Podcasts about rce

  • 197PODCASTS
  • 729EPISODES
  • 41mAVG DURATION
  • 1WEEKLY EPISODE
  • Jun 25, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about rce

Show all podcasts related to rce

Latest podcast episodes about rce

Paul's Security Weekly
Cloud Visibility, Fortibleed, hacking things the easy way - Sandy Bird - PSW #932

Paul's Security Weekly

Play Episode Listen Later Jun 25, 2026 133:44


First up is Sandy Bird from Sonrai discussing how to protect our cloud infrastructure! This segment is sponsored by Sonrai Security. Visit https://securityweekly.com/sonrai to learn more about them! Next up in the security news: Help, I am Fortibleeding Cisco SD-WAN needs help The secret life of probe requests Help, I am Squidbleeding XSS to RCE and why CVSS isn't the full picture TVs spy on you Foundational security practices Cybersecurity costs money Happy "Its too late to update your KEK key" day You don't have security flaws if no one can report them Rickrolling FIFA Domain takeovers End of life, out of luck The key to Encryption... Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-932

CIAOPS - Need to Know podcasts
Episode 367 - Goldilocks gone

CIAOPS - Need to Know podcasts

Play Episode Listen Later Jun 21, 2026 34:20


This episode ultimately reflects on how organisations must adapt to an environment where solutions are no longer neatly balanced between simplicity and capability. Instead, businesses need to reassess priorities, stay informed, and make deliberate choices about which innovations deliver real value. For SMBs, the challenge is not just keeping up—but identifying what's truly “good enough” in an increasingly complex cloud-first world. Resources CIAOPS Need to Know podcast - CIAOPS - Need to Know podcasts | CIAOPS X - https://www.twitter.com/directorcia director@ciaops.com CIAOPS Blog Join my Teams Shared Channel – CIAOPS CIAOPS Merch store - CIAOPS Become a CIAOPS Patron CIAOPS AI Dojo  CIAOPS weekly news update - CIA Brief – CIAOPS CIAOPS Labs – The Special Activities Division of the CIAOPS Support CIAOPS Get your M365 questions answered via email Join my email list A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com   AutoJack: How a single page can RCE the host running your AI agent   Azure Sets a New Performance Record for LLM Training Benchmark at Extreme Scale   Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave report   Copilot Cowork is now generally available   Microsoft Defender email security benchmarking: Key insights from one year of data   Stay productive in new Outlook for Windows with these 5 features   What's new in Power Platform: June 2026 feature update   What's New in Notebooks | June 2026   Mercedes-AMG PETRONAS F1 Team responds to the intensity of race weekends with Microsoft   AI brands as bait: How threat actors are using the AI hype in social engineering  

Cyber Morning Call
1029 - F5 corrige duas falhas críticas no NGINX

Cyber Morning Call

Play Episode Listen Later Jun 19, 2026 7:09


Referências do EpisódioTURING DAY 2026 | 6ª EDIÇÃO - DIA 25/06K000161616: NGINX ngx_http_v3_module vulnerability CVE-2026-42530K000161584: NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability CVE-2026-42055Killing me gently: Inside Gentlemen's EDR killer frameworkLost in relocation: analysis of a new loader distributing CASTLESTEALERAutoJack: How a single page can RCE the host running your AI agent Oracle Critical Security Patch Update Advisory - June 2026PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVMRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

TechCast Podcast
#135 Poprawki bezpieczeństwa Androida - jak działają i dlaczego są ważne

TechCast Podcast

Play Episode Listen Later Jun 5, 2026 21:09


Czy wiesz, że od wykrycia luki do jej wykorzystania przez hakerów mijają często tylko godziny? W erze pracy hybrydowej i dyrektywy NIS2, Twój smartfon stał się najsłabszym ogniwem – lub najmocniejszą tarczą Twojej firmy.W tym odcinku Daniel Olszewski rozkłada na czynniki pierwsze mechanizmy bezpieczeństwa systemu Android w 2026 roku. Dowiesz się:RCE i EoP – co oznaczają te skróty i dlaczego powinny spędzać sen z powiek działom IT?TEE (Trusted Execution Environment) – jak procesor chroni Twoje biometryczne dane.7 lat wsparcia – czy długi cykl życia urządzenia to realna oszczędność, czy tylko marketing?Łańcuch dostaw – dlaczego Twoja poprawka „idzie” od Google przez Qualcomm aż do Samsunga.

Critical Thinking - Bug Bounty Podcast
Episode 177: 2x Google RCE with VRP Legend Brutecat

Critical Thinking - Bug Bounty Podcast

Play Episode Listen Later Jun 4, 2026 85:27


Episode 177: In this episode of Critical Thinking - Bug Bounty Podcast we're joined by BruteCat to talk about his journey hacking Google Cloud, Gmail, Youtube, and Google Phone.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ Need a Pentest? We just launched CTBB Pentests!https://pentest.ctbb.show/Hack full time? Check out the Full-Time Hunter's Guild!https://ctbb.show/fthg====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor: Check out Zero Trust Cloud Access from ThreatLockerhttps://www.criticalthinkingpodcast.io/tl-ztcaToday's Guest: https://x.com/brutecat====== Resources ======StubZero: $148,337 RCE in Google Cloud Productionhttps://brutecat.com/articles/google-cloud-rce/Leaking the email of any YouTube user for $10,000https://brutecat.com/articles/leaking-youtube-emails/Disclosing YouTube Creator Emails for a $20k Bountyhttps://brutecat.com/articles/youtube-creator-emails/Leaking the phone number of any Google userhttps://brutecat.com/articles/leaking-google-phones/====== Timestamps ======(00:00:00) Introduction(00:29:14) 2nd RCE in Application Integration(00:39:55) BruteCat's Background & RCE Follow-up Questions(00:48:02) Google VRP and Youtube Bugs(01:10:17) Google Phone Leak(01:18:36) Discovery Docs and Episode 178 Teaser

Autonomous IT
Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32

Autonomous IT

Play Episode Listen Later May 12, 2026 34:17


The May 2026 Microsoft Patch Tuesday release looks quiet on the surface – no actively exploited zero-days, no public disclosures at release, and a CVE count below the four-month average. Don't let that fool you.In this episode, Jason Kikta and Landon Miles break down everything that happened between April and May patch cycles, including Apple's macOS Tahoe 26.5 release with 79 CVEs, the Dirty Frag Linux kernel privilege escalation chain, and two pre-authenticated network remote code execution vulnerabilities in Windows core services that belong at the top of your patch list.They also dig into one of the month's most significant trends: AI-assisted vulnerability research showing up by name in Microsoft, Apple, and Linux acknowledgments in the same patch cycle – including Anthropic researchers credited on a critical Windows graphics component RCE. Ten AI-attributed vulnerability discoveries shipped fixes across all three major operating systems this month.What's covered:CVE-2026-41089: Windows NetLogon RCE (CVSS 9.8) and CVE-2026-41096: Windows DNS Client RCE (CVSS 9.8)CVE-2026-40402: Hyper-V guest-to-host escalation (CVSS 9.3)macOS Tahoe 26.5: Wi-Fi kernel RCE, nine kernel CVEs, 20 WebKit vulnerabilitiesDirty Frag Linux privilege escalation chain and the Copy Fail connectionAI-credited discoveries from Anthropic, calif.io, Theori, and NIST's Center for AI Standards and Innovation- Patch Tuesday Blog- DirtyFrag Blog- What "Mythos Ready" Means

Cyber Morning Call
1003 - DirtyFrag: 0-day no Linux com exploit público afeta diversas distros

Cyber Morning Call

Play Episode Listen Later May 8, 2026 10:02


Referências do EpisódioDirty Frag: Universal Linux LPEMay 2026 Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (Multiple CVEs)PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at ScaleThreat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code ExecutionCVE-2025-68670: discovering an RCE vulnerability in xrdpWhen prompts become shells: RCE vulnerabilities in AI agent frameworksFake call logs, real payments: How CallPhantom tricks Android usersRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

The CyberWire
The exploit that writes its own story.

