Edwin Kwan
  • Home
  • Speaker
  • Podcasts
    • Cyber Bites
    • AppSec Unlocked
    • It’s 5:05 Podcast
  • Journal
Select Page

GhostAction Supply Chain Attack Compromises 817 GitHub Repositories, Steals 3,325 Developer Secrets

Sep 10, 2025 | Podcast

https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen Security researchers at GitGuardian have uncovered a massive supply chain attack dubbed “GhostAction” that compromised 327 GitHub users across 817 repositories, resulting in the theft...

Massive Chinese ‘Salt Typhoon’ Cyberattack May Have Compromised Data from Nearly Every American

Sep 9, 2025 | Podcast

https://www.nytimes.com/2025/09/04/world/asia/china-hack-salt-typhoon.html Security officials and cybersecurity experts are warning that a sophisticated Chinese cyber espionage campaign known as Salt Typhoon represents China’s most ambitious hacking operation to...

Massive NPM Supply Chain Attack Compromises 18 Popular Packages with 2 Billion Weekly Downloads

Sep 8, 2025 | Podcast

https://www.sonatype.com/blog/npm-chalk-and-debug-packages-hit-in-software-supply-chain-attack Cybercriminals have executed what security researchers are calling the largest npm supply chain attack in history, compromising 18 highly popular JavaScript packages that...

Google Releases Massive Android Security Update Addressing 84 Vulnerabilities Including Two Actively Exploited Flaws

Sep 5, 2025 | Podcast

https://source.android.com/docs/security/bulletin/2025-09-01 Google has released its September 2025 Android security update, the largest patch bundle of the year containing fixes for 84 vulnerabilities, including two high-severity flaws that are being actively...

Melbourne Developer Exposes Critical Gift Card Security Flaw Allowing PIN Brute-Force Attacks

Sep 4, 2025 | Podcast

https://www.itnews.com.au/news/melbourne-dev-finds-gift-card-pins-can-be-brute-forced-620022 A Melbourne software developer has discovered a serious vulnerability in gift cards sold at Australian supermarkets that allows attackers to easily guess PINs and steal stored...

Cybercriminals Weaponise AI-Powered HexStrike Tool to Rapidly Exploit Newly Disclosed Vulnerabilities

Sep 3, 2025 | Podcast

https://www.bleepingcomputer.com/news/security/hackers-use-new-hexstrike-ai-tool-to-rapidly-exploit-n-day-flaws Cybercriminals are increasingly leveraging HexStrike-AI, a legitimate open-source penetration testing framework, to rapidly exploit newly disclosed n-day...
« Older Entries
Next Entries »

Latest Posts

  • Jaguar Land Rover Extends Shutdown for Another Week After Devastating Cyberattack
  • Australia Releases Guidance on Banning Social Media for Kids
  • Self-Propagating ‘Shai-Hulud’ Malware Infects Over 180 NPM Packages in Sophisticated Supply Chain Attack
  • NSW Government Third-Party Cyber Incidents Quadruple as State Strengthens Digital Defenses
  • Cloudflare 1.1.1.1 DNS Certificates Misused, Raising Security Concerns

Speaking Events

  • INFS2701 Guest Lecture at UNSW Business School
  • Speaker at ADAPT Cloud & Infrastructure Edge 2025
  • Speaker at Sysdig Accelerate ’25 APJ Sydney
  • Speaker at EveryOps Day 2025
  • Speaker at AWS Summit Sydney

More Content

  • Articles (26)
  • Podcast (645)
  • Posts (24)
  • Speaking (44)
  • X
  • RSS
Edwin Kwan