:48Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More... In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, inclu…
…
continue reading

1
SANS Stormcast Wednesday, September 17th, 2025: Phishing Resistants; More npm Attacks; ChatGPT MCP abuse
8:47
8:47
Play later
Play later
Lists
Like
Liked
8:47Why You Need Phishing-Resistant Authentication NOW. The recent compromise of a number of high-profile npmjs.com accounts has yet again shown how dangerous a simple phishing email can be. https://isc.sans.edu/diary/Why%20You%20Need%20Phishing%20Resistant%20Authentication%20NOW./32290 S1ngularity/nx Attackers Strike Again A second wave of attacks has…
…
continue reading

1
AI-Generated Phishing and Deepfakes Supercharge Social Engineering Attacks
1:01:18
1:01:18
Play later
Play later
Lists
Like
Liked
1:01:18Social engineering has reclaimed center stage as today’s most reliable intrusion vector—and it’s not just email anymore. Recent warnings from law enforcement and national cyber centers underscore how adversaries exploit human psychology to “log in, not hack in,” bypassing hardened perimeters with phishing, vishing (voice phishing) against IT help d…
…
continue reading

1
Phoenix Attack Breaks DDR5 Rowhammer Defenses: Root in 109 Seconds
41:45
41:45
Play later
Play later
Lists
Like
Liked
41:45The infamous Rowhammer vulnerability, long thought to be contained by new DRAM protections, has resurfaced with devastating force. Academic researchers, working with Google, have unveiled the Phoenix attack, a breakthrough Rowhammer variant that shatters the defenses of DDR5 memory chips. Despite the industry’s investment in Target Row Refresh (TRR…
…
continue reading