The CyberWire

Play Episode Listen Later May 6, 2026 28:25


CISA warns CopyFail is under active exploitation. Attackers compromise installers for a widely used disk imaging utility. MuddyWater masks cyberespionage as ransomware. Attackers spread malware through a fake OpenClaw plugin. Researchers ID a new Linux RAT. Vimeo blames a third party provider for a recent breach. Palo Alto's Captive Portal is under attack. The FTC settles with a data broker over location sharing. A former Conti gang member gets jail time. Our guest is Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Geotargeting turns creepy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Selected Reading Attackers are cashing in on fresh 'CopyFail' Linux flaw (The Register) Hackers compromise Daemon Tools in global supply-chain attack, researchers say (The Record) Iranian APT Intrusion Masquerades as Chaos Ransomware Attack (SecurityWeek) Malicious OpenClaw Skill Targets DeepSeek Agentic AI Workflows (Cyber Press) Sophisticated Quasar Linux RAT Targets Software Developers (SecurityWeek) ShinyHunters claims dump puts 119K Vimeo emails in the wild (The Register) Palo Alto Networks warns of firewall RCE zero-day exploited in attacks (Bleeping Computer) FTC bans data broker Kochava from selling sensitive location info (The Record) Conti, Akira Affiliate Sentenced to 102 Months in Prison for Ransomware and Extortion Operations Targeting over 50 Organizations (TechNadu) A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory (CyberScoop) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

PolySécure Podcast
Actu - 3 mai 2026 (edition home sweet home) - Parce que... c'est l'épisode 0x2F2!

PolySécure Podcast

Play Episode Listen Later May 4, 2026 45:20


Parce que… c'est l'épisode 0x2F2! Shameless plug 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2026 - SSTIC 2026 24 et 25 juin 2026 - Troopers 26 et 27 juin 2026 - leHACK 19 septembre 2026 - Bsides Montréal 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Notes IA ou Ghost in the shell Mythos ou Baba Yaga Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side AI digs up decades of code debt. Patch up. AI Finds 38 Security Flaws in OpenEMR What Anthropic's Mythos Means for the Future of Cybersecurity Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber OpenAI locks GPT-5.5-Cyber behind velvet rope Amid Mythos' hyped cybersecurity prowess, researchers find GPT-5.5 is just as good Pentagon keeps Anthropic barred despite Mythos interest Pentagon reaches agreements with top AI companies, but not Anthropic Vibe to oblivion Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue Vibe Coding Will Break Your Company AI threats in the wild: The current state of prompt injections on the web Anthropic's definition of safety is too narrow Multiple OpenClaw Vulnerabilities Enables Policy Bypass and Host Override Who Owns the Code Claude Wrote? School-shooting lawsuits accuse OpenAI of hiding violent ChatGPT users Fooling large language models just keeps getting simpler Everyone's building AI agents. Almost nobody's ready for what they do to identity. Govern your bots carefully or chaos could ensue I can never talk to an AI anonymously again Anthropic Launches Claude Security in Public Beta for Enterprise Customers La guerre, la guerre, c'est pas une raison pour se faire mal! Chinese spy group caught lurking in Poland, Asia networks Cyber spies target Russian aviation firms to steal satellite and GPS data Souveraineté ou vive le numérique libre! Digital Sovereignty: Wire to Replace Signal as Standard in the Bundestag Privacy ou cachez ces informations que je ne saurais voir US tech embraces Sam Altman's World iris-scan ID banned in places - Rest of World I am the law Age verification bazaar Meta found in breach of EU law for failing to keep children off platforms EU waves through age-check app to keep kids safe online Glenn Meder (@GlennMeder): “

Cyber Security Headlines
Agent payments, Russian phishing, LeRobot RCE flaw

Cyber Security Headlines

Play Episode Listen Later Apr 29, 2026 7:23


FIDO Alliance working on securing AI agent payments Germany suspects Russia in Signal phishing RCE flaw in open-source robotics platform Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/  Thanks to our episode sponsor, Guardsqaure Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern secuirty risks. Learn more at Guardsquare.com.

The CyberWire
W3LL runs dry.

The CyberWire

Play Episode Listen Later Apr 13, 2026 29:22


The FBI disrupts a multi-million-dollar phishing ring. A North Korea-linked supply chain attack hits OpenAI. Developers face a Slack phishing campaign. A critical Python notebook flaw is exploited in hours. ShinyHunters target Rockstar Games. A Japanese shipping firm reports a breach. Tracking the cybersecurity winners and losers in Trump's 2027 budget, plus a claimed cyberattack on UAE infrastructure. Business breakdown. Our guest is Justin Kohler, Chief Product Officer at SpecterOps, discussing Identity Attack Path Management. Crackdowns at home push scam networks abroad.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Justin Kohler, Chief Product Officer at SpecterOps, discussing Identity Attack Path Management. If you enjoyed this conversation, tune into the full interview here. Selected Reading FBI Dismantles $20m Phishing Operation W3LL (Infosecurity Magazine) The cyber winners and losers in Trump's 2027 budget (CSO Online) Handala carries out unprecedented cyberattack against critical UAE Infrastructure (PressTV) OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures (HackRead) OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack (SecurityWeek) Critical Marimo pre-auth RCE flaw now under active exploitation (Bleeping Computer) GTA-maker Rockstar Games hacked again but downplays impact (BBC) NYK alerts on data breach in bunker fuel procurement system (Manifold Times) Business Briefing for 04.08.26 (The CyberWire)  China Is Cracking Down on Scams. Just Not the Ones Hitting Americans (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Security Today
Fortinet EMS Zero-Day, Anthropic's AI Finds Thousands of Bugs, Iranian Hackers Target US ICS

Cyber Security Today

Play Episode Listen Later Apr 9, 2026 15:59


Fortinet EMS Zero-Day Exploited, Anthropic's AI Finds Thousands of Bugs, and Iranian Hackers Target US ICS Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst Host David Shipley reports Fortinet issued emergency hotfixes for a new actively exploited FortiClient EMS unauthenticated RCE zero-day (CVE-2026-35616) affecting 7.4.0.5/7.4.0.6, with over 2,000 exposed instances online and a full fix coming in 7.4.0.7. Anthropic says its Claude "Mythos" model (Project Glasswing) has found thousands of high-severity zero days and demonstrated advanced exploit chaining and sandbox escape, but will not be released publicly; it is being used with major partners and funded with up to $100M in credits plus $4M for open-source security. A postmortem details a North Korea–linked social-engineering supply-chain breach of Axios on NPM, part of a broader campaign spreading 1,700+ malicious packages across multiple ecosystems. US agencies warn Iranian-linked hackers are targeting Rockwell/Allen-Bradley PLCs in critical infrastructure. The White House proposes a $707M cut to CISA, reducing staffing while preserving $1.4B for core cybersecurity. 00:00 Headlines and Sponsor 00:55 Fortinet EMS Zero Day 03:21 AI Finds Zero Days 05:56 Axios Supply Chain Breach 08:02 North Korea Package Campaign 10:13 Iran Targets Industrial Control 12:22 CISA Budget Cuts Debate 14:05 Wrap Up and Thanks 14:59 Sponsor Message Meter

Patent Bar MPEP Q & A Podcast
MPEP Q & A 351: List 2 situations where RCE provisions do not apply.

