Edwin Kwan
  • Home
  • Speaker
  • Podcasts
    • Cyber Bites
    • AppSec Unlocked
    • It’s 5:05 Podcast
  • Journal
  • Publications
Select Page

Anthropic’s AI Model Finds Over Ten Thousand Critical Vulnerabilities in Global Software Infrastructure

May 26, 2026 | Podcast

https://www.anthropic.com/research/glasswing-initial-update Anthropic has published an initial update on Project Glasswing, a collaborative security initiative launched last month in which the company and approximately 50 partner organisations have used...

npm Introduces Human Approval Gates to Counter Software Supply Chain Attacks

May 25, 2026 | Podcast

Staged publishing and new install-time controls for npm GitHub has released two significant security updates for npm, the world’s largest software package registry and the primary distribution channel through which JavaScript developers share and consume...

HackerOne Slashes Bug Bounty Payouts as AI Floods Open-Source Security Programs

May 22, 2026 | Podcast

https://hackerone.com/ibb/bounty_table_versions?change=2026-05-18T20%3A25%3A03.903Z&type=team HackerOne has cut reward payments across its Internet Bug Bounty (IBB) program by more than 75 percent, reducing the payout for a critical vulnerability from $9,250 to...

CISA Credentials Exposed in Public GitHub Repository for Six Months Before Takedown

May 21, 2026 | Podcast

https://blog.gitguardian.com/how-we-got-a-cisa-github-leak-taken-down-in-26-hours Researchers at GitGuardian discovered a public GitHub repository named “Private-CISA” containing 844 megabytes of sensitive data belonging to the United States Cybersecurity...

Google Accidentally Exposes Details of Unpatched Chromium Vulnerability

May 20, 2026 | Podcast

https://infosec.exchange/@rebane2001/116606719764376414 Google briefly made public the technical details of an unpatched security vulnerability in Chromium, the open-source browser engine underpinning Google Chrome, Microsoft Edge, Brave, Opera, and dozens of other...

GitHub Confirms Internal Repository Breach After Employee Device Compromise

May 19, 2026 | Podcast

https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w GitHub has confirmed that an employee device was compromised via a poisoned Microsoft Visual Studio Code extension, resulting in the exfiltration of approximately 3,800 internal repositories....
« Older Entries
Next Entries »

Latest Posts

  • Phishing Campaign Impersonates Major Global Brands to Steal Gmail Credentials
  • China Warns Developers to Uninstall Claude Code Over ‘Backdoor’ Data Collection Fears
  • OpenMandriva Linux Hit by Internal Sabotage Attempt from Former Contributor
  • ACSC Issues Second Warning in Two Months Over Unpatched CMS Vulnerabilities Being Actively Exploited
  • Malicious Websites Are Embedding Hidden Instructions to Hijack AI Agents Through Indirect Prompt Injection

Speaking Events

  • Guest Lecture at UNSW Business School for INFS5907
  • Speaker at Bugcrowd Luncheon
  • Guest Lecture at UNSW
  • Panelist at SecTalks Legends – 2025
  • Keynote Speaker at Sydney AI Security Summit 2025

More Content

  • Articles (26)
  • Podcast (824)
  • Posts (26)
  • Publications (1)
  • Speaking (50)
  • X
  • RSS
Edwin Kwan