Apr 15, 2026 | Podcast
https://pluto.security/blog/mcp-bug-nginx-security-vulnerability-cvss-9-8 A critical authentication bypass vulnerability in Nginx UI, tracked as CVE-2026-33032, is now being actively exploited in the wild, allowing remote attackers to seize complete control of web...
Apr 14, 2026 | Speaking
Had a great time guest lecturing last week at UNSW Business School for INFS5907. The brief was to share some real-world perspectives on how AI is reshaping the management side of cybersecurity, from decision-making and prioritisation through to operating models, risk...
Apr 14, 2026 | Podcast
https://helpx.adobe.com/security/products/acrobat/apsb26-43.html Adobe has released an emergency security update to address a critical vulnerability in Acrobat and Acrobat Reader, tracked as CVE-2026-34621, which has been exploited in zero-day attacks since at least...
Apr 13, 2026 | Podcast
https://www.abc.net.au/news/2026-04-13/booking-com-data-security-breach-personal-details/106557630 Booking.com has confirmed that hackers accessed customer data linked to travel reservations, prompting the company to force PIN resets and notify affected users directly...
Mar 27, 2026 | Podcast
https://www.omnissa.com/insights/Omnissa-State-of-Digital-Workspace-2026-press-release A new industry report from device management firm Omnissa has exposed a concerning gap in how enterprises maintain the security of their Windows fleets compared to Apple devices....
Mar 26, 2026 | Podcast
https://krebsonsecurity.com/2026/03/canisterworm-springs-wiper-attack-targeting-iran The cybercrime group TeamPCP — already linked to a string of high-profile software supply chain attacks — has pivoted toward geopolitical disruption, deploying a destructive wiper...
Mar 25, 2026 | Podcast
https://www.endorlabs.com/learn/teampcp-isnt-done A hacker group known as TeamPCP has been caught planting malicious code inside litellm, a popular AI software library downloaded roughly 95 million times per month. Two versions of the package – 1.82.7 and 1.82.8...
Mar 24, 2026 | Podcast
https://www.itnews.com.au/news/hacker-says-they-compromised-millions-of-confidential-police-tips-624447 A hacker operating under the alias “Internet Yiff Machine” has claimed responsibility for breaking into P3 Global Intel, a tip intelligence platform...
Mar 23, 2026 | Podcast
https://www.aph.gov.au/Parliamentary_Business/Tabled_Documents/15638 An independent review of Australia’s Security of Critical Infrastructure (SoCI) Act has delivered a damning verdict, finding that the legislation is widely perceived as ineffective and failing...
Mar 18, 2026 | Speaking
Had the Opportunity to speak at a Bugcrowd luncheon event today to share with everybody the journey I’ve taken to move the organisation into a Bug bounty program, all in just over 1 year of starting the Product Security journey. I had the great opportunity to...