Patent Bar MPEP Q & A Podcast

Play Episode Listen Later Apr 7, 2026 2:31


Question: List 2 situations where RCE provisions do not apply. Answer: The RCE provisions do not apply to: (A) a provisional application; (B) an application for a utility or plant patent filed under 35 U.S.C. 111(a) before June 8, 1995; (C) an international application filed under 35 U.S.C. 363 before June 8, 1995, or an […] The post MPEP Q & A 351: List 2 situations where RCE provisions do not apply. appeared first on Patent Education Series.

Hacker News Recap
April 1st, 2026 | Claude Code Unpacked : A visual guide

Hacker News Recap

Play Episode Listen Later Apr 2, 2026 15:12


This is a recap of the top 10 posts on Hacker News on April 01, 2026. This podcast was generated by wondercraft.ai (00:30): Claude Code Unpacked : A visual guideOriginal post: https://news.ycombinator.com/item?id=47597085&utm_source=wondercraft_ai(01:56): Live: Artemis II Launch Day UpdatesOriginal post: https://news.ycombinator.com/item?id=47603657&utm_source=wondercraft_ai(03:23): EmDash – A spiritual successor to WordPress that solves plugin securityOriginal post: https://news.ycombinator.com/item?id=47602832&utm_source=wondercraft_ai(04:50): DRAM pricing is killing the hobbyist SBC marketOriginal post: https://news.ycombinator.com/item?id=47606840&utm_source=wondercraft_ai(06:17): I quit. The clankers wonOriginal post: https://news.ycombinator.com/item?id=47598511&utm_source=wondercraft_ai(07:43): CERN levels up with new superconducting kartsOriginal post: https://news.ycombinator.com/item?id=47597935&utm_source=wondercraft_ai(09:10): SpaceX files to go publicOriginal post: https://news.ycombinator.com/item?id=47604155&utm_source=wondercraft_ai(10:37): Claude wrote a full FreeBSD remote kernel RCE with root shellOriginal post: https://news.ycombinator.com/item?id=47597119&utm_source=wondercraft_ai(12:04): U.S. exempts oil industry from protecting Gulf animals, for 'national security'Original post: https://news.ycombinator.com/item?id=47595620&utm_source=wondercraft_ai(13:31): Is BGP safe yet?Original post: https://news.ycombinator.com/item?id=47600382&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Segurança Legal
#413 – IA, guerra, medicina e cybersecurity

Segurança Legal

Play Episode Listen Later Mar 24, 2026 59:29


Neste episódio comentamos sobre as principais atualizações e desafios no mercado de tecnologia, trazendo uma análise objetiva sobre cibersegurança e proteção de dados. Ao longo da reprodução, você irá descobrir os recentes desdobramentos éticos do uso de inteligência artificial em contextos militares, envolvendo a recusa da Anthropic em aderir aos termos do Departamento de Defesa norte-americano e os impactos disso para a privacidade global. Você também irá aprender sobre o novo marco regulatório do Conselho Federal de Medicina para ferramentas automatizadas na área da saúde, compreendendo como as exigências da LGPD se aplicam à segurança da informação na proteção de dados médicos sensíveis. Além disso, você entenderá os detalhes do recente ataque hacker que causou graves incidentes de segurança no setor financeiro, e saberá identificar as vulnerabilidades críticas na integração de modelos de linguagem via protocolo MCP, como a perigosa injeção de prompts em servidores expostos. O host Guilherme Goulart compartilha ainda sua vivência no evento SecOps Summit, refletindo sobre a importância dos profissionais de segurança na governança corporativa. Por fim, você poderá avaliar como o uso excessivo do ChatGPT pode afetar a criatividade e gerar a homogeneização do pensamento. Para continuar acompanhando nossas discussões, não se esqueça de assinar o podcast na sua plataforma preferida, seguir nossos perfis nas redes sociais e avaliar o programa para apoiar o nosso trabalho. Esta descrição foi realizada a partir do áudio do podcast com o uso de IA, com revisão humana.     Visite nossa campanha de financiamento coletivo e nos apoie!  Conheça o Blog da BrownPipe Consultoria e se inscreva no nosso mailing Acesse WhisperSafe – Transcreva áudio e grave reuniões direto no seu computador, mesmo offline. Rápido, leve e pronto para usar com qualquer IA. Use o cupom SEGLEG50 para 50% de desconto na sua assinatura. ShowNotes Episódio citado – 2013-06-18 – Episódio #28 – PRISM – Privacidade X Segurança The Pentagon formally labels Anthropic a supply-chain risk Anthropic's Claude is suddenly the most popular iPhone app following Pentagon feud Anthropic vs. U.S. Department of War The Pentagon Can't Afford This A.I. Fight Statement from Dario Amodei on our discussions with the Department of War Employees across OpenAI and Google support Anthropic's lawsuit against the Pentagon AI safety leader says ‘world is in peril’ and quits to study poetry Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers AI Conundrum: Why MCP Security Can’t Be Patched Away MCP is the backdoor your zero-trust architecture forgot to close Ministério da Educação – REFERENCIAL PARA DESENVOLVIMENTO E USO RESPONSÁVEIS DE INTELIGÊNCIA ARTIFICIAL NA EDUCAÇÃO Nova resolução de uso de IA na CFM Artigo “When ChatGPT is Gone: Creativity Reverts and Homogeneity Persists“ BTG Pactual restabelece operações via Pix após ser alvo de ataque hacker BTG Pactual sofre ataque hacker e suspende operações via Pix PF investiga participação de funcionários no ataque hacker de R$ 100 milhões ao BTG Pactual Imagem do Episódio: A Torre de Babel — Pieter Bruegel

The CyberWire
Socks pulled, patches pushed.

