Podcasts about Malware

Drone strikes hit a key chip supply chain. China-linked hackers target Southeast Asian militaries. Attackers race ahead with AI. ShinyHunters claim a massive Telus breach. Microsoft issues a hotpatch. Malware turns up on Steam. Fileless attacks grow. Airline miles become cybercrime currency. Monday business breakdown. Tim Starks from CyberScoop unpacks the Stryker attack and the nebulous nature of Iranian cyber activity. AI playmates puzzle preschoolers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Tim Starks from CyberScoop discussing how the Stryker attack highlights the nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict. You can read more in Tim's article here.  Selected Reading Drone strikes halt a third of the world's helium supply, threatening chip production (TechSpot) China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation (SecurityWeek) Attackers are exploiting AI faster than defenders can keep up, new report warns (CyberScoop) Telus Digital confirms breach after hacker claims 1 petabyte data theft (Bleeping Computer) Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw (Bleeping Computer) The FBI is investigating malware hidden inside games hosted on Steam (TechCrunch) New XWorm 7.1 and Remcos RAT Attacks Abuse Windows Tools to Evade Detection (Hackread) Airline miles become underground currency in loyalty fraud schemes | brief (SC Media) Kevin Mandia-founded Armadin launches with $190 million. (N2K Pro Business Briefing) AI toys for young children need tighter rules, researchers warn (BBC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Aduana de Manzanillo operará 24/7 Senado analiza iniciativa para mejorar condiciones de jornalerosOTAN activa cazas por drones en RumaníaMás información en nuestro podcast

Dmytro Bilkun, Lead Product Marketing Manager for MacPaw, does a re-do of a lost interview from CES, explaining Moonlock, a new Mac security tool designed to simplify cybersecurity. The discussion covers its antivirus capabilities, deeper malware detection than CleanMyMac's built-in protection, quarantine features, network traffic blocking by region, real-time monitoring, and security recommendations. Dmytro and Chuck also discuss usability, performance considerations, evolving cyber threats, and the subscription pricing model.  This edition of MacVoices is sponsored by Squarespace. Go to Squarespace.com/macvoices and click "enter an offer code" under the pricing and put in the code "macvoices" to receive a 10% discount. Squarespace: Everything you need to create an exceptional website. Show Notes: Chapters: 00:00 Moonlock and the return of the lost CES interview01:50 What Moonlock is and MacPaw's cybersecurity mission03:26 Unified design with the CleanMyMac ecosystem05:20 Security recommendations and system protection module07:09 Security Advisor and user education08:22 Network Inspector and blocking risky connections10:15 Malware scanning architecture and deeper detection12:31 Interface overview and user guidance features14:41 Blocking regional network connections explained17:25 Tracking blocked connections and network monitoring19:02 Quarantine handling of suspicious files20:56 Real-time monitoring and scanning options25:24 Quiet protection vs intrusive antivirus alerts26:19 Performance impact and optimization29:34 Malware database updates and threat research31:22 The cybersecurity arms race and evolving threats33:41 Pricing and subscription model36:38 Educating users about online threats37:21 Final thoughts and where to learn more Links: Moonlock by MacPaw Guests: Dmytro Bilkun, Lead Product Marketing Manager for MacPaw. Support:      Become a MacVoices Patron on Patreon     http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:     http://macvoices.com      Twitter:     http://www.twitter.com/chuckjoiner     http://www.twitter.com/macvoices      Mastodon:     https://mastodon.cloud/@chuckjoiner      Facebook:     http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:     http://www.facebook.com/macvoices/      MacVoices Group on Facebook:     http://www.facebook.com/groups/macvoice      LinkedIn:     https://www.linkedin.com/in/chuckjoiner/      Instagram:     https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes     Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

