Podcasts

HeroDevs Secures $125M to Extend Life of Critical Open Source Software

July 24, 2025

In this episode, we dive deep into HeroDevs’ recent $125 million strategic growth investment, a move that signals a major

UK Moves to Ban Ransomware Payments for Public Sector and Critical Infrastructure

July 23, 2025

In a landmark move to disrupt the financial engine powering ransomware attacks, the United Kingdom is pushing forward with legislation

New SysAid Vulnerabilities Added to CISA’s KEV List: XXE Flaws Could Enable RCE

July 23, 2025

Two newly added vulnerabilities in SysAid’s On-Prem IT support software — CVE-2025-2775 and CVE-2025-2776 — have officially joined the Cybersecurity

Lumma Stealer Returns: Malware-as-a-Service Resurges After Global Takedown

July 23, 2025

In this episode, we unpack the rapid and concerning resurgence of Lumma Stealer, a sophisticated Malware-as-a-Service (MaaS) platform, just months

Cisco ISE Critical Flaws Now Actively Exploited: No Workarounds, Just Root Access

July 23, 2025

Hackers are actively exploiting a trio of critical zero-day vulnerabilities in Cisco’s Identity Services Engine (ISE) and Passive Identity Connector

ToolShell: SharePoint Zero-Day Chain Gives Hackers Full Remote Access

July 22, 2025

A new wave of zero-day attacks—collectively known as ToolShell—is actively targeting Microsoft SharePoint servers, with two vulnerabilities (CVE-2025-53770 and CVE-2025-53771)

CVE-2025-54309: CrushFTP Zero-Day Exploited in Global Admin Access Attacks

July 22, 2025

A critical zero-day vulnerability in CrushFTP (CVE-2025-54309) is being actively exploited, giving attackers administrative access to over a thousand unpatched

Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform

July 22, 2025

Dell Technologies is the latest target in a growing trend of data extortion attacks as threat actors pivot away from

Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting

July 22, 2025

A critical vulnerability in ExpressVPN’s Windows client has put a spotlight on the often-overlooked dangers of debug code making its

Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack

July 21, 2025

In this episode, we unpack the January 2025 data breach at Dior, the iconic luxury fashion house, which exposed sensitive

HeroDevs Secures $125M to Extend Life of Critical Open Source Software

UK Moves to Ban Ransomware Payments for Public Sector and Critical Infrastructure

New SysAid Vulnerabilities Added to CISA’s KEV List: XXE Flaws Could Enable RCE

Lumma Stealer Returns: Malware-as-a-Service Resurges After Global Takedown

Cisco ISE Critical Flaws Now Actively Exploited: No Workarounds, Just Root Access

ToolShell: SharePoint Zero-Day Chain Gives Hackers Full Remote Access

CVE-2025-54309: CrushFTP Zero-Day Exploited in Global Admin Access Attacks

Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform

Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting

Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack

Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs

New Extortion Crew Uses Phishing to Breach High-Value Corporations

Bogus Traffic Violation Text Scam Targeting Americans

EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts

Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE

New Phishing Techniques Threaten TikTok Business Account Security

Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations

LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves

Phishing Attack Hits Intuitive’s Internal IT Business Systems

Signal Cyberattack in Germany Targets Politicians Through Impersonation

Daily Briefing Newsletter