Best Third Party Claims Management Podcasts (2025)

1
$1 Million WhatsApp Exploit Withdrawn—Researcher Silent, Meta Calls It “Low-Risk” 20:22

Play Pause

11h ago20:22

20:22

The Pwn2Own Ireland 2025 hacking competition was set to feature one of its most anticipated moments — a $1 million zero-click remote code execution exploit against WhatsApp — but the demonstration never happened. Scheduled to be showcased by researcher Eugene of Team Z3, the exploit’s abrupt withdrawal stunned attendees and quickly became the most …

1
OpenAI Atlas Omnibox Jailbreak Exposes New AI Security Flaw 35:17

1h ago35:17

35:17

A serious vulnerability has been discovered in the OpenAI Atlas omnibox, a hybrid interface designed to handle both URLs and user prompts. Researchers at NeuralTrust revealed that attackers can disguise malicious instructions as URLs to jailbreak the omnibox, taking advantage of how Atlas interprets malformed input. Unlike traditional browsers, Atl…

1
Microsoft Rushes Emergency Fix for WSUS Remote Code Execution Flaw (CVE-2025-59287) 19:34

17h ago19:34

19:34

A critical remote code execution (RCE) flaw, tracked as CVE-2025-59287, has put thousands of enterprise networks at risk by exposing the Windows Server Update Service (WSUS) to active exploitation. The vulnerability, rooted in unsafe object deserialization, allows unauthenticated remote attackers to execute arbitrary code with System-level privileg…

1
Perplexity Comet AI Browser Launch Exploited in Coordinated Impersonation Scam 23:37

20h ago23:37

23:37

The launch of Perplexity’s Comet AI browser — a major step forward in AI-assisted browsing — was almost immediately hijacked by cybercriminals. Within weeks of its July debut, threat intelligence firm BforeAI uncovered a coordinated impersonation campaign designed to exploit public interest in the new product. The campaign involved a web of fraudul…

1
Lazarus Group Targets European UAV Firms in North Korea’s Drone Espionage Push 27:23

23h ago27:23

27:23

A new wave of cyber-espionage attacks reveals North Korea’s deepening effort to steal critical defense technologies from Europe. In a sophisticated campaign dubbed Operation Dream Job, the Lazarus Group — also known as Diamond Sleet and Hidden Cobra — has launched targeted attacks on European defense contractors and UAV (unmanned aerial vehicle) de…

1
Toys “R” Us Canada Confirms Customer Data Breach After Dark Web Leak 22:47

4d ago22:47

22:47

Toys “R” Us Canada has confirmed a customer data breach after records from its database appeared on the dark web on July 30, 2025, prompting a full-scale cybersecurity investigation and disclosure to privacy regulators. The company’s internal review, conducted in partnership with third-party experts, verified that an unauthorized party accessed and…

1
Kyocera’s Motex Lanscope Hit by Active Attacks: Critical 9.8 Exploit Enables Remote Code Execution 18:05

4d ago18:05

18:05

A dangerous zero-day vulnerability in Kyocera Communications subsidiary Motex’s Lanscope Endpoint Manager has triggered a global cybersecurity alert after being actively exploited in real-world attacks. Tracked as CVE-2025-61932, this flaw carries a CVSS severity score of 9.8, allowing remote, unauthenticated attackers to execute arbitrary code sim…

1
BIND 9 Emergency Patches: ISC Fixes High-Severity Cache Poisoning and DoS Flaws 20:19

4d ago20:19

20:19

The Internet Systems Consortium (ISC) has released a series of critical BIND 9 updates to fix multiple high-severity vulnerabilities affecting DNS resolver systems worldwide. The flaws—tracked as CVE-2025-40780, CVE-2025-40778, and CVE-2025-8677—pose serious threats ranging from cache poisoning to denial-of-service (DoS) attacks. These vulnerabilit…

1
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms 29:23

4d ago29:23

29:23

A critical new vulnerability is wreaking havoc across the global e-commerce ecosystem. Tracked as CVE-2025-54236 and dubbed SessionReaper, this flaw affects Adobe Commerce and Magento Open Source platforms, allowing attackers to bypass security features and seize control of customer accounts through the Commerce REST API. Despite Adobe releasing em…

