Episodit
-
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.darkreading.com/threat-intelligence/ai-assisted-exploit-development-scanner-detectionhttps://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/https://techcrunch.com/2026/05/29/microsoft-under-fire-for-threatening-security-researcher-with-criminal-investigation/https://www.darkreading.com/application-security/megalodon-malware-infects-thousands-github-repos -
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://thehackernews.com/2026/05/claude-mythos-ai-finds-10000-high.htmlhttps://www.tenable.com/blog/key-findings-from-the-verizon-dbir-2026https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/https://www.bleepingcomputer.com/news/security/github-links-repo-breach-to-tanstack-npm-supply-chain-attack/https://thehackernews.com/2026/05/npm-adds-2fa-gated-publishing-and.html -
Puuttuva jakso?
-
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.securityweek.com/openai-hit-by-tanstack-supply-chain-attack/https://thehackernews.com/2026/05/developer-workstations-are-now-part-of.htmlhttps://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.htmlhttps://www.theregister.com/cyber-crime/2026/05/14/security-pros-doubt-canvas-attackers-really-deleted-stolen-student-data/5240799https://www.theregister.com/cyber-crime/2026/05/14/security-pros-doubt-canvas-attackers-really-deleted-stolen-student-data/5240799 -
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/https://www.theregister.com/security/2026/05/06/1-in-8-workers-say-selling-company-logins-is-justifiable/5231104https://www.theregister.com/security/2026/05/02/ai-digs-up-decades-of-code-debt-patch-up/5219734https://www.theregister.com/security/2026/05/11/anthropics-bug-hunting-mythos-was-greatest-marketing-stunt-ever-says-curl-creator/5238111https://www.securityweek.com/cyber-insurance-data-gives-cisos-new-ammo-for-budget-talks/ -
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.darkreading.com/cloud-security/csa-cisos-prepare-post-mythos-exploit-stormhttps://www.csoonline.com/article/4159292/insurance-carriers-quietly-back-away-from-covering-ai-outputs.htmlhttps://www.livescience.com/technology/artificial-intelligence/hackers-used-ai-to-steal-hundreds-of-millions-of-mexican-government-and-private-citizen-records-in-one-of-the-largest-cybersecurity-breaches-everhttps://www.bleepingcomputer.com/news/security/payouts-king-ransomware-uses-qemu-vms-to-bypass-endpoint-security/https://cybermagazine.com/news/how-cybercriminals-breached-gta-maker-rockstar -
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrializedhttps://www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/https://www.bleepingcomputer.com/news/security/google-new-unc6783-hackers-steal-corporate-zendesk-support-tickets/https://www.darkreading.com/vulnerabilities-threats/bluehammer-windows-exploit-microsoft-bug-disclosure-issueshttps://www.businessinsider.com/mercor-lawsuits-data-breach-2026-4 -
Please consider supporting the DefSec podcast here.
Links to stories:
https://www.computerweekly.com/news/366640648/Emergency-Microsoft-Oracle-patches-point-to-wider-cyber-issueshttps://www.theregister.com/2026/03/27/security_boffins_harvest_bumper_crop/https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html?m=1https://www.theregister.com/2026/03/24/trivy_compromise_litellm/https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html?m=1 -
Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.darkreading.com/identity-access-management-security/more-attackers-logging-in-not-breaking-inhttps://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/https://www.csoonline.com/article/4147833/cisa-urges-it-to-harden-endpoint-management-systems-after-cyberattack-by-pro-iranian-group.htmlhttps://arstechnica.com/security/2026/03/widely-used-trivy-scanner-compromised-in-ongoing-supply-chain-attack/https://techcrunch.com/2026/03/21/delve-accused-of-misleading-customers-with-fake-compliance/ -
This time it’s not a rerun!
]Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.bleepingcomputer.com/news/security/ransomware-payment-rate-drops-to-record-low-as-attacks-surge/https://www.securityweek.com/recent-cisco-catalyst-sd-wan-vulnerability-now-widely-exploited/https://www.darkreading.com/cyberattacks-data-breaches/nation-state-actor-ai-malware-assembly-linehttps://www.cybersecuritydive.com/news/ransomware-identity-ai-cloudflare/813319/https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html?m=1 -
Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/
https://www.theregister.com/2026/02/16/open_source_registries_fund_security/
https://www.bleepingcomputer.com/news/security/infostealer-malware-found-stealing-openclaw-secrets-for-first-time/
https://www.securityweek.com/api-threats-grow-in-scale-as-ai-expands-the-blast-radius/
https://www.theregister.com/2026/02/19/rmm_rat_trustconnect/
-
Please consider supporting the DefSec podcast here.
