Jun 17, 2025 | Podcast
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/ Security researchers have uncovered a sophisticated criminal advertising ecosystem that leverages fake CAPTCHA challenges to trick users into enabling malicious push notifications,...
Jun 16, 2025 | Podcast
https://www.apra.gov.au/for-action-information-security-obligations-and-critical-authentication-controls Australia’s financial regulator has issued an urgent directive to all superannuation funds, demanding they assess and strengthen their authentication...
Jun 13, 2025 | Podcast
https://www.aikido.dev/blog/supply-chain-attack-on-react-native-aria-ecosystem Cybersecurity researchers have uncovered a sophisticated supply chain attack targeting over a dozen packages associated with GlueStack, delivering malware to developers worldwide. The...
Jun 12, 2025 | Podcast
https://fearsoff.org/research/roundcube More than 84,000 Roundcube webmail installations worldwide remain vulnerable to CVE-2025-49113, a critical remote code execution flaw that affects versions spanning over a decade and has already been exploited by cybercriminals...
Jun 11, 2025 | Podcast
The strange tale of ischhfd83: When cybercriminals eat their own Sophos researchers have traced more than a hundred backdoored malware repositories on GitHub to a single Russian threat actor using the identifier “ischhfd83,” who has been systematically...
Jun 10, 2025 | Podcast
https://cdn.openai.com/threat-intelligence-reports/5f73af09-a3a3-4a55-992e-069237681620/disrupting-malicious-uses-of-ai-june-2025.pdf OpenAI has terminated accounts linked to 10 malicious campaigns that exploited ChatGPT for various nefarious activities, including...
Jun 10, 2025 | Podcast
In this article we’re looking at a challenge that’s become increasingly critical: security training for remote teams. We’ll explore how to build and maintain a strong security culture when your team is distributed across different locations, time...
Jun 9, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/stolen-ticketmaster-data-from-snowflake-attacks-briefly-for-sale-again The Arkana Security extortion gang caused a brief stir over the weekend when they advertised what appeared to be newly stolen Ticketmaster data for...
Jun 6, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/microsoft-authenticator-now-warns-to-export-passwords-before-july-cutoff/ Microsoft has begun issuing urgent notifications through its Authenticator app, warning users that the password autofill feature will be...
Jun 5, 2025 | Podcast
https://www.cs.ucr.edu/~heng/pubs/sbom-dsn24.pdf Security researchers at the University of California, Riverside and Deepbits Technology have uncovered significant vulnerabilities in four widely-used Software Bill of Materials (SBOM) generation tools, revealing that...