1
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces 21:40

4d ago21:40

21:40

Cybersecurity firm SquareX has unveiled a new and alarming threat to users of AI-enabled browsers — a technique called AI Sidebar Spoofing. This sophisticated attack uses malicious browser extensions to create visually identical replicas of legitimate AI sidebars, tricking users into believing they are interacting with trusted AI assistants like Ch…

1
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft 22:53

5d ago22:53

22:53

Oregon-based Jewett-Cameron Company, a manufacturer of fencing, kennels, and specialty wood products, has confirmed that it was the victim of a double-extortion ransomware attack on October 15, 2025, in an incident that disrupted operations and exposed sensitive corporate data. The attackers infiltrated the company’s IT network, deploying encryptio…

1
Star Blizzard’s Malware Makeover: From LostKeys to MaybeRobot 32:49

5d ago32:49

32:49

The Russian state-sponsored hacking group Star Blizzard — also tracked as ColdRiver, Seaborgium, and UNC4057 — has undergone a major transformation in its operations following public exposure earlier this year. After researchers at Google detailed its LostKeys malware and PowerShell-based infection chain in June 2025, the group swiftly abandoned th…

1
Keycard Emerges from Stealth with $38M to Secure the Identity of AI Agents 19:17

5d ago19:17

19:17

San Francisco-based Keycard has officially emerged from stealth mode, announcing $38 million in funding across seed and Series A rounds to build what may become one of the most critical infrastructure layers of the AI era — identity and access management (IAM) for AI agents. Founded in 2025 by former senior executives from Snyk and Okta, Keycard is…

1
Critical TP-Link Omada Vulnerabilities Expose Networks to Remote Takeover 22:07

5d ago22:07

22:07

Security researchers are urging immediate action after TP-Link disclosed multiple critical vulnerabilities in its Omada gateway line, affecting a wide range of ER, G, and FR series devices. The flaws—now patched by TP-Link—expose organizations to remote code execution, privilege escalation, and full network compromise, making them among the most se…

1
TARmageddon: The Rust Library Flaw Exposing Supply Chains to Remote Code Execution 29:58

5d ago29:58

29:58

A critical new vulnerability known as TARmageddon (CVE-2025-62518) has sent shockwaves through the Rust developer community and the broader cybersecurity world. This high-severity desynchronization flaw, discovered in the Async-tar and Tokio-tar libraries, exposes millions of downstream applications to the risk of remote code execution and supply c…

1
Episode # 80 - Knowledge is Power 55:55

4d ago55:55

55:55

Send us a text This one’s for the adjusters who keep learning even when nobody’s paying for training anymore. Heather and Chantal talk about what real professional development looks like today — from learning policy language on your own to staying sharp as tech, AI, and consumer expectations change faster than your claim count. They dig into why mo…

1
Vidar 2.0: The C-Rewritten Stealer Poised to Dominate the Cybercrime Market 31:42

6d ago31:42

31:42

A new evolution in information-stealing malware has arrived — and it’s already drawing serious attention from researchers and defenders alike. The release of Vidar 2.0 represents a complete transformation of the long-running Vidar infostealer, which has been rewritten entirely in C and equipped with multi-threading and advanced anti-analysis mechan…

1
Dataminr Acquires ThreatConnect for $290M to Create the Next Generation of Tailored Threat Intelligence 23:01

6d ago23:01

23:01

Dataminr, the AI powerhouse known for its real-time risk and event detection platform, has announced plans to acquire ThreatConnect, a cybersecurity firm specializing in threat intelligence aggregation and response, for $290 million in cash and equity. This strategic move marks a major milestone in the ongoing consolidation of the threat intelligen…

1
Veeam Acquires Securiti AI for $1.725 Billion to Unite Data Resilience, Security, and AI 28:44

6d ago28:44

28:44

In one of the largest cybersecurity acquisitions of 2025, Veeam Software has announced plans to acquire Securiti AI for $1.725 billion in cash and stock, signaling a fundamental shift in how enterprises will secure, manage, and govern their data in the age of artificial intelligence. The deal, expected to close in the fourth quarter, will bring tog…