The CyberWire

Play Episode Listen Later Mar 13, 2026 30:37


Europol dismantles the SocksEscort proxy service. Cyber operations highlight imbalance in the war in Iran. Google rushes Chrome zero-day patches. Veeam fixes critical backup flaws. A former incident responder faces ransomware charges. Thomson Reuters staff push back on an ICE contract. Attackers abuse backup tools for data theft. CISA flags a critical n8n vulnerability. Maria Varmazis is joined by Jack R. Bialik, engineer and author, to discuss the hidden risks of a fully-digital society, and talk about his book "In Lost in Time: Our Forgotten and Vanishing Knowledge." A Phony photo fuels a phantom flight fiasco. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K CyberWire's Maria Varmazis is joined by Jack R. Bialik, engineer and author, to discuss the hidden risks of a fully-digital society, and talk about his book "In Lost in Time: Our Forgotten and Vanishing Knowledge." Selected Reading Europol and international partners disrupt ‘SocksEscort' proxy service - Joint operation targeted malicious proxy service exploiting residential routers worldwide (Europol) War in Iran – asymmetry in cyberspace (IISS) Google fixes two new Chrome zero-days exploited in attacks (Bleeping Computer)  Veeam warns of critical flaws exposing backup servers to RCE attacks (Bleeping Computer) Former Employee of Cybersecurity Companies Charged in ALPHV (BlackCat) Ransomware Extortion Case (TechNadu) They Don't Want Their Company's Surveillance Tool Used by ICE (The New York Times) Data Exfiltration and Threat Actor Infrastructure Exposed (Huntress) CISA adds n8n RCE flaw to list of known exploited vulnerabilities (SC Media) Cyber National Mission Force to get new commander amid broader leadership turnover (The Record) AI Used to Promote Non-Existent Evacuation Flights From the Middle East (Bellingcat) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Packet Pushers - Full Podcast Feed
NB563: Palo Alto Networks Nets Koi for AI Security; Quantum Networking Notches Research Wins

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Feb 23, 2026 30:56


Take a Network Break! We start with follow-ups on secure browsers and data centers in space, and then sound the red alert about an RCE vulnerability in NLTK. On the news front, Palo Alto Networks acquires a startup that monitors endpoints for malicious packages, browser extensions, scripts, and other threats, Lumen debuts a multi-cloud gateway... Read more »

Packet Pushers - Network Break
NB563: Palo Alto Networks Nets Koi for AI Security; Quantum Networking Notches Research Wins

Packet Pushers - Network Break

Play Episode Listen Later Feb 23, 2026 30:56


Take a Network Break! We start with follow-ups on secure browsers and data centers in space, and then sound the red alert about an RCE vulnerability in NLTK. On the news front, Palo Alto Networks acquires a startup that monitors endpoints for malicious packages, browser extensions, scripts, and other threats, Lumen debuts a multi-cloud gateway... Read more »

Packet Pushers - Fat Pipe
NB563: Palo Alto Networks Nets Koi for AI Security; Quantum Networking Notches Research Wins

Packet Pushers - Fat Pipe

Play Episode Listen Later Feb 23, 2026 30:56


Take a Network Break! We start with follow-ups on secure browsers and data centers in space, and then sound the red alert about an RCE vulnerability in NLTK. On the news front, Palo Alto Networks acquires a startup that monitors endpoints for malicious packages, browser extensions, scripts, and other threats, Lumen debuts a multi-cloud gateway... Read more »

Exploit Brokers - Hacking News
State Hackers Hit 37 Countries, BeyondTrust CVSS 9.9 RCE, Signal Hijacked & More | HN Ep. 61

Exploit Brokers - Hacking News

Play Episode Listen Later Feb 19, 2026 21:55


A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year — and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware claim against Iron Mountain that turned out to be far less than advertised. Whether you're a cybersecurity professional, IT admin, or just someone who wants to stay informed about the threats facing our digital world — this episode has critical takeaways you can act on today.

Black Hills Information Security
Live From WWHF Mile High 2026 – 2026-02-11

Black Hills Information Security

Play Episode Listen Later Feb 18, 2026 33:22 Transcription Available


Live from Wild West Hackin' Fest Denver 2026, the Black Hills Information Security crew brings their signature mix of sharp security insight and off-the-cuff banter to a packed in-person audience. This episode centers on a controversial Notepad update that introduced Markdown rendering—along with a potential remote code execution (RCE) issue. The hosts unpack what this says about modern software bloat, “vibe coding,” and the growing push to embed AI into everything—whether it belongs there or not. They also explore the implications of Discord's Age verification requirements, AI-generated code, including OpenAI's latest Codex model, and debate whether we're headed toward a wave of AI-assisted vulnerabilities.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Passwort - der Podcast von heise security
Von unsicheren Schalentieren, quantensicheren Bundesämtern und Editoren-Hintertüren

Passwort - der Podcast von heise security

Play Episode Listen Later Feb 18, 2026 138:11 Transcription Available


Nach den ausschweifenden Jubiläumsfeiern finden Sylvester und Christopher zurück zum gewohnten Rhythmus. Zunächst schauen sie auf ein System zur Geräteverwaltung (MDM), das in den letzten Wochen bei verschiedenen europäischen Regierungen angegriffen wurde - der Hersteller war bereits mehrfach Thema im Podcast. Dann geht's allerdings weiter mit einem kurzen Abriß zu OpenClaw, dem gehypten KI-Assistenten, und seinen vielen Unsicherheiten. Sylvester kann dem Helferlein eine gewisse Faszination abgewinnen, warnt jedoch vor seinem unreflektierten Einsatz. Und Christopher erzählt, wie das Bundesamt für Sicherheit in der Informationstechnik die Verschlüsselung in Deutschland quantensicher machen will und dazu seine Richtlinien modernisiert. Betrachtungen zu unabsichtlichen Kommandos bei der Softwareentwicklung und zu Problemen verschiedener Texteditoren runden die Folge ab und entlassen Sylvester in den wohlverdienten Urlaub. Leider gibt es auf der Tonspur in dieser Folge einen leichten Hall von Christophers Stimme. Wir bitten das zu entschuldigen.

Critical Thinking - Bug Bounty Podcast
Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Critical Thinking - Bug Bounty Podcast

Play Episode Listen Later Feb 12, 2026 24:42


Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surrounding HackerOneFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor: Join Justin at Zero Trust World in March and get $200 off registration with Code ZTWCTBB26https://ztw.com/====== This Week in Bug Bounty ======AS Watsonhttps://app.intigriti.com/programs/aswatson/watsons/detailYesWeHack 2026 Reporthttps://choose.yeswehack.com/bug-bounty-report-2026-trends-and-key-insights-yeswehack?utm_source=youtube&utm_medium=sponsor-critical-thinking&utm_campaign=yeswehack-report-2026 ====== Resources ======PhoneLeak: Data Exfiltration in Gemini via Phone Callhttps://blog.starstrike.ai/posts/phoneleak-data-exfiltration-in-gemini-via-phone-call/Max's Tweet about decreasing bountieshttps://x.com/0xw2w/status/2020788164378427483HackerOne General Terms and Conditionshttps://www.hackerone.com/terms/generalResearch Review #-2: RCE in Google's AI code editor Antigravity (sudi)https://www.youtube.com/watch?v=JqvJSF2UMyY====== Timestamps ======(00:00:00) Introduction(00:03:26) YesWeHack 2026 Report(00:09:12) CSRF Realizations & Data Exfiltration in Gemini via Phone Call(00:14:38) 7urb0's Youtube, HackerOne decreasing bounties and Section 3.1 controversy.(00:19:06) Cross Consumer Attacks

Risky Business
Risky Business #824 -- Microsoft's Secure Future is looking a bit wobbly