Links to this week’s stories:
https://www.theregister.com/2026/02/02/notepad_hijacking_lotus_blossom/
https://www.bleepingcomputer.com/news/security/fake-job-recruiters-hide-malware-in-developer-coding-challenges/
https://www.bleepingcomputer.com/news/security/amos-infostealer-targets-macos-through-a-popular-ai-app/
https://www.theregister.com/2026/02/10/ai_agents_messaging_apps_data_leak/
https://www.theregister.com/2026/02/11/payroll_pirates_business_social_engineering/
-
Please consider supporting the DefSec podcast here.
Links to the stories we cover in this episode:
https://www.theregister.com/2026/01/29/faster_patching_please_cry_infoseccers/https://thehackernews.com/2026/01/mandiant-finds-shinyhunters-using.html?m=1https://www.bleepingcomputer.com/news/security/marquis-blames-ransomware-breach-on-sonicwall-cloud-backup-hack/https://thehackernews.com/2026/01/researchers-find-175000-publicly.html?m=1https://www.darkreading.com/application-security/openclaw-ai-runs-wild-business-environments -
Please consider supporting the DefSec podcast here.
Links to the stories we cover in this episode:
https://www.bleepingcomputer.com/news/security/hackers-exploit-security-testing-apps-to-breach-fortune-500-firms/
https://www.securityweek.com/analysis-of-6-billion-passwords-shows-stagnant-user-behavior/
https://www.theregister.com/2026/01/20/group_ib_ai_cycercrime_subscriptions/
https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/
https://arstechnica.com/security/2026/01/mandiant-releases-rainbow-table-that-cracks-weak-admin-password-in-12-hours/
-
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to the stories in this episode:
https://www.theregister.com/2026/01/09/pyongyangs_cyberspies_are_turning_qr/https://www.scworld.com/perspective/five-ways-to-conduct-a-more-secure-hiring-processhttps://cybersecuritynews.com/vmware-esxi-exploited-toolkit/https://www.darkreading.com/cyber-risk/ciso-succession-crisis-highlights-turnover-amplifies-security-risks -
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.darkreading.com/cyber-risk/cybersecurity-tech-recommended-by-cyber-insurer-claims-datahttps://www.bleepingcomputer.com/news/security/trust-wallet-links-85-million-crypto-theft-to-shai-hulud-npm-attack/https://www.securityweek.com/hacker-claims-theft-of-40-million-conde-nast-records-after-wired-data-leak/https://databreaches.net/2025/12/30/software-company-lacked-downstream-liability-for-data-breach/https://techcrunch.com/2025/12/12/home-depot-exposed-access-to-internal-systems-for-a-year-says-researcher/ -
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.bleepingcomputer.com/news/security/webrat-malware-spread-via-fake-vulnerability-exploits-on-github/
https://cybersecuritynews.com/mongobleed-poc-exploit-mongodb/
https://cybersecuritynews.com/fortigate-firewall-vulnerability/
https://cybersecuritynews.com/oracle-e-business-suite-hack/
-
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Merry Christmas and Happy Holidays!
Links to this week’s stories:
https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/
https://thehackernews.com/2025/12/russia-linked-hackers-use-microsoft-365.html?m=1
https://cybersecuritynews.com/amazon-catches-north-korean-it-worker/
https://www.darkreading.com/application-security/fake-proof-ai-slop-hobble-defenders
https://www.helpnetsecurity.com/2025/12/17/cisco-secure-email-cve-2025-20393/
-
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.theregister.com/2025/12/09/hypervisor_ransomware_attacks_increasing
https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable
https://www.infosecurity-magazine.com/news/log4shell-downloaded-40-million
https://www.infosecurity-magazine.com/news/ncsc-raises-alarms-prompt
https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html?m=1
-
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics
https://www.theregister.com/2025/11/28/posthog_shaihulud/?td=keepreading / https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem
https://www.theregister.com/2025/11/27/scattered_lapsus_hunters_zendesk/
https://www.theregister.com/2025/11/25/akira_ransomware_acquisitions
Browser extensions pushed malware to 4.3M Chrome, Edge users • The Register
-
Reposting Episode 331 due to the wrong mp3 attached to the original.
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendationshttps://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/https://cyberscoop.com/fortinet-delayed-disclosure-exploited-vulnerability/https://www.bleepingcomputer.com/news/security/piecing-together-the-puzzle-a-qilin-ransomware-investigation/Repo
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendationshttps://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/https://cyberscoop.com/fortinet-delayed-disclosure-exploited-vulnerability/https://www.bleepingcomputer.com/news/security/piecing-together-the-puzzle-a-qilin-ransomware-investigation/ - Näytä enemmän
