Sep 16, 2025 | Speaking
It’s already been a week since The Artificial Unintelligence conference wrapped up, and I’m still buzzing from the energy and ideas shared there. I had the chance to talk about how AI is empowering DevSecOps to Secure Modern Applications. It’s always more fun to share...
Sep 16, 2025 | Podcast
https://www.sonatype.com/blog/ongoing-npm-software-supply-chain-attack-exposes-new-riskshttps://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/ Security researchers at Sonatype have identified a dangerous new supply chain attack called...
Sep 15, 2025 | Podcast
https://www.itnews.com.au/news/nsw-gov-third-party-linked-cyber-incidents-quadruple-in-two-years-620328 The number of cyber incidents linked to third-party systems used by the New South Wales (NSW) government has more than quadrupled over the past two years, according...
Sep 12, 2025 | Podcast
https://arstechnica.com/information-technology/2025/09/the-number-of-mis-issued-1-1-1-1-certificates-grows-heres-the-latest In a troubling development, security researchers have uncovered that a Microsoft-trusted certificate authority, Fina CA, has mis-issued a total...
Sep 11, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/icloud-calendar-abused-to-send-phishing-emails-from-apples-servers In a concerning development, cybercriminals have been exploiting the legitimate iCloud Calendar feature to distribute phishing emails that appear to...
Sep 10, 2025 | Podcast
https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen Security researchers at GitGuardian have uncovered a massive supply chain attack dubbed “GhostAction” that compromised 327 GitHub users across 817 repositories, resulting in the theft...
Sep 9, 2025 | Podcast
https://www.nytimes.com/2025/09/04/world/asia/china-hack-salt-typhoon.html Security officials and cybersecurity experts are warning that a sophisticated Chinese cyber espionage campaign known as Salt Typhoon represents China’s most ambitious hacking operation to...
Sep 8, 2025 | Podcast
https://www.sonatype.com/blog/npm-chalk-and-debug-packages-hit-in-software-supply-chain-attack Cybercriminals have executed what security researchers are calling the largest npm supply chain attack in history, compromising 18 highly popular JavaScript packages that...
Sep 5, 2025 | Podcast
https://source.android.com/docs/security/bulletin/2025-09-01 Google has released its September 2025 Android security update, the largest patch bundle of the year containing fixes for 84 vulnerabilities, including two high-severity flaws that are being actively...
Sep 4, 2025 | Podcast
https://www.itnews.com.au/news/melbourne-dev-finds-gift-card-pins-can-be-brute-forced-620022 A Melbourne software developer has discovered a serious vulnerability in gift cards sold at Australian supermarkets that allows attackers to easily guess PINs and steal stored...