Risky Business

Play Episode Listen Later Feb 11, 2026 56:13


On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Microsoft reshuffles security leadership. It doesn't spark joy. Russia is hacking the Winter Olympics. Again. But y tho? China-linked groups are keeping busy, hacking telcos in Norway, Singapore and dozens of others Campaigns underway targeting Ivanti, BeyondTrust and SolarWinds products An unknown hero blocks 23/tcp on the US internet backbone And James Wilson pops into talk about Claude's go at a C compiler This week's episode is sponsored by Ent.AI, an AI startup that isn't quite ready to tell us all what they're doing. But nevertheless, founder Brandon Dixon joins to discuss AI's role in security. Where does language-based understanding take us that previous methods couldn't? This episode is also available on Youtube. Show notes Updates in two of our core priorities - The Official Microsoft Blog Strengthening Windows trust and security through User Transparency and Consent | Windows Experience Blog Microsoft prepares to refresh Secure Boot's digital certificate | Cybersecurity Dive Microsoft Patch Tuesday matches last year's zero-day high with six actively exploited vulnerabilities | CyberScoop Microsoft releases urgent Office patch. Russian-state hackers pounce. - Ars Technica Italy blames Russia-linked hackers for cyberattacks ahead of Winter Olympics | The Record from Recorded Future News Researchers uncover vast cyberespionage operation targeting dozens of governments worldwide | The Record from Recorded Future News Germany warns of state-linked phishing campaign targeting journalists, government officials | The Record from Recorded Future News Norwegian intelligence discloses country hit by Salt Typhoon campaign | The Record from Recorded Future News Singapore says China-linked hackers targeted telecom providers in major spying campaign | The Record from Recorded Future News Largest Multi-Agency Cyber Operation Mounted to Counter Threat Posed by Advanced Persistent Threat (APT) Actor UNC3886 to Singapore's Telecommunications Sector | Cyber Security Agency of Singapore How Intel and Google Collaborate to Strengthen Intel® TDX Strengthening the Foundation: A Joint Security Review of Intel TDX 1.5 - Google Bug Hunters Active Exploitation of SolarWinds Web Help Desk (CVE-2025-26399) | Huntress EU, Dutch government announce hacks following Ivanti zero-days | The Record from Recorded Future News North Korean hackers targeted crypto exec with fake Zoom meeting, ClickFix scam | The Record from Recorded Future News BeyondTrust warns of critical RCE flaw in remote support software Rapid7 Analysis of CVE-2026-1731 Building a C compiler with a team of parallel Claudes Anthropic (1) Post by @ryiron.bsky.social — Bluesky What AI Security Research Looks Like When It Works | AISLE South Korean crypto exchange races to recover $40bn of bitcoin sent to customers by mistake | South Korea | The Guardian White House to meet with GOP lawmakers on FISA Section 702 renewal | The Record from Recorded Future News

The CyberWire
Your phone works for them now.

The CyberWire

Play Episode Listen Later Feb 9, 2026 26:24


Ivanti zero-days trigger emergency warnings around the globe. Singapore blames a China-linked spy crew for hitting all four major telcos. DHS opens a privacy probe into ICE surveillance. Researchers flag a zero-click RCE lurking in LLM workflows. Ransomware knocks local government payment systems offline in Florida and Texas. Chrome extensions get nosy with your URLs. BeyondTrust scrambles to patch a critical RCE. A Polish data breach suspect is caught eight years later. It's the Monday Business Breakdown. Ben Yelin gives us the 101 on subpoenas. And federal prosecutors say two Connecticut men bet big on fraud, and lost. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Ben Yelin, Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, talking about weaponized administrative subpoenas. Selected Reading EU, Dutch government announce hacks following Ivanti zero-days (The Record) Singapore says China-linked hackers targeted telecom providers in major spying campaign (The Record) Inspector General Investigating Whether ICE's Surveillance Tech Breaks the Law (404 Media) Critical 0-Click RCE Vulnerability in Claude Desktop Extensions Exposes 10,000+ Users to Remote Attacks (Cyber Security News)  Payment tech provider for Texas, Florida governments working with FBI to resolve ransomware attack (The Record) Chrome extensions can use unfixable time-channel to leak tab URLs (CyberInsider) BeyondTrust warns of critical RCE flaw in remote support software (Bleeping Computer) Hacker Poland's largest data leaks arrested (TVP World) LevelBlue will acquire MDR provider Alert Logic from Fortra. (N2K Pro Business Briefing) Men charged in FanDuel scheme fueled by thousands of stolen identities (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jan 28, 2026 7:38


Initial Stages of Romance Scams [Guest Diary] Romance scams often start with random text messages that appear to be misrouted . This guest diary by Faris Azhari is following some of the initial stages of such a scam. https://isc.sans.edu/diary/Initial%20Stages%20of%20Romance%20Scams%20%5BGuest%20Diary%5D/32650 Denial of Service Vulnerabilities in React Server Components Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition. https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg OpenSSL Updates OpenSSL released its monthly updates, fixing a potential RCE. https://openssl-library.org/news/vulnerabilities/ Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission Many Kubernetes Helm Charts are vulnerable to possible remote code executions due to unclear defined access controls. https://grahamhelton.com/blog/nodes-proxy-rce

Passwort - der Podcast von heise security
BSI, n8n, PGP etc. – allüberall Probleme

Passwort - der Podcast von heise security

Play Episode Listen Later Jan 21, 2026 163:00 Transcription Available


Die erste Folge, die Christopher und Sylvester im neuen Jahr aufzeichnen. Seit der letzten regulären Podcast-Episode hat sich einiges an aktuellen Problemen und Lücken angesammelt. Befreit von den harten Zeitvorgaben eines externen Sendezentrums schlagen die Hosts etwas über die Stränge und reden gute 2,5 Stunden: Es geht um ein seltsam unbenutzbares Portal des BSI, schwierig abzuwehrende Angriffe auf Signal & Co, den wenig erbaulichen Zustand von PKIs zum Code- Signing, diverse Lücken und Probleme in GnuPG und dem PGP- Kryptografiesystem insgesamt, einen geschickten Angriff auf das Automatisierungstool n8n – sowie einige kleinere Themen, auf die Christopher und Sylvester spontan eingehen. Ziemlich viel auf einmal, aber immerhin in mundgerechte Häppchen unterteilt. - ACME-DNS: https://github.com/joohoi/acme-dns - WhatsApp-Scraping-Paper: https://arxiv.org/abs/2511.20252 - Messengernutzer-Tracking-Paperhttps://arxiv.org/abs/2411.11194) - Zum Ausprobieren: Whatsapp Device Activity Tracker: https://github.com/gommzystudio/device-activity-tracker - GnuPG-Artikel: https://www.heise.de/hintergrund/Kritik-an-GnuPG-und-seinem-Umgang-mit-gemeldeten-Luecken-11132888.html - GnuPG-Talk: https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i - LIEF - Library to Instrument Executable Formats: https://lief.re/ - PoC zum n8n-RCE: https://github.com/Chocapikk/CVE-2026-21858 - 39C3-Vortrag von Christopher und Sylvester: https://media.ccc.de/v/39c3-apt-down-and-the-mystery-of-the-burning-data-centers

David Bombal
#531: Critical 10/10 n8n Vulnerability EXPLOITED

David Bombal

Play Episode Listen Later Jan 19, 2026 34:05


Security researchers Dor Attias and Ofek Itach demonstrate a critical CVSS 10.0 n8n vulnerability (CVE-2026-21858). Watch the full RCE exploit demo using type confusion to bypass authentication and read sensitive local files. // Dor Attias SOCIAL // LinkedIn: / dor-attias-740758155 // Ofek Itach SOCIAL // LinkedIn: / ofek-it // N8N Hack Blog https://www.cyera.com/research-labs/n... // Cyera Blog // https://www.cyera.com/blog // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:56 - n8n vulnerability explained 02:33 - n8n hacking demo // How the vulnerability works 09:13 - How bad is it? 11:51 - Vulnerability summary 13:28 - More explained on Cyera blog // Webhooks 16:59 - Webhooks explained 18:09 - Formidable 19:18 - Formidable explained 20:01 - Handling uploaded files in n8n 22:32 - The form webhook node 24:28 - How to exploit 25:54 - Exploit summary 26:46 - How to mitigate 27:37 - How to become a security researcher 32:36 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.

