Edwin Kwan
  • Home
  • Speaker
  • Podcasts
    • Cyber Bites
    • AppSec Unlocked
    • It’s 5:05 Podcast
  • Journal
Select Page

Supply Chain Attack Targets Nx NPM Packages Using AI Tools for Developer Reconnaissance

Aug 27, 2025 | Podcast

https://www.wiz.io/blog/s1ngularity-supply-chain-attack Attackers have successfully compromised multiple Nx NPM packages in a sophisticated supply chain attack that leverages artificial intelligence tools for reconnaissance, marking what researchers believe to be the...

First AI-Powered Ransomware Using Machine Learning to Generate Malicious Code

Aug 26, 2025 | Podcast

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6...

Google Mandates Identity Verification for All Android Developers to Combat Malware Threats

Aug 25, 2025 | Podcast

https://android-developers.googleblog.com/2025/08/elevating-android-security.html Google has announced a comprehensive new security initiative called “Developer Verification” that will require all Android app developers to verify their identities before...

Cybercriminals Exploit Japanese Unicode Character to Create Deceptive Booking.com Phishing Campaigns

Aug 22, 2025 | Podcast

https://www.bleepingcomputer.com/news/security/bookingcom-phishing-campaign-uses-sneaky-character-to-trick-you Threat actors have launched a sophisticated phishing campaign targeting Booking.com users by exploiting the Japanese hiragana character “ん” to...

Microsoft Teams Deploys Enhanced Security Features to Block Malicious URLs and Dangerous File Types

Aug 21, 2025 | Podcast

https://www.bleepingcomputer.com/news/security/microsoft-teams-to-protect-against-malicious-urls-dangerous-file-types Microsoft has announced significant security enhancements for Microsoft Teams that will strengthen protection against malware and file-based attacks...

Cybercriminals Launch Sophisticated ‘Ramp and Dump’ Schemes Targeting Brokerage Accounts Through Mobile Phishing

Aug 20, 2025 | Podcast

https://krebsonsecurity.com/2025/08/mobile-phishers-target-brokerage-accounts-in-ramp-and-dump-cashout-scheme Cybercriminal groups specializing in mobile phishing attacks have shifted their focus to targeting customers of major brokerage platforms, implementing a...
« Older Entries
Next Entries »

Latest Posts

  • Cloudflare 1.1.1.1 DNS Certificates Misused, Raising Security Concerns
  • Apple iCloud Calendar Abused for Phishing Scams
  • GhostAction Supply Chain Attack Compromises 817 GitHub Repositories, Steals 3,325 Developer Secrets
  • Massive Chinese ‘Salt Typhoon’ Cyberattack May Have Compromised Data from Nearly Every American
  • Massive NPM Supply Chain Attack Compromises 18 Popular Packages with 2 Billion Weekly Downloads

Speaking Events

  • INFS2701 Guest Lecture at UNSW Business School
  • Speaker at ADAPT Cloud & Infrastructure Edge 2025
  • Speaker at Sysdig Accelerate ’25 APJ Sydney
  • Speaker at EveryOps Day 2025
  • Speaker at AWS Summit Sydney

More Content

  • Articles (26)
  • Podcast (641)
  • Posts (24)
  • Speaking (44)
  • X
  • RSS
Edwin Kwan