Over 29,000 Exchange Servers Remain Vulnerable to Critical Flaw Despite Federal Emergency Directive

Aug 15, 2025 | Podcast

https://www.cisa.gov/news-events/directives/ed-25-02-mitigate-microsoft-exchange-vulnerability Security monitoring platform Shadowserver has identified more than 29,000 Microsoft Exchange servers that remain unpatched against a high-severity vulnerability that could...

WinRAR Zero-Day Vulnerability Under Active Exploitation Prompts Emergency Security Update

Aug 14, 2025 | Podcast

https://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability WinRAR developers have released an urgent security update to address an actively exploited zero-day vulnerability that allows attackers to...

University of Western Australia Forces All Staff and Students to Reset Passwords After Security Breach

Aug 13, 2025 | Podcast

https://www.abc.net.au/news/2025-08-11/university-of-western-australia-uwa-suffers-major-data-breach/105636074 The University of Western Australia has locked all staff and students out of university systems and mandated password resets following the detection of...

Cybercriminals Deploy 60 Malicious Ruby Gems Downloaded 275,000 Times in Credential Theft Campaign

Aug 12, 2025 | Podcast

https://socket.dev/blog/60-malicious-ruby-gems-used-in-targeted-credential-theft-campaign Security researchers at Socket have uncovered a supply chain attack involving 60 malicious Ruby gems that have been downloaded over 275,000 times since March 2023, primarily...

Google Confirms Data Breach Exposed 2.55 Million Potential Ads Customer Records in Salesforce Attack

Aug 11, 2025 | Podcast

https://cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion Google has officially confirmed a data breach affecting one of its Salesforce CRM instances that exposed information belonging to potential Google Ads customers, with threat actors...

Australian Spy Chief Warns Defense Workers’ LinkedIn Profiles Are Exposing Classified Projects to Foreign Intelligence

Aug 8, 2025 | Podcast

https://www.asio.gov.au/26th-annual-hawke-lecture-counting-and-countering-cost-espionage Australia’s top intelligence official has issued a strong warning about the espionage risks posed by social media profiles that reveal sensitive defence work, highlighting...

Cybercriminals Use Raspberry Pi Device to Execute Physical ATM Heist in Indonesian Bank Network

Aug 7, 2025 | Podcast

https://www.group-ib.com/blog/unc2891-bank-heist A sophisticated cybercriminal group successfully executed a physical network intrusion using a Raspberry Pi device to steal cash from an Indonesian ATM, demonstrating a new level of coordination between digital...

Cybercriminals Exploit Security Link-Wrapping Services to Launch Sophisticated Microsoft 365 Phishing Campaigns

Aug 6, 2025 | Podcast

https://www.cloudflare.com/threat-intelligence/research/report/attackers-abusing-proofpoint-intermedia-link-wrapping-to-deliver-phishing-payloads Threat actors have discovered a new method to legitimise phishing attacks by exploiting link-wrapping security features...

Application Security Crisis Deepens as 62% of Organisations Ship Vulnerable Code Under Deadline Pressure

Aug 5, 2025 | Podcast

https://cypressdefense.com/resources/state-of-application-security-report A new report from Cypress Data Defense has revealed a troubling state of application security, with 62% of organisations knowingly deploying vulnerable code to production environments to meet...

Critical Vulnerability in AI-Powered Cursor IDE Enables Remote Code Execution Through Prompt Injection

Aug 4, 2025 | Podcast

https://www.aim.security/lp/aim-labs-curxecute-blogpost Security researchers at Aim Security have discovered a critical vulnerability dubbed CurXecute in the popular AI-powered code editor Cursor, which affects nearly all versions of the IDE and can be exploited to...