Let's Talk Cabling!
Get Your RCDD Now

Let's Talk Cabling!

Play Episode Listen Later Jan 13, 2026 32:32 Transcription Available


Send us a textWe share a straight path to earning the RCDD, from eligibility and study plans to test-day tactics and career impact. The goal is simple: use standards, discipline, and community to turn design knowledge into better roles and higher pay.• why the RCDD is the design gold standard• where the credential unlocks bids and global work• how codes, standards, and best practices stack• who should pursue it across roles and titles• eligibility routes and resume focus on design• common mindset and study mistakes to avoid• TDMM 15th edition as the primary reference• study hours, note taking, and block learning• study groups for pacing and accountability• Pearson VUE logistics, timing, and question types• scheduling strategy, retakes, and handling nerves• resources and community support for successIf you're watching this show on YouTube, would you mind hitting the subscribe button and the bell button to be notified when new content is being produced?If you're listening to us on one of the audio podcast platforms, would you mind leaving us a five-star rating?Email Chuck at advertising at letstalkcabling.com and let's connect your brand to the right audience today.Visit GoFar on LinkedIn or click on the link in the description below.Put down your tips for passing the RCE test in the comment box below.Support the showKnowledge is power! Make sure to stop by the webpage to buy me a cup of coffee or support the show at https://linktr.ee/letstalkcabling . Also if you would like to be a guest on the show or have a topic for discussion send me an email at chuck@letstalkcabling.com Chuck Bowser RCDD TECH#CBRCDD #RCDD

rce pearson vue
Cyber Briefing
January 07, 2026 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Jan 7, 2026 8:58


If you like what you hear, please subscribe, leave us a review and tell a friend!

@BEERISAC: CPS/ICS Security Podcast Playlist
2026 ICS Security Predictions: What's Next for Critical Infrastructure

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Jan 1, 2026 31:41


Podcast: Exploited: The Cyber Truth Episode: 2026 ICS Security Predictions: What's Next for Critical InfrastructurePub date: 2025-12-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs industrial control systems become more connected, more Linux-based, and more exposed to IT-style threats, 2026 is shaping up to be a turning point for ICS security. In this end-of-year predictions episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder & CEO Joseph M. Saunders and CTO Shane Fry to discuss what will define ICS and critical infrastructure security in 2026. The episode explores a bold prediction: We will see a major ICS breach originating from a web application vulnerability running directly on an embedded control device. As full Linux operating systems, Node.js apps, and web servers increasingly appear inside OT equipment, long-standing IT vulnerabilities are colliding with systems that are difficult—or impossible—to patch. Joe and Shane dig into why detection-only strategies fall short in constrained, long-lived devices, and why secure by design engineering, memory safety, and runtime protections are becoming essential. They also discuss the importance of accurate, build-time Software Bills of Materials, especially as regulations like the EU Cyber Resilience Act push manufacturers toward transparency, accountability, and provable supply-chain visibility. Together, they cover: Why ICS exploitation is shifting from theoretical to operationalHow web app and RCE vulnerabilities are creeping into OT devicesThe limits of detection-only security strategiesWhy memory safety and runtime protections reduce exploitable riskHow build-time SBOMs improve vulnerability tracking and trustThe podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The CyberWire
OneView gives attackers the full tour.

The CyberWire

Play Episode Listen Later Dec 18, 2025 26:47


Hewlett Packard Enterprise patches a maximum-severity vulnerability in its OneView infrastructure management software. Cisco warns a critical zero-day is under active exploitation. An emergency Chrome update fixes two high-severity vulnerabilities. French authorities make multiple arrests. US authorities dismantle an unlicensed crypto exchange accused of money laundering. SonicWall highlights an exploited zero-day. Researchers earn $320,000 for demonstrating critical remote code execution flaws in cloud infrastructure components. A U.S. Senator urges electronic health record vendors to give patients greater control over who can access their medical data. Our guest is Larry Zorio, CISO from Mark43, discussing first responders and insider cyber risks. A right-to-repair group puts cash on the table.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Larry Zorio, CISO from Mark43, to discuss first responders sounding the alarm on insider cyber risks. To see the full report, check it out here. Selected Reading HPE warns of maximum severity RCE flaw in OneView software (Bleeping Computer) China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear (SecurityWeek) Google Chrome patches two high severity vulnerabilities in emergency update (Beyond Machines) France arrests 22-year-old over Interior Ministry hack (The Record) France arrests Latvian for installing malware on Italian ferry  (Bleeping Computer) FBI dismantles alleged $70M crypto laundering operation (The Register) SonicWall Patches Exploited SMA 1000 Zero-Day (SecurityWeek) Zeroday Cloud hacking event awards $320,0000 for 11 zero days (Bleeping Computer) Senator Presses EHR Vendors on Patient Privacy Controls (Govinfosecurity) A nonprofit is paying hackers to unlock devices companies have abandoned (TechSpot) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Adventures of Alice & Bob
Ep. 93 - From Pwn2Own to Pwning AI // Aaron Portnoy

Adventures of Alice & Bob

Play Episode Listen Later Dec 10, 2025 64:27


In this episode, James and Marc sit down with Aaron Portnoy, Head of Research at MindGuard and founder of Pwn2Own.He shares stories from his early days: learning exploitation from anonymous IRC hackers, getting visits from both the IRS and FBI, a chance meeting with HD Moore at a party, and how his ability to reverse engineer fast led him to become the youngest manager at Zero Day Initiative where he helped create the Pwn2Own competition. But Aaron isn't living in the past. He reveals how he found a persistent RCE in Google's brand-new Anitgravity IDE within its first 24 hours, explains why AI security is fundamentally broken, and demonstrates how AI agents become insider threats that enterprises can't control or understand. From six-hour firewall exploits to decimal IP bypasses, Aaron shows why the attack surface has become "literally endless."