1
Defakto Raises $30.75 Million to Redefine Machine Identity Security 34:01

6d ago34:01

34:01

California-based cybersecurity firm Defakto has raised $30.75 million in Series B funding, led by XYZ Venture Capital, bringing its total investment to roughly $50 million. The new capital will power the company’s rapid expansion in product development and global market reach for its identity and access management (IAM) platform—one specifically de…

1
Dr. Allan Friedman Joins NetRise: The Father of SBOMs Goes Private to Fuse AI and Supply Chain Security 24:24

6d ago24:24

24:24

In a landmark move for the cybersecurity industry, Dr. Allan Friedman — often called the Father of SBOMs — has joined supply chain security firm NetRise as a strategic advisor. Friedman’s transition from his influential role at CISA marks a pivotal moment where public policy meets private innovation. His mission: to push the Software Bill of Materi…

1
Pwn2Own Automotive 2026: $3 Million Bounty Targets Tesla and EV Infrastructure Flaws 24:29

7d ago24:29

24:29

The upcoming Pwn2Own Automotive 2026 hacking contest, hosted by Trend Micro’s Zero Day Initiative (ZDI), is set to redefine the economics of automotive cybersecurity. With a record-breaking $3 million prize pool, the event provides a transparent, market-driven valuation of the most dangerous vulnerabilities facing the connected vehicle ecosystem. T…

1
China Claims NSA Breached National Time Network, Threatening Finance and Defense Stability 24:09

8d ago24:09

24:09

China’s Ministry of State Security (MSS) has publicly accused the U.S. National Security Agency (NSA) of conducting a multi-year cyber espionage campaign targeting its National Time Service Center, a critical component of China’s national infrastructure responsible for maintaining and distributing standard time. According to China, the attacks — al…

1
Cl0p Ransomware Targets Oracle E-Business Suite in Global Data Extortion Spree 17:57

8d ago17:57

17:57

A new wave of Cl0p ransomware attacks has struck organizations worldwide by exploiting vulnerabilities in Oracle’s E-Business Suite (EBS) — a mission-critical enterprise management platform used by corporations and universities across the globe. The ongoing campaign, attributed to FIN11, highlights the group’s shift toward exploiting high-value bus…

1
WhatsApp Wins Landmark Case Against NSO Group Over Spyware Attacks 24:02

8d ago24:02

24:02

After six years of intense litigation, WhatsApp has secured a decisive legal victory against the NSO Group, the controversial spyware maker accused of exploiting a zero-day vulnerability to infect more than 1,400 users with surveillance malware. On October 17, 2025, a U.S. District Court issued a permanent injunction that bars NSO from targeting Wh…

1
Google Project Zero Exposes Dolby Decoder Flaw Enabling Zero-Click Android Exploits 21:44

8d ago21:44

21:44

A newly discovered vulnerability in Dolby’s Unified Decoder has sent shockwaves through the cybersecurity world. Tracked as CVE-2025-54957, the flaw — uncovered by Google Project Zero — is a critical out-of-bounds write vulnerability that allows remote code execution (RCE) when a specially crafted audio file is decoded. The issue stems from an inte…

1
SPOTLIGHT: MD For Patients -- Meet The Founder, Dr. Mark Halsted 1:08:35

8d ago1:08:35

1:08:35

"If you or your child has a serious diagnosis, you may feel like your life has just been turned upside-down. I founded MD For Patients to provide comprehensive, honest consultations tailored to the needs of patients – and to help patients understand how best to manage their own health going forward." Dr Mark Halsted, Triple-Boarded Pediatric NeuroR…

1
AISLE Launches AI Cyber Reasoning System to Shrink Patch Times from Weeks to Minute 23:54

11d ago23:54

23:54

AISLE has entered the cybersecurity arena with an AI-native Cyber Reasoning System (CRS) built to do what most tools don’t: fix vulnerabilities—fast. While attackers increasingly use AI to weaponize new flaws in roughly five days, most organizations still average ~45 days to remediate critical issues. AISLE’s answer is an autonomous remediation pip…

1
Microsoft Blunts “Vanilla Tempest”: 200 Malicious Certificates Revoked 20:27

11d ago20:27

20:27

In early October 2025, Microsoft executed a targeted disruption against Vanilla Tempest—the threat actor also tracked as Vice Society—after uncovering a streamlined, high-impact campaign that deployed Rhysida ransomware through a cleverly staged infection chain. The operation leaned on SEO poisoning to funnel victims searching for “Microsoft Teams”…