Dmytro Bilkun, Lead Product Marketing Manager for MacPaw, does a re-do of a lost interview from CES, explaining Moonlock, a new Mac security tool designed to simplify cybersecurity. The discussion covers its antivirus capabilities, deeper malware detection than CleanMyMac's built-in protection, quarantine features, network traffic blocking by region, real-time monitoring, and security recommendations. Dmytro and Chuck also discuss usability, performance considerations, evolving cyber threats, and the subscription pricing model.  This edition of MacVoices is sponsored by Squarespace. Go to Squarespace.com/macvoices and click "enter an offer code" under the pricing and put in the code "macvoices" to receive a 10% discount. Squarespace: Everything you need to create an exceptional website. Show Notes: Chapters: 00:00 Moonlock and the return of the lost CES interview 01:50 What Moonlock is and MacPaw's cybersecurity mission 03:26 Unified design with the CleanMyMac ecosystem 05:20 Security recommendations and system protection module 07:09 Security Advisor and user education 08:22 Network Inspector and blocking risky connections 10:15 Malware scanning architecture and deeper detection 12:31 Interface overview and user guidance features 14:41 Blocking regional network connections explained 17:25 Tracking blocked connections and network monitoring 19:02 Quarantine handling of suspicious files 20:56 Real-time monitoring and scanning options 25:24 Quiet protection vs intrusive antivirus alerts 26:19 Performance impact and optimization 29:34 Malware database updates and threat research 31:22 The cybersecurity arms race and evolving threats 33:41 Pricing and subscription model 36:38 Educating users about online threats 37:21 Final thoughts and where to learn more Links: Moonlock by MacPaw Guests: Dmytro Bilkun, Lead Product Marketing Manager for MacPaw. Support:      Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:      http://macvoices.com      Twitter:      http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices      Mastodon:      https://mastodon.cloud/@chuckjoiner      Facebook:      http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:      http://www.facebook.com/macvoices/      MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice      LinkedIn:      https://www.linkedin.com/in/chuckjoiner/      Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

(Presented by TLPBLACK: High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows.) Matthias Frielingsdorf (co-founder and VP of Research at iVerify) joins the show to discuss the mysterious US government connection to 'Coruna', an iOS exploit kit fitted with 23 exploits across five full chains targeting iPhones iOS 13 through 17.2.1. We talk about a "gut feeling" connecting this to the L3 Trenchant/Peter Williams exploit sale scandal, how a nation-state-grade exploit kit ended up in the hands of a Chinese cybercrime group chasing crypto wallets, and what it means that criminal organizations are now deploying iPhone zero-days at scale. Matthias walks through what iVerify can and can't do on Apple's locked-down platform, why he thinks Apple needs to give defenders more access, the Lockdown Mode debate, the thorny issue of sample sharing in the research community, and practical advice for everyday iPhone users facing a threat landscape that just got a lot more complicated.

AI is reshaping both sides of the cybersecurity battlefield — and fast. In this episode, we break down five stories that prove it: the first Chrome zero-day of 2026 (CVE-2026-2441), a near-perfect CVSS 9.9 in Microsoft's Semantic Kernel SDK (CVE-2026-26030), a supply chain attack on AI coding assistant Cline that silently installed autonomous agents on thousands of developer machines, the first-ever Android malware using Google's Gemini AI at runtime (PromptSpy), and a Russian-speaking threat actor who used commercial AI tools to breach over 600 FortiGate firewalls across 55 countries in just five weeks. Whether you're a developer, security professional, or just someone who uses a browser — this one's worth your time.

A suspected U.S. exploit kit shows up in global iOS attacks. Facebook goes down briefly worldwide. A critical help-desk flaw enables remote code execution. Juniper PTX routers face a major bug. LastPass warns of phishing. Telegram becomes a cybercrime marketplace. Healthcare groups fight relaxed IT rules. A stolen Gemini API key runs up massive bills. CISA's CIO departs. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. The problem of posthumous profiles.  CyberWire Guest Today on our Industry Voices segment we are joined by Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. If you want to hear the full conversation, listen to it here. Selected Reading Possible U.S.-developed exploits linked to first known ‘mass' iOS attack (CyberScoop) Facebook accounts unavailable in worldwide outage (Bleeping Computer) Critical FreeScout Vulnerability Leads to Full Server Compromise (SecurityWeek) Juniper PTX Routers at Risk, Critical Takeover Flaw Disclosed (BankInfo Security) LastPass Warns of New Phishing Campaign (SecurityWeek) Telegram Increasingly Used to Sell Access, Malware and Stolen Logs Hackread) Groups Push Back on HHS' Proposed Health IT Rollbacks (BankInfo Security) Dev stunned by $82K Gemini API key bill after theft (The Register) CISA CIO Robert Costello exits agency (CyberScoop) Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows (Infosecurity Magazine) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Support the show

Sylvester ist im Urlaub, daher springt kurzerhand Jan Mahn von der c't ein. Und der hat eine brisante Geschichte mitgebracht, in der es um "Bulletproof Hoster" geht. Also um Anbieter, die auf die guten Sitten im Internet pfeifen - manchmal gar auf Recht und Gesetz - solange ihre oft zwielichtige Kundschaft ihnen monatlich Geld überweist. Doch vorher gibt es einen längeren Rant über einen Security-Appliance-Hersteller, den Christopher sich nicht selber ausgedacht hat, sondern den der Finanz-Nachrichtendienst Bloomberg veröffentlichte. Und es gibt einige PKI-Neuigkeiten, die fast alle etwas mit IP-Adressen zu tun haben.