Security Conversations
APTs pounce on React2Shell; BRICKSTORM backdoors; .gov surveillance

Security Conversations

Play Episode Listen Later Dec 6, 2025 101:44


(Presented by ThreatLocker (https://threatlocker.com/threebuddyproblem): Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 75: We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of malware intrusions to come. Plus, commentary on Chrome's telemetry collection, Microsoft and the "SFI success story," newest BRICKSTORM backdoor intrusions, the US national security strategy, Anthropic's AI popping smart-contract bugs, a secret FBI ransomware-hunting unit getting weird, and a pair of sad stories in the security community. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Security Now (MP3)
SN 1047: RediShell's CVSS 10.0 - The Rise of Mega Botnets

Security Now (MP3)

Play Episode Listen Later Oct 15, 2025 165:35


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

All TWiT.tv Shows (MP3)
Security Now 1047: RediShell's CVSS 10.0

All TWiT.tv Shows (MP3)

Play Episode Listen Later Oct 15, 2025 165:35


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Security Now (Video HD)
SN 1047: RediShell's CVSS 10.0 - The Rise of Mega Botnets

Security Now (Video HD)

Play Episode Listen Later Oct 15, 2025 152:07


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Security Now (Video HI)
SN 1047: RediShell's CVSS 10.0 - The Rise of Mega Botnets

Security Now (Video HI)

Play Episode Listen Later Oct 15, 2025 152:07


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Radio Leo (Audio)
Security Now 1047: RediShell's CVSS 10.0

Radio Leo (Audio)

Play Episode Listen Later Oct 15, 2025 165:35


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

Security Now (Video LO)
SN 1047: RediShell's CVSS 10.0 - The Rise of Mega Botnets

Security Now (Video LO)

Play Episode Listen Later Oct 15, 2025 152:07


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

The CyberWire
Critical GoAnywhere bug exposed.

The CyberWire

Play Episode Listen Later Sep 25, 2025 29:13


Fortra flags a critical flaw in its GoAnywhere Managed File Transfer (MFT) solution. Cisco patches a critical vulnerability in its IOS and IOS XE software. Cloudflare thwarts yet another record DDoS attack. Rhysida ransomware gang claims the Maryland Transit cyberattack. The new “Obscura” ransomware strain spreads via domain controllers. Retailers' use of generative AI expands attack surfaces. Researchers expose GitHub Actions misconfigurations with supply chain risk. Mandiant links the new BRICKSTORM backdoor to a China-based espionage campaign. Kansas students push back against an AI monitoring tool. Ben Yelin speaks with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, discussing Women's health apps and the legal grey zone that they create with HIPAA. Senators push the FTC to regulate your brainwaves. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, co-host of Caveat, is speaking with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, about Women's health apps and the legal grey zone that they create with HIPAA. If you want to hear the full conversation, check it out on Caveat, here. Selected Reading Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems (HackRead) Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability (Cisco) Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack (Bleeping Computer) Ransomware gang known for government attacks claims Maryland transit incident (The Record) Obscura, an obscure new ransomware variant (Bleeping Computer) Threat Labs Report: Retail 2025 (Netskope) pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks (Orca) China-linked hackers use ‘BRICKSTORM' backdoor to steal IP (The Record) AI safety tool sparks student backlash after flagging art as porn, deleting emails (The Washington Post) Senators introduce bill directing FTC to establish standards for protecting consumers' neural data (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Big Technology Podcast
Is Generative AI a Cybersecurity Disaster Waiting to Happen? — With Yinon Costica

Big Technology Podcast

Play Episode Listen Later Sep 24, 2025 61:59


Yinon Costica is the co-founder and VP of product at Wiz, which sold to Google for $32 billion in cash. Costica joins Big Technology Podcast to discuss the extent of the cybersecurity threats that generative AI is creating, from vulnerabilities in AI software to the risks involved in “vibe coding.” Tune in to hear how attackers are using AI, why defenders face new asymmetries, and what guardrails organizations need now. We also cover Google's $32 billion acquisition of Wiz, the DeepSeek controversy, post-quantum cryptography, and the future risks of autonomous vehicles and humanoid robots. Hit play for a sharp, accessible look at the cutting edge of AI and cybersecurity.---Enjoying Big Technology Podcast? Please rate us five stars ⭐⭐⭐⭐⭐ in your podcast app of choice.Want a discount for Big Technology on Substack + Discord? Here's 25% off for the first year: https://www.bigtechnology.com/subscribe?coupon=0843016bQuestions? Feedback? Write to: bigtechnologypodcast@gmail.com 00:00 Opening and guest intro01:05 AI as a new software stack04:25 Core AI tools with RCE flaws06:18 Cloud infrastructure risks09:20 How secure is AI-written code13:54 Agents and security reviewers17:38 How attackers use AI today22:09 Asymmetry: attackers vs. defenders32:36 What Wiz actually does40:11 DeepSeek case and media spin

The CyberWire
Listening In on the listeners.

The CyberWire

Play Episode Listen Later Aug 28, 2025 29:15


The FBI shares revelations on Salt Typhoon's reach.  Former NSA and FBI directors sound alarm on infrastructure cybersecurity gaps. Google is launching a new cyber “disruption unit”. A new report highlights cyber risks to the maritime industry. A Pennsylvania healthcare provider suffers a data breach affecting over six hundred thousand individuals. Citrix patches a critical vulnerability under active exploitation. The U.S. sanctions a North Korean-linked fraud network. Ransomware is rapidly evolving with generative AI. Our guest is Brandon Karpf, speaking with T-Minus host Maria Varmazis connecting three seemingly disparate stories. Who needs a tutor when you've got root access? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Brandon Karpf, friend of the show, founder of T-Minus Space Daily, and cybersecurity expert talking with T-Minus host Maria Varmazis. Brandon decided to do a stump the host play for this month's space and cybersecurity segment. Selected Reading Chinese Spies Hit More Than 80 Countries in ‘Salt Typhoon' Breach, FBI Reveals (WSJ) NSA and Others Provide Guidance to Counter China State-Sponsored Actors Targeting Critical Infrastructure Organizations (NSA) Critical Infrastructure Leaders and Former National Security Officials Address Escalating Cyber Threats at Exclusive GCIS Security Briefing (Business Wire) Google previews cyber ‘disruption unit' as U.S. government, industry weigh going heavier on offense (CyberScoop) Maritime cybersecurity is the iceberg no one sees coming (Help Net Security) Healthcare Services Group reports data breach exposing information of over 624 K individuals (Beyond Machines) Over 28,000 Citrix devices vulnerable to new exploited RCE flaw (Bleeping Computer) US sanctions fraud network used by North Korean 'remote IT workers' to seek jobs and steal money (TechCrunch) The Era of AI-Generated Ransomware Has Arrived (WIRED) Spanish police arrest student suspected of hacking school system to change grades (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Dialysis down, data out.