1
The “Shotgun” Botnet: How RondoDox Hijacks Routers, Cameras, and Servers Worldwide 23:28

15d ago23:28

23:28

A new and fast-growing botnet dubbed RondoDox is shaking up the global cybersecurity landscape with its “shotgun” exploitation strategy, targeting over 50 known and unknown vulnerabilities across a vast array of internet-connected devices. First detected in mid-2025, the botnet has expanded rapidly, infecting routers, servers, cameras, and DVRs fro…

1
“Inflation Refund” Scam: How Fraudsters Are Stealing Identities Through Texts 19:01

15d ago19:01

19:01

A widespread smishing campaign is sweeping across New York, luring residents with fraudulent text messages about an “Inflation Refund” from the Department of Taxation and Finance. These deceptive messages claim that recipients are eligible for a refund and must click a link to “process” it — a ploy designed to harvest personal and financial informa…

1
Juniper Networks Patches 220 Vulnerabilities in Massive October Security Update 23:29

14d ago23:29

23:29

In one of the year’s most extensive patch cycles, Juniper Networks has released its October 2025 security advisories, addressing a staggering 220 vulnerabilities across its product suite — including Junos OS, Junos Space, Junos Space Security Director, and Junos OS Evolved. Of these, nine critical flaws in Junos Space and Security Director stood ou…

1
Linked Exploitation Campaigns Target Cisco, Fortinet, and Palo Alto Networks Devices 25:08

15d ago25:08

25:08

Cyber intelligence firm GreyNoise has uncovered what appears to be a coordinated exploitation effort targeting network edge appliances from three major security vendors: Cisco, Fortinet, and Palo Alto Networks. After analyzing overlapping IP subnets, identical TCP fingerprints, and synchronized attack patterns, GreyNoise assessed with high confiden…

1
Salesforce Refuses Ransom as Scattered LAPSUS$ Hunters Leak Millions of Records 27:29

15d ago27:29

27:29

A new wave of cyber extortion has rocked the enterprise world as the Scattered LAPSUS$ Hunters—a coalition formed from the notorious Lapsus$, Scattered Spider, and ShinyHunters groups—attempted to ransom Salesforce, claiming to have stolen data from 39 of its customers. When Salesforce refused to negotiate, the hackers retaliated by publishing the …

1
Episode #79 - Experts in Claims — When & Why to Call Them 55:31

18d ago55:31

55:31

Send us a text 🏈 Adjusters can’t do it all — sometimes you need to call in the experts. Heather and Chantal dig into the world of experts in claims. From engineers and origin-and-cause investigators to claims handling experts, we explore: When adjusters should bring in specialized help (and when not to). Why “being an expert” takes more than Google…

1
Oneleet Secures $33M Series A to Revolutionize Integrated Cybersecurity 28:08

21d ago28:08

28:08

By Daily Security Review

1
ParkMobile Data Breach Ends in $32.8M Settlement — and a $1 Payout 27:55

22d ago27:55

27:55

By Daily Security Review

1
Discord Confirms Data Breach Linked to Third-Party Support Vendor 25:58

22d ago25:58

25:58

By Daily Security Review

1
Weather Station Gateway Exploited: CISA Adds Meteobridge Bug to KEV List 23:11

22d ago23:11

23:11

By Daily Security Review

1
DrayTek Issues Critical Patch for Router RCE Flaw (CVE-2025-10547) 25:30

22d ago25:30

25:30

A serious unauthenticated remote code execution (RCE) flaw, identified as CVE-2025-10547, has been uncovered in DrayTek’s DrayOS routers. This vulnerability allows attackers to send crafted HTTP or HTTPS requests to the router’s web management interface, potentially leading to memory corruption, system crashes, or full device takeover. The flaw aff…

1
FTC vs. Sendit: Lawsuit Alleges Data Theft, Fake Messages, and Subscription Traps 27:25

27d ago27:25

27:25

The Federal Trade Commission (FTC) has filed a high-profile lawsuit against Sendit, a social media companion app popular among teenagers, and its CEO. The case accuses the company of breaking three major U.S. laws designed to protect consumers and children online. First, the FTC alleges that Sendit violated the Children’s Online Privacy Protection …