The current state of national security is under scrutiny as the Department of Justice and FBI face significant internal changes. Kash Patel and Pam Bondi are overseeing a systematic removal of experienced personnel, specifically targeting those involved in previous high profile investigations. This purge has resulted in the loss of elite agents within the CI12 unit who possess critical expertise regarding Iran and global espionage. The timing of these firings is particularly concerning given the recent escalation of military conflict and the launch of Operation Epic Fury. While conventional military strikes dominate the news, the silent threat of cyber warfare looms. Iran is recognized for its advanced cyber capabilities, often retaliating through malware and intrusions into critical infrastructure like water systems and energy networks. The loss of institutional memory and veteran leadership, including figures like Steve Jensen and Brian Driscoll, leaves domestic defenses in a state of disarray. Loyalty tests and political questionnaires have replaced professional merit, leading to a decline in morale and a potential breakdown in intelligence sharing with international allies. Google's threat intelligence experts warn that global cyber attacks are inevitable. As the FBI's foreign influence task force is disbanded and leadership roles remain vacant, the ability to connect the dots and prevent future incidents is severely compromised. The focus on personal retribution over national safety has created a vulnerable attack surface, leaving the country exposed during a period of intense Middle East volatility. SUPPORT & CONNECT WITH HAWK- Support on Patreon: https://www.patreon.com/mdg650hawk - Hawk's Merch Store: https://hawkmerchstore.com - Connect on TikTok: https://www.tiktok.com/@mdg650hawk7thacct - Connect on TikTok: https://www.tiktok.com/@hawkeyewhackamole - Connect on BlueSky: https://bsky.app/profile/mdg650hawk.bsky.social - Connect on Substack: https://mdg650hawk.substack.com - Connect on Facebook: https://www.facebook.com/hawkpodcasts - Connect on Instagram: https://www.instagram.com/mdg650hawk - Connect on Twitch: https://www.twitch.tv/mdg650hawk ALL HAWK PODCASTS INFO- Additional Content Available Here: https://www.hawkpodcasts.comhttps://www.youtube.com/@hawkpodcasts- Listen to Hawk Podcasts On Your Favorite Platform:Spotify: https://spoti.fi/3RWeJfyApple Podcasts: https://apple.co/422GDuLYouTube: https://youtube.com/@hawkpodcastsiHeartRadio: https://ihr.fm/47vVBdPPandora: https://bit.ly/48COaTB

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.GitLab's Threat Intelligence Team published detailed findings on North Korean activity associated with the Contagious Interview campaign and broader IT worker operations.A financially motivated, Russian-speaking threat actor used generative AI tools to compromise more than 600 Fortinet FortiGate firewall instances between January and February, according to Amazon Web Services.Cisco has released emergency patches for a critical zero-day vulnerability in its Catalyst SD-WAN products that has been actively exploited in the wild.Citrini Research presents a forward-looking scenario framed as a June 2028 macro memo describing a “Global Intelligence Crisis” triggered by abundant AI-driven intelligence.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Kloiber, Manfred www.deutschlandfunk.de, Computer und Kommunikation

Microsoft just dropped patches for SIX actively exploited zero-day vulnerabilities — and that's just the beginning. In this week's Hacking News, we break down the February 2026 Patch Tuesday emergency, North Korea's Lazarus Group poisoning npm and PyPI through fake job recruiters, nation-state hackers weaponizing Google's Gemini AI (including malware that writes its own payloads), a massive Dutch telecom breach affecting 6.2 million people, and a U.S. government contractor breach that ballooned from 4 million to potentially tens of millions affected. This is Exploit Brokers by Forgebound Research — cybersecurity news, threat intelligence, and insights. Whether you're a security analyst, developer, or just someone who wants to stay informed, this episode has something for you.

Samsung Galaxy Unpacked vem saber tudo o que rolou, anúncios da Linha Galaxy S26: Base, Plus, Ultra, Galaxy AI, Tela de privacidade, One UI 8.5, cores, preços no Brasil e mais! Sistemas da Estácio possuíam falhas que permitiam acesso indevido e até roubo de contas. Malware usa domínios gov.br legítimos para infectar vítimas. Xiaomi Tag é novo rastreador inteligente compatível com iOS e Android. CEO da Netflix defende compra da Warner e alfineta a Paramount. Dona do Claude acusa DeepSeek e outras IAs chinesas de roubar dados e Juiz do TJMG esquece prompt de IA em decisão sobre caso de estupro de vulnerável.Galaxy S26 Ultra vaza em unboxing; novo Privacy Display é revelado. Samsung Galaxy Z TriFold esgotou o estoque em menos de 10 minutos. Tela 'anticuriosos' do Galaxy S26 pode chegar em breve em celulares chineses. IA reconhece jutsus de Naruto em tempo real e dispara efeitos visuais. Apple testa iPhone 18 Pro em cor inédita para a série. Autora de ataque a tiros conversava com o ChatGPT, mas OpenAI não alertou a polícia.

