Jun 24, 2025 | Podcast
Welcome to the last article in this series on Training & Awareness. We’re going to finish off the season by looking ahead to the future of security training and awareness. Over the past eleven episodes, we’ve covered everything from Security Champions...
Jun 20, 2025 | Podcast
https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation Cybersecurity researchers have uncovered a large-scale malware campaign that compromised more than 269,000 legitimate websites in just one month using a sophisticated JavaScript...
Jun 19, 2025 | Podcast
https://www.theregister.com/2025/06/16/scattered_spider_targets_insurance_firms Google’s threat intelligence team has issued urgent warnings that the notorious Scattered Spider cybercrime group has pivoted from targeting retail companies to launching...
Jun 18, 2025 | Speaking
I had the great opportunity to participate in a panel discussion on Industry Trends for AI in the Software Supply Chain.I enjoyed the conversations and loved hearing everyone’s perspective on their observations and projections.The event also showcased some of...
Jun 18, 2025 | Podcast
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted Apple has confirmed that a critical zero-click vulnerability in its Messages app was actively exploited by sophisticated attackers to infect European journalists...
Jun 17, 2025 | Podcast
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/ Security researchers have uncovered a sophisticated criminal advertising ecosystem that leverages fake CAPTCHA challenges to trick users into enabling malicious push notifications,...
Jun 16, 2025 | Podcast
https://www.apra.gov.au/for-action-information-security-obligations-and-critical-authentication-controls Australia’s financial regulator has issued an urgent directive to all superannuation funds, demanding they assess and strengthen their authentication...
Jun 13, 2025 | Podcast
https://www.aikido.dev/blog/supply-chain-attack-on-react-native-aria-ecosystem Cybersecurity researchers have uncovered a sophisticated supply chain attack targeting over a dozen packages associated with GlueStack, delivering malware to developers worldwide. The...
Jun 12, 2025 | Podcast
https://fearsoff.org/research/roundcube More than 84,000 Roundcube webmail installations worldwide remain vulnerable to CVE-2025-49113, a critical remote code execution flaw that affects versions spanning over a decade and has already been exploited by cybercriminals...
Jun 11, 2025 | Podcast
The strange tale of ischhfd83: When cybercriminals eat their own Sophos researchers have traced more than a hundred backdoored malware repositories on GitHub to a single Russian threat actor using the identifier “ischhfd83,” who has been systematically...