In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. Discover how attackers are exploiting newly disclosed vulnerabilities faster than ever, with nearly 1 in 3 CVEs weaponized within 24 hours of publication.
We dive deep into the Lazarus Group’s tactics, including watering hole attacks, one-day and potential zero-day vulnerabilities in tools like Innorix Agent and Cross EX, and their deployment of advanced malware families like ThreatNeedle and AGAMEMNON.
But that’s not all—we also cover:
- The evolution of phishing-as-a-service with generative AI (Darcula and Gamma AI),
- The increasing exploitation of browsers as attack surfaces,
- A Linux rootkit that avoids detection by bypassing system calls,
- Nation-state cyber activity from Russia, China, Iran, and North Korea,
- And the silent crisis looming over the CVE program’s future funding.
Plus, we explore the growing importance of non-human identities (NHIs) in security strategies, and the ongoing risks in software supply chains—from malicious npm packages to cryptocurrency library compromises.
If you’re a cybersecurity professional or threat analyst, this is your essential 30-minute intel download.