Fraudology is presented by Sardine. Request a 1:1 product demo at sardine.ai In this solo episode, Karisse Hendrick checks in from a hotel room in San Diego at the Merchant Advisory Group (MAG) conference to share urgent intelligence from the front lines of e-commerce fraud before the full chaos of conference season begins. First, Karisse explores two sophisticated new fraud trends that are leaving even seasoned investigators scratching their heads. She breaks down the rise of the "Two-Victim ATO," a unique spin on account takeover where fraudsters leverage the "legacy" and trust of an active account to bypass security, only to hit it with a completely different person's stolen credit card. Then, she dives into a high-tech trend hitting digital gift card retailers: Malware-driven session hijacking. Karisse discusses how fraudsters "piggyback" on a legitimate customer's active session and device to commit a second, high-value theft—making it nearly impossible for traditional fraud systems to flag as a separate entity.Later in the episode, Karisse discusses the "scary" new frontier of Agentic AI. She shares insights from recent tests by major retailers showing that autonomous shopping bots are beginning to make purchases that are currently indistinguishable from human behavior, creating a massive "Know Your Agent" (KYA) challenge for the industry.In this episode, we discuss:The Two-Victim ATO: Why fraudsters are adding new payment methods to active, high-history accounts instead of just using cards on file.Session Hijacking & Malware: How bad actors are using VPNs and malware to "replay" or continue a legitimate customer's session to buy high-value gift cards. Agentic AI & KYA: The difficulty in identifying AI-initiated transactions and why current device ID technology can't tell the difference between a human and a bot.Upcoming Events: Details on the Merchant Advisory Group, and the first annual Merchant Fraud Alliance Conference in Chicago this October.Fraudology is hosted by Karisse Hendrick, a fraud fighter with decades of experience advising hundreds of the biggest ecommerce companies in the world on fraud, chargebacks, and other forms of abuse impacting a company's bottom line. Connect with her on LinkedIn She brings her experience, expertise, and extensive network of experts to this podcast weekly, on Tuesdays.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A financially motivated threat actor known as GS7 is conducting a large-scale phishing campaign called Operation DoppelBrand, targeting Fortune 500 companies by impersonating their corporate login portals.Kaspersky researchers have analyzed a newly identified Android malware strain named Keenadu that provides attackers with remote control over infected devices.Application Programming Interfaces continue to be a primary attack surface, and new research from Wallarm shows the problem is accelerating as AI adoption expands.Hacker News outlines cybersecurity technology priorities for 2026, framing the environment as one of continuous instability rather than periodic disruption.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Big thank you to Infoblox for sponsoring this video. For more information on Infoblox have a look at their website: https://www.infoblox.com/ // Get Wireshark Certified // Check out the official training course

On pensait l'intelligence artificielle générative cantonnée aux assistants virtuels et aux outils de productivité. Mais elle intéresse aussi les cybercriminels. Le 19 février 2026, les chercheurs d'ESET ont révélé l'existence de PromptSpy, un malware Android qui s'appuie sur le modèle Gemini de Google pour s'adapter aux téléphones de ses victimes. Et ce n'est peut-être qu'un avant-goût de ce qui arrive. Pour comprendre ce qui rend PromptSpy inédit, il faut revenir aux limites des malwares classiques. Habituellement, ces logiciels malveillants fonctionnent avec des scripts rigides : des coordonnées de clics prédéfinies, des boutons identifiés à l'avance. Problème : Android n'est pas uniforme. Chaque constructeur modifie l'interface, chaque mise à jour peut déplacer les menus. Résultat, les scripts se retrouvent vite obsolètes.PromptSpy contourne cette faiblesse grâce à l'IA. Concrètement, il capture une image de l'écran de la victime et l'envoie à Gemini. Le modèle analyse les éléments visibles — boutons, textes, icônes — et renvoie des instructions personnalisées, comme « appuie ici » ou « fais glisser là ». Selon Lukas Stefanko, chercheur chez ESET, cette approche permet au malware de s'adapter automatiquement à n'importe quel smartphone ou version d'Android. Une souplesse inédite. L'objectif principal est la persistance : rester installé quoi qu'il arrive. PromptSpy se verrouille dans la liste des applications récentes d'Android, en s'épinglant avec un cadenas virtuel. Impossible alors de le fermer d'un simple geste. Le dialogue avec l'IA continue jusqu'à confirmation que le verrouillage est effectif.Mais le cœur du danger réside ailleurs : dans un module VNC. Cette technologie permet aux attaquants de voir l'écran en temps réel et de contrôler le téléphone à distance, comme s'ils le tenaient en main. Le malware abuse aussi des services d'accessibilité — des fonctions prévues à l'origine pour aider les personnes en situation de handicap — afin d'empêcher la désinstallation grâce à des superpositions invisibles. Les chercheurs ont découvert ces zones cachées en activant un mode de débogage laissé dans le code. PromptSpy peut enregistrer l'écran, récupérer des codes PIN, lister les applications installées et transmettre ces données via des communications chiffrées. Pour le supprimer, il faut redémarrer en mode sans échec — un mode qui désactive les applications tierces — puis effacer l'application frauduleuse, baptisée MorganArg, qui imite une banque. Pour l'instant, aucune infection massive n'a été détectée. Mais pour ESET, le signal est clair : après PromptLock en 2025, l'IA devient un outil d'adaptation pour les malwares. Google a été alerté et Play Protect bloque les versions identifiées Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

