Edwin Kwan
  • Home
  • Speaker
  • Podcasts
    • Cyber Bites
    • AppSec Unlocked
    • It’s 5:05 Podcast
  • Journal
  • Publications
Select Page

Phishing Campaign Impersonates Major Global Brands to Steal Gmail Credentials

Jul 9, 2026 | Podcast

https://gist.github.com/BushidoUK/57c38d5ee75481fb237e968a537de778 A highly targeted phishing campaign has been uncovered in which attackers are posing as recruiters from some of the world’s most recognisable brands to harvest victims’ Gmail credentials....

China Warns Developers to Uninstall Claude Code Over ‘Backdoor’ Data Collection Fears

Jul 8, 2026 | Podcast

https://cnvdb.org.cn/announcement/2074682031259299842 China’s National Vulnerability Database (CNVDB) has urged developers to immediately uninstall recent versions of Anthropic’s Claude Code, citing concerns over what it describes as “backdoor...

OpenMandriva Linux Hit by Internal Sabotage Attempt from Former Contributor

Jul 7, 2026 | Podcast

https://forum.openmandriva.org/t/statement-regarding-attempted-distribution-sabotage/8997 The OpenMandriva Linux project has announced it was the target of an attempted act of internal sabotage carried out by a former contributor following a dispute within the...

ACSC Issues Second Warning in Two Months Over Unpatched CMS Vulnerabilities Being Actively Exploited

Jul 6, 2026 | Podcast

https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/large-scale-exploitation-campaign-targeting-website-content-management-systems-cms The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has issued its second alert...

Malicious Websites Are Embedding Hidden Instructions to Hijack AI Agents Through Indirect Prompt Injection

Jul 3, 2026 | Podcast

https://www.zscaler.com/blogs/security-research/indirect-prompt-injection-web-content-targets-ai-agents Security researchers at Zscaler ThreatLabz have documented two active real-world campaigns in which malicious websites are using a technique called indirect prompt...

Microsoft Introduces Smarter Bot Protection in Microsoft Teams Meetings

Jul 2, 2026 | Podcast

https://techcommunity.microsoft.com/blog/microsoftteamsblog/introducing-smarter-bot-protection-in-microsoft-teams-meetings/4531375 Microsoft has announced the introduction of enhanced bot protection capabilities for Microsoft Teams meetings, addressing a growing...

Anthropic to Restore Claude Fable Access After Export Control Suspension

Jul 1, 2026 | Podcast

We’ve received notice that the Department of Commerce has lifted export controls on Claude Fable 5 and Mythos 5. We'll begin restoring access tomorrow, and will share an update soon. We’re grateful to our users for their patience, and to everyone who worked with...

Apple’s Hide My Email Service Has Been Leaking Real Email Addresses for Over a Year Despite Being Reported

Jun 30, 2026 | Podcast

https://www.macrumors.com/2026/07/01/hide-my-email-vulnerability-exposes-real-addresses A significant vulnerability in Apple’s Hide My Email service has been found to allow almost anyone to uncover the genuine email address behind a generated alias, and Apple...

Massive Automated Password Spray Attack Against Microsoft Azure Compromises 78 Accounts Across 64 Organisations

Jun 29, 2026 | Podcast

https://www.huntress.com/blog/lshiy-password-spray-attack Security firm Huntress has documented a massive, ongoing, automated password spray attack targeting Microsoft’s Azure command-line interface that made more than 81 million login attempts against customer...

New macOS ClickFix Attack Silently Mounts Disk Images to Deploy Information-Stealing Malware

Jun 26, 2026 | Podcast

https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer A newly identified attack campaign targeting macOS users has adapted the increasingly prevalent ClickFix social engineering technique to Apple’s...
« Older Entries

Latest Posts

  • Phishing Campaign Impersonates Major Global Brands to Steal Gmail Credentials
  • China Warns Developers to Uninstall Claude Code Over ‘Backdoor’ Data Collection Fears
  • OpenMandriva Linux Hit by Internal Sabotage Attempt from Former Contributor
  • ACSC Issues Second Warning in Two Months Over Unpatched CMS Vulnerabilities Being Actively Exploited
  • Malicious Websites Are Embedding Hidden Instructions to Hijack AI Agents Through Indirect Prompt Injection

Speaking Events

  • Guest Lecture at UNSW Business School for INFS5907
  • Speaker at Bugcrowd Luncheon
  • Guest Lecture at UNSW
  • Panelist at SecTalks Legends – 2025
  • Keynote Speaker at Sydney AI Security Summit 2025

More Content

  • Articles (26)
  • Podcast (824)
  • Posts (26)
  • Publications (1)
  • Speaking (50)
  • X
  • RSS
Edwin Kwan