Security This Week

Carl, Duane, and Patrick recorded this week's episode in front of a live audience at CyberSecurity Intersection, a cyber conference held at Universal Studio in Orlando, FL the week of October 5.

Japan's beer giant Asahi Group cannot resume production after cyberattack

U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area

New attack on ChatGPT research agent pilfers secrets from Gmail inboxes

Hackers left empty-handed after massive NPM supply-chain attack

Salt Typhoon pwned 'nearly every American'

Someone Created the First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model

Security researcher driven by free nuggets unearths McDonald's security flaw — changing 'login' to 'register' in URL prompted site to issue plain text password for a new account

BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data

Federal court filing system hit in sweeping hack

Minnesota National Guard activated, state of emergency declared after cyberattack against St. Paul

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Russian alcohol retailer WineLab closes stores after ransomware attack

Call of Duty: WW2 pulled from PC following reports of remote code exploit trolling players with 'Notepad pop-ups, PC shutdowns' and desktop wallpaper of a lawyer

Quantum tech is coming — and with it a risk of cyber doomsday

Russian hackers bypass Gmail MFA using stolen app passwords.

https://www.malwarebytes.com/blog/news/2025/06/google-bug-allowed-phone-number-of-almost-any-user-to-be-discovered

BADBOX 2.0 Android malware infects millions of consumer devices

Meta found 'covertly tracking' Android users through Instagram and Facebook

Signal says no to Windows 11's Recall screenshots

Chinese ‘kill switches' found hidden in US solar farms

You can now submit your claims for Apple's $95 million Siri spying settlement

Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks

Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices

Funding Expires for Key Cyber Vulnerability Database

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Protect Yourself from Identity Theft and Fraud

National Security Officials Were Warned in February That Signal Was Vulnerable to Attack

Millions Of RSA Keys Expose Serious Flaws That Can Be Exploited

Undocumented commands found in Bluetooth chip used by a billion devices

Malicious Chrome extensions can spoof password managers in new attack

Microsoft deploys new state of matter in its first quantum computing chip

DOGE's .gov site lampooned as coders quickly realize it can be edited by anyone

UK orders Apple to open up users' encrypted cloud data, report says

DeepSeek exposed internal database containing chat histories and sensitive data

Millions of Accounts Vulnerable due to Google's OAuth Flaw

Hackers have devised a simple text scam to bypass Apple's iPhone protections

Volkswagen leak exposed location data for 800,000 electric cars

Urgent New Gmail Security Warning For Billions As Attacks Continue

The numbers are almost incomprehensible!

Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States

FBI Warns iPhone And Android Users—Stop Sending Texts

Fortinet VPN design flaw hides successful brute-force attacks

Ruthless sextortion scammers now threatening to show up at your house

Schneider Electric ransomware crew demands $125k paid in baguettes

Hacked U.S. robot vacuums are yelling racial slurs and chasing pets!