Feb 4, 2025 | Podcast
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak DeepSeek, a Chinese AI startup, has suffered a significant data breach, exposing sensitive user data and internal information. Two publicly accessible databases containing over a million log...
Feb 4, 2025 | Podcast
Let’s be honest – most security training is boring. Really boring. Annual compliance videos, outdated slideshows, generic best practices that don’t apply to your tech stack. No wonder developers tune out. But it doesn’t have to be this way. THE...
Feb 3, 2025 | Podcast
https://blog.pypi.org/posts/2025-01-30-archival The Python Package Index (PyPI) has implemented a new “Project Archiving” feature to enhance the security and transparency of the open-source ecosystem. This feature allows project maintainers to officially...
Jan 31, 2025 | Podcast
https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4 Google is fortifying its security measures following a recent, elaborate voice phishing attack documented by programmer Zach Latta. Latta, founder of Hack Club, detailed a close call he had with...
Jan 30, 2025 | Podcast
https://flatt.tech/research/posts/clone2leak-your-git-credentials-belong-to-us Multiple vulnerabilities have been discovered in popular Git clients, including GitHub Desktop, that could allow attackers to steal user credentials. These vulnerabilities, stemming from...
Jan 29, 2025 | Podcast
https://www.darkreading.com/cyber-risk/security-needs-start-saying-no-again For years, cybersecurity teams were often perceived as the “Department of No,” constantly blocking initiatives due to security concerns. However, in an effort to demonstrate value...
Jan 28, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/hundreds-of-fake-reddit-sites-push-lumma-stealer-malware Cybercriminals are leveraging hundreds of fake Reddit and WeTransfer websites to distribute the Lumma Stealer malware. These deceptive websites mimic the appearance...
Jan 27, 2025 | Podcast
https://samcurry.net/hacking-subaru A critical security vulnerability in Subaru’s Starlink service could have allowed attackers to remotely control and track vehicles in the United States, Canada, and Japan. The flaw, discovered by security researchers Sam Curry...
Jan 24, 2025 | Podcast
https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions A sophisticated supply chain attack has targeted Chrome extension developers, compromising dozens of extensions and potentially impacting millions of users. The campaign involved...
Jan 23, 2025 | Podcast
https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years A critical error in MasterCard’s domain name system (DNS) configuration went unnoticed for nearly five years. This misconfiguration could have allowed attackers to intercept or...