The CyberWire

Play Episode Listen Later Aug 14, 2025 26:46


A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform.  Phishing attacks increasingly rely on personalization. Rooting and jailbreaking frameworks pose serious enterprise risks. Fortinet warns of a critical command injection flaw in FortiSIEM. Estonian nationals are sentenced in a crypto Ponzi scheme. Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Meet the Blockchain Bandits of Pyongyang. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Their team tested open-source, underground, and commercial AI models on vulnerability research and exploit development tasks—finding high failure rates and significant limitations, even among top commercial systems. Selected Reading Medical records for 1 million dialysis patients breached in data hack of VA vendor (Stars and Stripes) NSA Joins CISA and Others to Share OT Asset Inventory Guidance (NSA.gov) CISA warns of N-able N-central flaws exploited in zero-day attacks (Bleeping Computer) U.K. Secretly Spent $3.2 Million to Stop Journalists From Reporting on Data Breach (The New York Times) From Support Ticket to Zero Day  (Horizon3.ai) Personalization in Phishing: Advanced Tactics for Malware Delivery (Cofense) The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device (Zimperium) Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild (Bleeping Computer) Estonians behind $577 million cryptomining fraud sentenced to 16 months (The Record) Someone counter-hacked a North Korean IT worker: Here's what they found (Cointelegraph) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Tuesday, August 05, 2025: Daily Trends Report; NVidia Triton RCE; Cursor AI Misconfiguration

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Aug 5, 2025 6:48


Daily Trends Report A new trends report will bring you daily data highlights via e-mail. https://isc.sans.edu/diary/New%20Feature%3A%20Daily%20Trends%20Report/32170 NVidia Triton RCE Wiz found an interesting information leakage vulnerability in NVidia s Triton servers that can be leveraged to remote code execution. https://www.wiz.io/blog/nvidia-triton-cve-2025-23319-vuln-chain-to-ai-server Cursor AI MCP Vulnerability An attacker could abuse negligent Cursor MCP configurations to implement backdoors into developer machines. https://www.aim.security/lp/aim-labs-curxecute-blogpost

The CyberWire
New sheriff in cyber town.

The CyberWire

Play Episode Listen Later Aug 4, 2025 25:21


The Senate confirms a new national cyber director. A new commission explores the establishment of a separate Cyber Force. Cybercriminals exploit link wrapping to launch sophisticated phishing attacks. AI agents are hijacked, cameras cracked, and devs phished. Gene sequencers and period trackers settle allegations of oversharing personal data and inadequate security. Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. OpenAI scrambles after a chat leak fiasco. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. You can read Tim's article on the topic here. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. Selected Reading Sean Cairncross confirmed as national cyber director (The Record) Panel to create roadmap for establishing US Cyber Force (The Record) Microsoft 365: Attackers Weaponize Proofpoint and Intermedia Link Wrapping to Steal Logins (WinBuzzer) When Public Prompts Turn Into Local Shells: ‘CurXecute' – RCE in Cursor via MCP Auto‑Start (Aim Security) LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code (Hackread) Bitdefender Warns Users to Update Dahua Cameras Over Critical Flaws (Hackread) Mozilla warns of phishing attacks targeting add-on developers (Bleeping Computer) Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities (SecurityWeek) Flo settles class action lawsuit alleging improper data sharing (The Record) ChatGPT users shocked to learn their chats were in Google search results (Ars Technica) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Powering AI with politics.

The CyberWire

Play Episode Listen Later Jul 24, 2025 29:09


The White House unveils its plan for global AI dominance. Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targeting the U.S. Department of Education's grants portal. The FBI issues a warning about “The Com” cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals. Japanese police release a free decryption tool for Phobos ransomware. AI takes the wheel and drives right off a cliff. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals, highlighting severe vulnerabilities that small businesses often overlook. If you want to hear more from Joe, head over to the Hacking Humans page. Selected Reading From Tech Podcasts to Policy: Trump's New AI Plan Leans Heavily on Silicon Valley Industry Ideas (SecurityWeek) Hackers hit more than 400 organizations in Microsoft SharePoint hacks (Axios) Microsoft says some SharePoint server hackers now using ransomware (Reuters) Hackers Clone U.S. Department of Education's Grant Site in Credential Theft Campaign (TechNadu) Copilot Vision on Windows 11 sends data to Microsoft servers (The Register) FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting (The Record) SonicWall urges admins to patch critical RCE flaw in SMA 100 devices (Bleeping Computer) High-Value NPM Developers Compromised in New Phishing Campaign (SecurityWeek) Free decryptor for victims of Phobos ransomware released (Fortra) 'I destroyed months of your work in seconds' says AI coding tool after deleting a dev's entire database during a code freeze: 'I panicked instead of thinking' (PC Gamer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jul 16, 2025 5:45


Keylogger Data Stored in an ADS Xavier came across a keystroke logger that stores data in alternate data streams. The data includes keystroke logs as well as clipboard data https://isc.sans.edu/diary/Keylogger%20Data%20Stored%20in%20an%20ADS/32108 Malvertising Homebrew An attacker has been attempting to trick users into installing a malicious version of Homebrew. The fake software is advertised via paid Google ads and directs users to the attacker s GitHub repo. https://medium.com/deriv-tech/brewing-trouble-dissecting-a-macos-malware-campaign-90c2c24de5dc CVE-2025-5333: Remote Code Execution in Broadcom Altiris IRM LRQA have discovered a critical unauthenticated remote code execution (RCE) vulnerability in the Broadcom Symantec Altiris Inventory Rule Management (IRM) component of Symantec Endpoint Management. https://www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/ Code highlighting with Cursor AI for $500,000 A syntax highlighting extension for Cursor AI was used to compromise a developer s workstation and steal $500,000 in cryptocurrency. https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908/

The CyberWire
Memory leaks and login sneaks.

The CyberWire

Play Episode Listen Later Jul 8, 2025 30:50


Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. Beware of a new ransomware group called Bert. Call of Duty goes offline after reports of RCE vulnerabilities. President Trump's spending bill allocates hundreds of millions for cybersecurity. Nearly 26 million job seekers' resumes and personal data are leaked. CISA adds four actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. Outsmarting AI scraper bots with math. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment Cyber attackers are increasingly targeting the very tools developers trust—integrated development environments (IDEs), low-code platforms, and public code repositories. In this segment of Threat Vector, host ⁠David Moulton⁠ speaks with ⁠Daniel Frank⁠ and ⁠Tom Fakterman⁠ from Palo Alto Networks' threat research team about “Hunting Threats in Developer Environments.” You can hear David and Tyler's full discussion on Threat Vector ⁠⁠here⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now (Bleeping Computer) Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild (SecurityWeek) Hacker leaks Telefónica data allegedly stolen in a new breach (Bleeping Computer) Italian police arrest Chinese national wanted by FBI for alleged industrial espionage (Reuters) Beware of Bert: New ransomware group targets healthcare, tech firms (The Record) Call of Duty takes PC game offline after multiple reports of RCE attacks on players (CyberScoop) GOP domestic policy bill includes hundreds of millions for military cyber (CyberScoop) TalentHook leaks resumes of 26 Million job seekers (Beyond Machines) CISA Adds Four Known Exploited Vulnerabilities to Catalog (CISA) The Open-Source Software Saving the Internet From AI Bot Scrapers (404 Media) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
A tale of two botnets. [Research Saturday]

The CyberWire

Play Episode Listen Later Jun 28, 2025 24:55


This week we are joined by Kyle Lefton, Security Researcher from Akamai, who is diving into their work on "Two Botnets, One Flaw - Mirai Spreads Through Wazuh Vulnerability." Akamai researchers have observed active exploitation of CVE-2025-24016, a critical RCE vulnerability in Wazuh, by two Mirai-based botnets. The campaigns highlight how quickly attackers are adapting proof-of-concept exploits to spread malware, underscoring the urgency of patching vulnerable systems. One botnet appears to target Italian-speaking users, suggesting regionally tailored operations. The research can be found here: ⁠Two Botnets, One Flaw: Mirai Spreads Through Wazuh Vulnerability Learn more about your ad choices. Visit megaphone.fm/adchoices