Podcast appearances and mentions of bianca garcia

Referências do EpisódioDetecting and preventing distillation attacksDeepSeek-R1: Incentivizing Reasoning Capability in LLMs via Reinforcement LearningOpenAI suddenly thinks intellectual property theft is not cool, actually, amid DeepSeek's riseAI-augmented threat actor accesses FortiGate devices at scale | Amazon Web ServicesAI-augmented threat actor accesses FortiGate devices at scaleRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioOperation Olalampo: Inside MuddyWater's Latest CampaignHow Predator spyware defeats iOS recording indicatorsMalicious OpenClaw Skills Used to Distribute Atomic MacOS StealerRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioPromptSpy ushers in the era of Android threats using GenAIMassiv: When your IPTV app terminates your savingsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioNew Clickfix variant ‘CrashFix' deploying Python Remote Access TrojanFrom BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-DayDSA-2026-079: Security Update for RecoverPoint for Virtual Machines Hardcoded Credential VulnerabilityNew Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch ReleasedFour Vulnerabilities Expose a Massive Security Blind Spot in IDE ExtensionsAI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future Of AI Driven AttacksRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioAbout the security content of iOS 26.3 and iPadOS 26.3OysterLoader Unmasked: The Multi-Stage Evasion LoaderGTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial UseAttackers Weaponize Signed RMM Tools via Zoom, Meet, & Teams LuresDataflow Rider: How Attackers can Abuse Shadow Resources in Google Cloud DataflowRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioLummaStealer Is Getting a Second Life Alongside CastleLoaderAgreeToSteal: The First Malicious Outlook Add-In Leads to 4,000 Stolen CredentialsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioMicrosoft - February 2026 Security UpdatesMicrosoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flawsMicrosoft Patch Tuesday – February 2026CVE-2025-52436 - XSS via back buttonCVE-2026-22153 - LDAP authentication bypass in Agentless VPN and FSSOCMC 932CMC 934VoidLink: um sinal do fim do gargalo humano no desenvolvimento de malware avançadoRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioUNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social EngineeringTechnical Analysis of GuLoader Obfuscation TechniquesRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioAnalysis of active exploitation of SolarWinds Web Help DeskBeyondTrust - Advisory ID: BT26-02CVE-2026-1731: Pre-Auth RCE in BeyondTrust Remote Support & PRARoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioThe Shadow Campaigns: Uncovering Global EspionageKnife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework2025 Q4 DDoS threat report: A record-setting 31.4 Tbps attack caps a year of massive DDoS assaultsPro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter OlympicsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioSilent Push Identifies More Than 10,000 Infected IPs as Part of SystemBC Botnet Malware FamilyLookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem)Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast AsiaRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioAPT28 Leverages CVE-2026-21509 in Operation NeusploitAI-assisted cloud intrusion achieves admin access in 8 minutesMetro4Shell: Exploitation of React Native's Metro Server in the WildRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioNotepad++ Hijacked by State-Sponsored HackersThe Chrysalis Backdoor: A Deep Dive into Lotus Blossom's toolkit1-Click RCE via Authentication Token Exfiltration From gatewayUrl1-Click RCE To Steal Your Moltbot Data and KeysGiving OpenClaw The Keys to Your Kingdom? Read This FirstRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioVishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data TheftGuidance from the Frontlines: Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaSGlassWorm Loader Hits Open VSX via Developer Account CompromiseClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware: Part 1DynoWiper update: Technical analysis and attributionRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioSecurity Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)Inside the Infrastructure: Who's Scanning for Ivanti Connect Secure?CVE-2025-0282 DetailDissecting UAT-8099: New persistence mechanisms and regional focusThreat Bulletin: Critical eScan Supply Chain CompromiseRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioSolarwinds - WHD 2026.1 release notesCVE-2025-40551: Another Solarwinds Web Help Desk Deserialization IssueMultiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tacticCan't stop, won't stop: TA584 innovates initial accessTwo High-Severity n8n Flaws Allow Authenticated Remote Code ExecutionRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioAdministrative FortiCloud SSO authentication bypassAnalysis of Single Sign-On Abuse on FortiOSCMC 935 - A notável escala dos ataques do PurpleBravo | FortiGate sob ataqueDiverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088HoneyMyte