Edwin Kwan
  • Home
  • Speaker
  • Podcasts
    • Cyber Bites
    • AppSec Unlocked
    • It’s 5:05 Podcast
  • Journal
  • Publications
Select Page

Critical Vulnerability in GitHub MCP Integration Allows Private Repository Data Theft

Jun 4, 2025 | Podcast

https://invariantlabs.ai/blog/mcp-github-vulnerability Cybersecurity researchers at Invariant Labs have discovered a critical vulnerability in the widely-used GitHub Model Context Protocol (MCP) integration that could allow attackers to steal sensitive data from...

Phishing Campaign Targets CFOs Globally Using Legitimate NetBird Remote Access Tool

Jun 3, 2025 | Podcast

Multi-stage operation impersonates Rothschild & Co recruiters to deploy remote access software across six regions https://www.trellix.com/en-in/blogs/research/a-flyby-on-the-cfos-inbox-spear-phishing-campaign-targeting-financial-executives-with-netbird-deployment...

Australia Implements Mandatory Ransomware Payment Disclosure Rules Under New Cyber Security Framework

Jun 2, 2025 | Podcast

Businesses with annual turnover above $3 million must now report ransom payments within 72 hours or face civil penalties https://www.legislation.gov.au/F2025L00278/asmade/text Australia has officially launched its mandatory ransomware payment disclosure requirements,...

Apple Blocks Record $9 Billion in Fraudulent Transactions Across Five-Year Security Crackdown

May 30, 2025 | Podcast

https://www.apple.com/newsroom/2025/05/the-app-store-prevented-more-than-9-billion-usd-in-fraudulent-transactions Apple has revealed the staggering scale of its ongoing battle against App Store fraud, announcing that it prevented over $9 billion in fraudulent...

Australian Cyber Agency Warns of Russian GRU Targeting Western Logistics and Tech Companies

May 29, 2025 | Podcast

https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/russian-gru-targeting-western-logistics-entities-and-technology-companies The Australian Cyber Security Centre has issued a critical alert warning that Russian military intelligence operatives...

TikTok Becomes New Vector for ClickFix Malware Campaign Targeting User Credentials

May 28, 2025 | Podcast

https://www.trendmicro.com/en_us/research/25/e/tiktok-videos-infostealers.html Cybercriminals have expanded their reach by weaponising TikTok videos to distribute dangerous infostealer malware through a sophisticated campaign known as ClickFix, marking a concerning...
« Older Entries
Next Entries »

Latest Posts

  • New “ClawHub” and “ClawSwarm” Malware Campaigns Target AI Agents for Crypto Recruitment
  • KnowBe4 Research Reveals 86% of Phishing Attacks Are Now AI-Driven
  • Google Patches Maximum Severity CVSS 10 Flaw in Gemini CLI Amid Growing AI Tool Vulnerabilities
  • Critical cPanel & WHM Authentication Bypass Vulnerability Actively Exploited in the Wild
  • Critical Linux “copyfiles” Vulnerability Grants Root Access on Major Distributions

Speaking Events

  • Guest Lecture at UNSW Business School for INFS5907
  • Speaker at Bugcrowd Luncheon
  • Guest Lecture at UNSW
  • Panelist at SecTalks Legends – 2025
  • Keynote Speaker at Sydney AI Security Summit 2025

More Content

  • Articles (26)
  • Podcast (777)
  • Posts (26)
  • Publications (1)
  • Speaking (50)
  • X
  • RSS
Edwin Kwan