1
Broadcom Patches VMware Zero-Day: CVE-2025-41244 Exploited by China-Linked UNC5174 25:16

27d ago25:16

25:16

Broadcom has released a critical security update addressing six vulnerabilities across VMware products, including four rated high-severity. At the center of the update is CVE-2025-41244, a local privilege escalation flaw affecting VMware Tools and Aria Operations. What makes this vulnerability particularly alarming is that it was actively exploited…

1
Seven Years, £5.5 Billion, 128,000 Victims – The Case of Yadi Zhang 29:12

27d ago29:12

29:12

In a historic case that has captured global attention, UK authorities have secured a conviction against Zhimin Qian (also known as Yadi Zhang), the Chinese national at the center of one of the largest financial crime investigations of the decade. Following a seven-year probe by the Metropolitan Police, investigators uncovered an elaborate fraud and…

1
Cisco ASA/FTD Flaws Under Siege: 50,000 Devices at Risk from Active Exploits 31:52

27d ago31:52

31:52

Two newly disclosed critical vulnerabilities—CVE-2025-20333 and CVE-2025-20362—are wreaking havoc across the global cybersecurity landscape, with nearly 50,000 Cisco ASA and FTD appliances actively under threat. These flaws enable unauthenticated remote code execution and VPN access compromise, giving attackers an immediate foothold into critical i…

1
MatrixPDF: The New Phishing Toolkit That Turns Safe PDFs into Cyber Weapons 16:12

27d ago16:12

16:12

A new cybercrime toolkit called MatrixPDF is changing the phishing landscape by weaponizing one of the most trusted file formats: PDFs. Marketed on cybercrime forums as an “elite document builder” for phishing simulations and blackteaming, MatrixPDF enables attackers to transform ordinary PDFs into highly convincing phishing lures that bypass email…

1
Asahi Brewery Cyberattack Halts Domestic Operations Across Japan 27:07

28d ago27:07

27:07

Asahi Group Holdings, Ltd.—the brewer behind some of the world’s most iconic beers, including Peroni and Grolsch—has been hit by a crippling cyberattack that froze its Japan-based operations. Ordering and shipping have been suspended, customer call centers and service desks are offline, and the company has been forced into damage control. While Asa…

1
Akira Ransomware Exploits SonicWall Flaw with Record-Breaking Speed 23:58

28d ago23:58

23:58

The Akira ransomware group has once again raised the stakes in cybercrime by exploiting a critical SonicWall vulnerability—CVE-2024-40766—to infiltrate corporate networks through SSL VPN accounts, even those secured with one-time password multi-factor authentication. Once inside, Akira’s affiliates execute one of the most dangerous tactics in moder…

1
Ex-Hacktivist “Sabu” Backs SafeHill’s $2.6M Bet on Continuous Threat Management 28:04

28d ago28:04

28:04

A new cybersecurity startup with an infamous name attached is making headlines. SafeHill—formerly known as Tacticly—has secured $2.6 million in pre-seed funding to accelerate the development of its continuous threat exposure management (CTEM) platform, SecureIQ. Designed to overcome the shortcomings of traditional, point-in-time penetration testing…

1
Jaguar Land Rover Cyberattack Fallout: £1.5B UK Bailout Sparks Fears of More Attacks 27:34

28d ago27:34

27:34

Jaguar Land Rover (JLR), one of the UK’s largest exporters and a key anchor of the nation’s automotive supply chain, has been brought to the brink by a devastating cyberattack. With production lines halted, digital operations crippled, and a data breach confirmed, the UK government stepped in with a massive £1.5 billion support package to stabilize…

1
A Guide to Selling Your Medical Practice 50:44

28d ago50:44

50:44

AND, UNDERSTANDING PRIVATE EQUITY OPTIONS AND PRACTICE VALUATIONS AS YOU PREPARE TO SELL OR EXIT YOUR Practice Preparing to sell your medical practice is a complex process that requires careful planning and foresight. Starting early and conducting a thorough internal review, including financial and legal documentation, sets the foundation for a suc…