CISA orders urgent patch of Dell flaw Android malware uses Gemini to navigate infected devices Half of all cyberattacks start in the browser, says Palo Alto Networks Get the full show notes here: https://cisoseries.com/cybersecurity-news-cisas-dell-order-android-ai-malware-browsers-as-weak-link/ Huge thanks to our sponsor, Conveyor Most of what Conveyor automates is boring. Like really boring. Security questionnaires. Customer requests for things like your SOC 2. All of their follow-up questions. Answering tickets from your sales team. You know what's not boring? Alteryx using Conveyor to support over half a billion dollars in enterprise deals with a small 4 person team. All they did was set up an AI trust center and use Conveyor's AI agent to complete questionnaires. Learn more at conveyor.com.  

Tracking Malware Campaigns With Reused Material https://isc.sans.edu/diary/Tracking%20Malware%20Campaigns%20With%20Reused%20Material/32726 From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day Windows Admin Center Elevation of Privilege Vulnerability CVE-2026-26119 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119 DNS-PERSIST-01: A New Model for DNS-based Challenge Validation https://letsencrypt.org/2026/02/18/dns-persist-01.html Defending Web Apps https://www.sans.org/cyber-security-courses/application-security-securing-web-apps-api-microservices

In this episode of Unspoken Security, host AJ Nash sits down with Bob Fabien “BZ” Zinga, a cybersecurity executive and Naval Information Warfare Commander in the U.S. Navy Reserve. They explore how performative leadership shows up in security teams, and why values on a wall fail when pressure hits.BZ argues that optics without accountability kills trust. When leaders bend with politics or budgets, engaged employees go quiet. That silence hides risk. He shares how breaches often trace back to human choices, including a W-2 phishing scam that exposed employees' data and changed his own life. He also pushes blameless postmortems and clear escalation paths.From there, the conversation moves to AI. BZ warns that teams can automate bias and outsource judgment. He calls for guardrails, regulation, and human oversight, especially in high-stakes decisions. He closes with a simple standard: speak up for fairness, even when silence would feel safer.Send a textSupport the show

2026 64-Bits Malware Trend https://isc.sans.edu/diary/2026%2064-Bits%20Malware%20Trend/32718 A Comparative Security Analysis of Three Cloud-based Password Managers https://zkae.io Infostealer Infection Targeting OpenClaw Configurations https://www.infostealers.com/article/hudson-rock-identifies-real-world-infostealer-infection-targeting-openclaw-configurations/

SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents involving Notepad++ and 7-Zip, highlighting the vulnerabilities in open-source software and the importance of enterprise software management. They emphasize the need for ad blockers, the challenges of identifying legitimate software downloads, and the necessity of implementing robust security measures in organizations.----------------------------------------------------YouTube Video Link: ----------------------------------------------------Documentation:https://arstechnica.com/security/2026/02/notepad-updater-was-compromised-for-6-months-in-supply-chain-attack/https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents involving Notepad++ and 7-Zip, highlighting the vulnerabilities in open-source software and the importance of enterprise software management. They emphasize the need for ad blockers, the challenges of identifying legitimate software downloads, and the necessity of implementing robust security measures in organizations.----------------------------------------------------YouTube Video Link: ----------------------------------------------------Documentation:https://arstechnica.com/security/2026/02/notepad-updater-was-compromised-for-6-months-in-supply-chain-attack/https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