updates CoolClient and deploys multiple stealers in recent campaignsThreat Actors Using AWS WorkMail in Phishing CampaignsNew Architecture, New Risks: One-Click to Pwn IDIS IP CamerasRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioCVE-2026-21509 - Microsoft Office Security Feature Bypass VulnerabilityMicrosoft patches actively exploited Office zero-day vulnerabilityBypassing Windows Administrator ProtectionAPT Attacks Target Indian Government Using GOGITTER, GITSHELLPAD, and GOSHELL | Part 1PackageGate: 6 Zero-Days in JS Package Managers But NPM Won't ActRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioPeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat GroupsStanley — A $6,000 Russian Malware Toolkit with Chrome Web Store GuaranteeRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioKONNI Adopts AI to Generate PowerShell BackdoorsWatering Hole Attack Targets EmEditor Users with Information-Stealing MalwareWatering Hole Attack Targets EmEditor Users with Information-Stealing MalwareOsiris: New Ransomware, Experienced Attackers?Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root AccessMalicious VS Code AI Extensions Harvesting Code from 1.5M DevsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioPurpleBravo's Targeting of the IT Software Supply ChainNew Phishing Campaign Targeting LastPass CustomersCisco Unified Communications Products Remote Code Execution VulnerabilityArctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO AccountsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioVoidLink: Evidence That the Era of Advanced AI-Generated Malware Has BegunCyata Research: Breaking Anthropic's Official MCP ServerRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioWeaponizing Calendar Invites: How Prompt Injection Bypassed Google Gemini's ControlsGoogle Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious InvitesCreepy Crawlers: Hunting Those Who Hunt For WordPress Plugins100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Advanced Custom Fields: Extended WordPress PluginRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioFrom Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software DevelopersPDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR EvasionVoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkitsUnveiling VoidLink – A Stealthy, Cloud-Native Linux Malware FrameworkRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do Episódio/bin/live: Rafael Silva, Luiz Eduardo, Willian Caprino e Nelson Murilo - HackingRemote Code Execution via Expression InjectionCritical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of InstancesDecember 22 Advisory: Critical n8n Vulnerability Allows Remote Code Execution [CVE-2025-68613]From ClickFix to code signed: the quiet shift of MacSync Stealer malwareFrom cheats to exploits: Webrat spreading via GitHubEntrarei de férias. Volto no dia 19 de janeiro.Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioNPM Package With 56K Downloads Caught Stealing WhatsApp Messages작전명 아르테미스: HWP 기반 DLL 사이드 로딩 공격 분석Zscaler Threat Hunting Catches Evasive SideWinder APT CampaignTracing a Paper Werewolf campaign through AI-generated decoys and Excel XLLsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do Episódio​HPESBGN04985 rev.2 - Hewlett Packard Enterprise OneView Software, Remote Code Execution​CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView​Acronis TRU Alliance {Hunt.io}: Hunting DPRK threats - New Global Lazarus & Kimsuky campaigns​LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and JapanRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioSonicWall SMA1000 appliance local privilege escalation vulnerabilityCVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day ExploitedSonicWall warns of actively exploited flaw in SMA 100 AMCUAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web ManagerCISA Adds Three Known Exploited Vulnerabilities to CatalogOperation ForumTroll continues: Russian political scientists targeted using plagiarism reportsGachiLoader: Defeating Node.js Malware with API TracingRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do Episódio史上最疯：独家揭秘感染全球180万Android设备的巨型僵尸网络KimwolfInside Ink Dragon: Revealing the Relay Network and Inner Workings of a Stealthy Offensive OperationEtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2Inside GhostPoster: How a PNG Icon Infected 50,000 Firefox UsersRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioWebinar Tendências em Cyber 2026Arctic Wolf Observes Malicious SSO Logins on FortiGate Devices Following Disclosure of CVE-2025-59718 and CVE-2025-59719SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground ForumsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioWebinar Tendências em Cyber 2026Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the WildMultiple Threat Actors Exploit React2Shell (CVE-2025-55182)Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioHunting for Mythic in network trafficHamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware SuiteSHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like TacticsGogs 0-Day Exploited in the WildHow to find Gogs installations on your network - Latest Gogs vulnerability: CVE-2025-8110CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The WildConsentFix: Analysing a browser-native ClickFix-style attack that hijacks OAuth consent grantsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do Episódio *Stable Channel Update for Desktop - Wednesday, December 10, 2025 - https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html *Google fixes eighth Chrome zero-day exploited in attacks in 2025 - https://www.bleepingcomputer.com/news/security/google-fixes-eighth-chrome-zero-day-exploited-in-attacks-in-2025/ SOAPwn: Pwning .NET Framework Applications Through HTTP Client Proxies And WSDL - https://labs.watchtowr.com/soapwn-pwning-net-framework-applications-through-http-client-proxies-and-wsdl/ NANOREMOTE, cousin of FINALDRAFT - https://www.elastic.co/security-labs/nanoremote Cracking ValleyRAT: From Builder Secrets to Kernel Rootkits - https://research.checkpoint.com/2025/cracking-valleyrat-from-builder-secrets-to-kernel-rootkits/ Thousands of Exposed Secrets Found on Docker Hub, Putting Organizations at Risk - http://flare.io/learn/resources/docker-hub-secrets-exposed/  Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referencias do episodioWebinar Tendencias em Cyber 2026https://www.even3.com.br/tendencias-em-cyber-2026-661705/Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flawshttps://www.bleepingcomputer.com/news/microsoft/microsoft-december-2025-patch-tuesday-fixes-3-zero-days-57-flaws/Microsofts December 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-62221)https://www.tenable.com/blog/microsofts-december-2025-patch-tuesday-addresses-56-cves-cve-2025-62221Microsoft and Adobe Patch Tuesday, December 2025 – Security Update Reviewhttps://blog.qualys.com/vulnerabilities-threat-research/2025/12/09/microsoft-patch-tuesday-december-2025-security-update-reviewFortinet warns of critical FortiCloud SSO login auth bypass flawshttps://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-forticloud-sso-login-auth-bypass-flaws/Multiple Fortinet Products FortiCloud SSO Login Authentication Bypasshttps://www.fortiguard.com/psirt/FG-IR-25-647Security Advisory EPM December 2025 for EPM 2024https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)https://www.rapid7.com/blog/post/cve-2025-10573-ivanti-epm-unauthenticated-stored-cross-site-scripting-fixed/PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182https://www.huntress.com/blog/peerblight-linux-backdoor-exploits-react2shellEtherRAT: DPRK uses novel Ethereum implant in React2Shell attackshttps://www.sysdig.com/blog/etherrat-dprk-uses-novel-ethereum-implant-in-react2shell-attacksChina-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/CVE-2025-55182: React2Shell Critical Vulnerability — what it is and what to dohttps://www.dynatrace.com/news/blog/cve-2025-55182-react2shell-critical-vulnerability-what-it-is-and-what-to-do/Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

Referências do EpisódioWebinar Tendências em Cyber 2026The VS Code Malware That Captures Your Screen | Koi BlogGrayBravo's CastleLoader Activity Clusters Target Multiple IndustriesRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioWebinar Tendências em Cyber 2026AI-Automated Threat Hunting Brings GhostPenguin Out of the ShadowsMaximum-severity XXE vulnerability discovered in Apache TikaChina-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)CVE-2025-55182 (React2Shell) Opportunistic Exploitation In The Wild: What The GreyNoise Observation Grid Is Seeing So FarCritical React2Shell Flaw Added to CISA KEV After Confirmed Active ExploitationInside Shanya, a packer-as-a-service fueling modern attacksRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioCritical Security Vulnerability in React Server ComponentsReact2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server ComponentsCVE-2025-55182: Frequently Asked Questions About React2Shell: React Server Components Remote Code Execution VulnerabilityBRICKSTORM BackdoorActive Exploitation of 7-Zip RCE Vulnerability Shows Why Manual Patching is No Longer an OptionArray Networks Array AGシリーズにおけるコマンドインジェクションの脆弱性に関する注意喚起 Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioWebinar Tendências em Cyber 2026Sanctioned but Still Spying: Intellexa's Prolific Zero-Day Exploits ContinueIntellexa's Global Corporate WebFrench NGO Reporters Without Borders targeted by Calisto in recent campaignMalicious Rust Crate evm-units Serves Cross-Platform Payloads for Silent ExecutionRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioWebinar Tendências em Cyber 2026New eBPF Filters for Symbiote and BPFdoor MalwareTechnical Analysis of Matanbuchus 3.0Hook for Gold: Inside GoldFactory's Сampaign That Turns Apps Into GoldminesValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loadingMuddyWater: Snakes by the riverbankRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioImperioShell e PolyjuiceCookie: Backdoor e cookie stealer miram empresas no BrasilUnraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsAppDo Coyote ao Astaroth: o abuso do WhatsApp se consolida como método de infecção do cibercrime brasileiroVídeo sobre os recentes ataques via WhatsApp Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign | Koi BlogGoogle Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the WildRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioTwo Years, 17K Downloads: The NPM Malware That Tried to Gaslight Security ScannersCISA Adds One Known Exploited Vulnerability to Catalog[REPORT] Falhas de segurança em versões do ScadaBRAPT36 Python Based ELF Malware Targeting Indian Government EntitiesThor vs. Silver Fox – Uncovering and Defeating a Sophisticated ValleyRat CampaignRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioDragons in Thunder3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID LogsOpenAI data may have been exposed after a cyberattack on analytics firm MixpanelRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioShadowV2 Casts a Shadow Over IoT Devices | FortiGuard LabStop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)ASUS warns of new critical auth bypass flaw in AiCloud routersCVE-2025-59366Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioZscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group AttackFlexibleFerret malware continues to strikeRussian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting UkraineRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioShai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman CompromisedMorphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend FilesRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioSpiderLabs IDs New Banking Trojan Distributed Through WhatsApp WhatsApp compromise leads to Astaroth deploymentVídeo que fiz sobre o ataque no WhatsAppBeyond the Watering Hole: APT24's Pivot to Multi-Vector AttacksBlockchain and Node.js abused by Tsundere: an emerging botnetPlushDaemon compromises network devices for adversary-in-the-middle attacksАтаки разящей панды: APT31 сегодняSturnus: Mobile Banking Malware bypassing WhatsApp, Telegram and Signal EncryptionCISA warns Oracle Identity Manager RCE flaw is being actively exploitedRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioCVE-2025-58034 - Multiple OS command injection in API and CLICloudflare outage on November 18, 2025A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone NumbersRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do Episódio/bin/live a live da Mente Binária sobre a Red Team CommunityStable Channel Update for Desktop (CVE-2025-13223 e CVE-2025-13224)Defending the cloud: Azure neutralized a record-breaking 15 Tbps DDoS attackFrontline Intelligence: Analysis of UNC1549 TTPs, Custom Tools, and Malware Targeting the Aerospace and Defense EcosystemRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Referências do EpisódioContagious Interview Actors Now Utilize JSON Storage Services for Malware DeliveryXWiki Under Increased AttackCVE-2025-64446 - Path confusion vulnerability in GUIRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

In “Got (Raw) Milk? The Small Family Dairy Farms Behind a Big Controversy,” Gravy producer Bianca Garcia takes listeners to Milky Way Farm, the last dairy in Anderson County, South Carolina, where raw milk sales are keeping the Peeler family afloat.   Their neighbors have succumbed to the pressures that have defined a generation of farmers. Between 2003 and 2022, South Carolina—where the state beverage is a glass of cold milk—lost 75 percent of licensed dairy operations. They have found their market in a niche constituency, though the wider public might disapprove. Raw milk is a risky product, often considered a public health risk.   Raw milk is unpasteurized, meaning it hasn't been through a sanitizing kill step. Scientists worry that it can make consumers vulnerable to bacterial or viral infection, but raw milk lovers can't get enough of the creamy taste and allegedly healthful properties.   This debate is situated in what seems to be a public health emergency. Reports of bird flu infecting dairy cattle leave public health officials worried that drinking raw milk can spread disease. Under the Trump presidency, Secretary of the Department of Health and Human Services Robert F. Kennedy Jr. has vowed to increase public access to raw milk as a part of his Make America Healthy Again agenda. Raw influencers and “tradwives” promote it endlessly on social media. Through all this noise, it's easy to lose sense of the fact that this is an issue that starts on the farm.   In this episode, you will hear from L.D. Peeler, acting patriarch of Milky Way Farm, his daughter, Iris, and son, Davis. Each plays a role on their small family farm, which raises 120 Jersey cows: Davis works on the farm, L.D. manages the finances, and Iris does the public relations. They each have different, but entangled, stories to tell.   At Milky Way Farm, we are reminded that, just like any other food, raw milk starts with the land, the animals, and the people that make it possible. Guided by the community's desire for a tasty and safe product, the Peelers have shaped their business to meet this need. Thus, in the face of economic pressures of the dairy industry and cultural pressures around the product, they have risen above—like the cream beneath the lid of their bottled pints. Learn more about your ad choices. Visit megaphone.fm/adchoices