Sep 5, 2025 | Podcast
https://source.android.com/docs/security/bulletin/2025-09-01 Google has released its September 2025 Android security update, the largest patch bundle of the year containing fixes for 84 vulnerabilities, including two high-severity flaws that are being actively...
Sep 4, 2025 | Podcast
https://www.itnews.com.au/news/melbourne-dev-finds-gift-card-pins-can-be-brute-forced-620022 A Melbourne software developer has discovered a serious vulnerability in gift cards sold at Australian supermarkets that allows attackers to easily guess PINs and steal stored...
Sep 3, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/hackers-use-new-hexstrike-ai-tool-to-rapidly-exploit-n-day-flaws Cybercriminals are increasingly leveraging HexStrike-AI, a legitimate open-source penetration testing framework, to rapidly exploit newly disclosed n-day...
Sep 2, 2025 | Podcast
https://www.zscaler.com/blogs/company-news/salesloft-drift-supply-chain-incident-key-details-and-zscaler-s-response Cybersecurity company Zscaler has confirmed it suffered a data breach after threat actors compromised its Salesforce instance through the Salesloft...
Sep 1, 2025 | Podcast
https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/outsourcing-and-procurement/cyber-supply-chains/a-shared-vision-of-software-bill-of-materials-for-cybersecurity Australia’s Cyber Security Centre has joined 16...
Aug 29, 2025 | Podcast
https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa The Zscaler ThreatLabz team has uncovered significant enhancements in the Anatsa Android banking trojan, known for sophisticated attacks on financial...
Aug 28, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/over-28-200-citrix-instances-vulnerable-to-actively-exploited-rce-bug More than 28,200 Citrix instances worldwide are currently vulnerable to a critical remote code execution flaw, CVE-2025-7775, which security officials...
Aug 27, 2025 | Podcast
https://www.wiz.io/blog/s1ngularity-supply-chain-attack Attackers have successfully compromised multiple Nx NPM packages in a sophisticated supply chain attack that leverages artificial intelligence tools for reconnaissance, marking what researchers believe to be the...
Aug 26, 2025 | Podcast
#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6...
Aug 25, 2025 | Podcast
https://android-developers.googleblog.com/2025/08/elevating-android-security.html Google has announced a comprehensive new security initiative called “Developer Verification” that will require all Android app developers to verify their identities before...