As AI systems grow more autonomous, the question is no longer just what they can do, but whether we can trust the data and models behind their decisions. In this episode of Alexa's Input (AI), Alexa Griffith talks with Wendy Chin, CEO of PureCipher, about building what she calls an artificial immune system for AI, a framework designed to make data, models, and inference tamper-evident across the AI lifecycle.They unpack what data poisoning really means (training data, weights and biases, inference inputs), why small amounts of targeted poison can create outsized model misbehavior, and how generative AI lowers the barrier to sophisticated malware. The conversation expands into the security implications of agent-to-agent communication via MCP, digital twins, and why we don't have the luxury of “shipping now and securing later.” It's a wide-ranging discussion that moves from practical threat models to the philosophical frontier of what happens as AI becomes more human-like, and more autonomous.Podcast LinksWatch: ⁠⁠⁠⁠⁠⁠https://www.youtube.com/@alexa_griffith⁠⁠⁠⁠⁠⁠Read: ⁠⁠⁠⁠⁠⁠⁠⁠https://alexasinput.substack.com/⁠⁠⁠⁠⁠⁠⁠⁠Listen:⁠⁠⁠⁠ https://creators.spotify.com/pod/profile/alexagriffith/⁠⁠⁠⁠More: ⁠⁠⁠⁠⁠⁠https://linktr.ee/alexagriffith⁠⁠⁠⁠⁠⁠Website: ⁠⁠⁠⁠⁠⁠https://alexagriffith.com/⁠⁠⁠⁠⁠⁠LinkedIn: ⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/alexa-griffith/⁠⁠⁠⁠⁠Find out more about the guest at:LinkedIn: https://www.linkedin.com/in/wendy-chin-ctg/Website: https://www.purecipher.com/Chapters00:00 Introduction to AI Security01:16 Understanding Data Poisoning04:38 The Dangers of Malware in AI07:46 AI's Moral Dilemmas and Decision Making08:45 Building Empathy in AI13:07 The Role of Good Data in AI Training17:02 PureCypher's Artificial Immune System22:34 Digital Twins and Their Implications25:22 Nurturing AI Like a Child30:53 Data Therapy for AI36:13 The Future of AI and Human Interaction38:45 The Dark Side of AI: Hacking and Security45:03 Global Perspectives on AI Security48:11 MCP Agents and Security Concerns51:41 Philosophical Implications of AI and Human Connection01:00:04 The Sci-Fi Future of AI and Humanity

A Malware developer faked his own death to evade the FBI, Apple patches a zero-day used in a targeted attack, the Tianfu Cup quietly returns, and researchers spot the first malicious Outlook add-in. Show notes Risky Bulletin: IcedID malware developer fakes his own death to escape the FBI

WSL in the Malware Ecosystem https://isc.sans.edu/diary/32704 Apple Patches Everything: February 2026 https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20February%202026/32706 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html

In this WP Builds episode, Nathan Wrigley talks with Thomas Raef about WordPress website security. Thomas shares his journey founding We Watch Your Website, discusses the prevalence of attacks on US WordPress sites, and explores how hackers increasingly use stolen credentials and AI-powered methods. The episode gets into AI tools for both attackers and defenders, highlighting strategies like behavioural analysis and other mathematical things I don't understand! It wraps up with advice on implementing security measures like 2FA and device trust, and the ongoing AI "arms race" in cybersecurity. Go listen...

In episode 174 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kyle Leonard, Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they continue their discussion of 2026 cybersecurity predictions from seven CIS experts, as shared on the CIS website.Here are some highlights from our episode:02:00. How cross-platform campaigns are becoming the norm03:09. Threat actors' use of generative artificial intelligence (GenAI) to expand their attacks and gain efficiencies05:08. The blurring line of what separates today's script kiddies from nation-state threat actors07:47. Fully autonomous malware: in the realm of possibility but not here yet13:19. How specialization in the criminal ecosystem requires us to rethink analysis itself16:07. Shrinking dwell time: a product of the democratization of complex tools' availability18:02. The effective use of social engineering to lower threat actors' operational costs19:20. Malware's increasing use of trusted infrastructure to thwart cyber defenses20:25. The use of behavioral analysis to apply bottleneck security mechanisms22:40. Evolving threat actors' tradecraft: pseudo-random subdomains, GenAI models, and SEO poisoning26:39. What trust looks like today: something that's dynamic and negotiated at a moment's notice31:25. Supply chain attackers' pivot to edge device vendors and security appliance makers33:43. The ongoing work of CIS to support state and local governments' cybersecurity effortsResourcesEpisode 169: 2026 Cybersecurity Predictions from CIS — Pt 1The Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeSurge of QakBot Activity Using Malspam, Malicious XLSB FilesActive Lumma Stealer Campaign Impacting U.S. SLTTsEpisode 173: Scammer Jousting as Human Risk ManagementClickFix: An Adaptive Social Engineering TechniqueImpact of Federal Funding Cuts to the Value of MS-ISAC CTIEpisode 157: How a Modern, Mission-Driven CIRT OperatesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In this episode of Cybersecurity Today, Jim Love covers major vulnerabilities and security threats, including the exposure of over 3 million Fortinet devices, a critical flaw in Docker's AI assistant, and a sophisticated Android malware campaign using Hugging Face repositories. Discover the latest updates on these critical issues and gain insights into the measures being taken to mitigate these threats. Sponsored by Meter, providing integrated networking solutions for performance and scale. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:43 Fortinet Devices Vulnerability 03:35 Docker AI Assistant Security Flaw 06:27 Hugging Face Android Malware Campaign 09:25 Conclusion and Sponsor Message

Everyone is turning to LLMs to generate code, including attackers. Thus, it's no great surprise that there are now examples of malware generated by LLMs. We discuss the implications of more malware with Rob Allen and what it means for orgs that want to protect themselves from ransomware. Resources https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/ https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/ https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-368

OpenClaw targets ClawHub users Notepad++ update delivers malware APT28 attackers abuse Microsoft Office zero-day Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-targets-clawhub-users-notepad-update-delivers-malware-apt28-attackers-abuse-microsoft-office-zero-day/ Huge thanks to our sponsor, Strike48 It's no secret that AI is only as good as the data available to it. Strike48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. Build and deploy agents for phishing detection, alert triage, threat correlation and more. Queries existing logs where they currently live, so you can keep the technology you already have. Learn more at Strike48.com.  

Everyone is turning to LLMs to generate code, including attackers. Thus, it's no great surprise that there are now examples of malware generated by LLMs. We discuss the implications of more malware with Rob Allen and what it means for orgs that want to protect themselves from ransomware. Resources https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/ https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/ https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/asw-368

Everyone is turning to LLMs to generate code, including attackers. Thus, it's no great surprise that there are now examples of malware generated by LLMs. We discuss the implications of more malware with Rob Allen and what it means for orgs that want to protect themselves from ransomware. Resources https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/ https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/ https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-368

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, Jaron Bradley from Jamf joins the show to talk about macOS malware and what IT teams need to know in 2026. Links From ClickFix to code signed: the quiet shift of MacSync Stealer malware FlexibleFerret malware continues to strike DigitStealer: a JXA-based infostealer that leaves little footprint Jamf Threat Labs uncovers mobile app game leaking player credentials Jamf Threat Labs discovers apps that leak credentials Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

Malware in the Snap store highlights the risks of modern package management, but users accidentally ending up with a totally different desktop environment shows the perils of the older approach. Plus the UK government wants to do more age-gating, and we hear about a project to get kids into Free Software. News Malware Peddlers Are Now Hijacking Snap Publisher Domains Linux Mint user gets Gnomed It looks like they followed these instructions to install Proton VPN (including selecting gdm) They aren’t alone AWS flips switch on Euro cloud as customers fret about digital sovereignty UK government rolls back key part of digital ID plans Lords back UK social media ban for under-16s Under-16 social media ban would expand age-gating for millions and silence young people UK House of Lords Votes to Extend Age Verification to VPNs Mission:Libre Carmen tells us about her project that aims to get kids into Free Software. Automox Turnkey Results Endpoint management tailored to your specific environment. Know the plan. Trust the result. Learn more at www.automox.com Support us on patreon and get an ad-free RSS feed with early episodes sometimes See our contact page for ways to get in touch. RSS: Subscribe to the RSS feeds here

Malware in the Snap store highlights the risks of modern package management, but users accidentally ending up with a totally different desktop environment shows the perils of the older approach. Plus the UK government wants to do more age-gating, and we hear about a project to get kids into Free Software. News Malware Peddlers Are Now Hijacking Snap Publisher Domains Linux Mint user gets Gnomed It looks like they followed these instructions to install Proton VPN (including selecting gdm) They aren’t alone AWS flips switch on Euro cloud as customers fret about digital sovereignty UK government rolls back key part of digital ID plans Lords back UK social media ban for under-16s Under-16 social media ban would expand age-gating for millions and silence young people UK House of Lords Votes to Extend Age Verification to VPNs Mission:Libre Carmen tells us about her project that aims to get kids into Free Software. Automox Turnkey Results Endpoint management tailored to your specific environment. Know the plan. Trust the result. Learn more at www.automox.com Support us on patreon and get an ad-free RSS feed with early episodes sometimes See our contact page for ways to get in touch. RSS: Subscribe to the RSS feeds here

North Korean hackers with the Lazarus Group have stolen over $300 million with this Telegram phishing scam. Subscribe to the Blockspace newsletter! Welcome back to The Blockspace Podcast! Today, Taylor Monahan, a security lead at MetaMask, joins us to talk about a highly sophisticated $300M phishing attack linked to North Korea's Lazarus Group. Taylor shares how the Lazarus Group hijacks Telegram accounts to lure victims into fake Zoom meetings and download a Trojan horse malware program. We break down the hackers' strategy, how the malware works, which wallet types are most vulnerable to theft, and what users can do to protect themselves if they have fallen prey to the scam or not. Tune in to learn how to identify these red flags and implement better digital hygiene for your crypto assets. Check out this article for a deep dive into how the malware works; plus, follow Taylor for updates on X and keep track of Laars Group's history of hacks via her Github.  Subscribe to the newsletter! https://newsletter.blockspacemedia.com Notes: * Lazarus Group stole over $300M in the last year. * Attackers hijack Telegram accounts. * Scammers use fake Zoom links to deploy malware. * Malware often bypasses paid antivirus software. * Sandbox architecture on iOS offers more safety. * Software wallets and browser wallets are most vulnerable. * 2FA remains critical for sensitive account access. Timestamps: 00:00 Start 03:51 Telegram attack 11:30 2 Factor Authenticators 13:48 Losses 16:38 Calculating losses 19:08 North Korea 21:52 Malware 24:17 Malware detection 25:16 EDR 27:12 Wallets 34:21 Is verifying addresses enough? 39:28 Wallet malware design 44:11 What do they want? 54:16 Taylor stealing payloads 1:01:49 Steps to protect

No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network Google dismantled the IPIDEA network that used residential proxies to route malicious traffic. https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network Fake Clawdbot VS Code Extension Installs ScreenConnect RAT The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions. https://www.aikido.dev/blog/fake-clawdbot-vscode-extension-malware Threat Bulletin: Critical eScan Supply Chain Compromise Anti-virus vendor eScan was compromised, and its update servers were used to install malware on some customer systems. https://www.morphisec.com/blog/critical-escan-threat-bulletin/

Sandbox flaw exposes n8n instances Fake Moltbot assistant drops malware PeckBirdy takes flight for cross-platform attacks Check out the show notes here: https://cisoseries.com/cybersecurity-news-sandbox-flaw-exposes-n8n-instances-fake-moltbot-assistant-drops-malware-peckbirdy-takes-flight-for-cross-platform-attacks/ Huge thanks to our episode sponsor, Conveyor Another security questionnaire hits your desk.   Ever wish it could magically disappear? You already have the answers that customers should self-serve, but they can't find the info in your Trust Center.   That's why Conveyor built the first truly agentic Trust Center.    An AI Agent lives inside it, answering customer questions, sharing documents, and even completing full questionnaires instantly.   Customers get what they need fast. it's magical, touchless, and extremely accurate.   Join teams at Atlassian, Zapier, and more at conveyor.com.  

Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow trustedtech.team/securitynow365 zscaler.com/security

Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow trustedtech.team/securitynow365 zscaler.com/security

Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow trustedtech.team/securitynow365 zscaler.com/security

Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow trustedtech.team/securitynow365 zscaler.com/security

Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow trustedtech.team/securitynow365 zscaler.com/security

Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow trustedtech.team/securitynow365 zscaler.com/security

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.China's pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet's FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Cybersecurity didn't start as a billion-dollar crime machine. It started as pranks, ego, and curiosity. That origin story explains almost everything that's breaking today. Ron sits down with Graham Cluley, one of the earliest antivirus developers turned trusted cyber voice, to trace how malware evolved from digital graffiti into organized financial warfare. From floppy disks and casino-style viruses to ransomware, extortion, and agentic AI, the conversation shows how early decisions still shape today's most dangerous assumptions. Graham also explains why AI feels inevitable, but still deeply unfinished inside modern organizations. Impactful Moments 00:00 - Introduction 04:16 - Malware before money existed 07:30 - Cheesy biscuits changed cybersecurity 13:10 - When documents became dangerous 14:33 - Crime replaced curiosity 15:23 - Sony proved no one was safe 20:15 - Reporting hacks without causing harm 24:01 - AI replacing penetration testers 29:18 - Agentic AI shifts the threat model 36:30 - Why rushing AI breaks trust Links Connect with our guest on LinkedIn: https://www.linkedin.com/in/grahamcluley/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/    

(Presented by Material Security: We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 82: We parse news that China-linked VoidLink is a malware framework created entirely by AI and the collapsing line between elite APT operations and everyday threat actors. Plus, a new Sean Heelan essay on low-cost exploit generation and why “AI guardrails” are mostly a comforting myth; AI slop overwhelming bug bounty programs; CISA's new Brickstorm YARA rules; and fresh research on a wiper-malware found in Russian attacks against Poland's electricity sector. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.