Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links to this week’s stories:

https://www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics

https://www.theregister.com/2025/11/28/posthog_shaihulud/?td=keepreading / https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem

https://www.theregister.com/2025/11/27/scattered_lapsus_hunters_zendesk/

https://www.theregister.com/2025/11/25/akira_ransomware_acquisitions

Browser extensions pushed malware to 4.3M Chrome, Edge users • The Register

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links to this week’s stories:

• https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations
• https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/
• https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/
• https://cyberscoop.com/fortinet-delayed-disclosure-exploited-vulnerability/
• https://www.bleepingcomputer.com/news/security/piecing-together-the-puzzle-a-qilin-ransomware-investigation/

Repo

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links to this week’s stories:

• https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations
• https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/
• https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/
• https://cyberscoop.com/fortinet-delayed-disclosure-exploited-vulnerability/
• https://www.bleepingcomputer.com/news/security/piecing-together-the-puzzle-a-qilin-ransomware-investigation/

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links to this week’s stories:

• https://www.cybersecuritydive.com/news/nevada-ransomware-attack-traced-back-to-malware-download-by-employee/805011/
• https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools
• https://www.darkreading.com/application-security/owasp-highlights-supply-chain-risks-new-top-10
• https://www.computerweekly.com/news/366634363/Google-Dont-get-distracted-by-AI-focus-on-real-cyber-threats

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links to this week’s stories:

https://www.theregister.com/2025/11/03/mit_sloan_updates_ai_ransomware_paper/

https://www.theregister.com/2025/10/29/ey_exposes_4tb_sql_database/

https://www.darkreading.com/cyber-risk/zombie-projects-rise-again-undermine-security

https://www.darkreading.com/cloud-security/cloud-outages-highlight-need-resilient-secure-infrastructure-recovery

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links we discuss this week:

https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html?m=1

https://www.cybersecuritydive.com/news/artificial-intelligence-security-risks-ey-report/803490/

https://www.cybersecuritydive.com/news/ai-augment-security-identity-soc/803608/

https://www.darkreading.com/cyber-risk/best-end-user-security-awareness-programs-arent-about-awareness-anymore

https://www.bleepingcomputer.com/news/security/hackers-now-exploiting-critical-windows-server-wsus-flaw-in-attacks/

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Links to this week’s stories:

https://www.cybersecurity-insiders.com/how-ai-will-shape-the-future-of-cyber-defense-a-one-three-and-five-year-outlook/

https://www.helpnetsecurity.com/2025/10/15/f5-big-ip-data-breach/

https://www.bleepingcomputer.com/news/security/fake-lastpass-bitwarden-breach-alerts-lead-to-pc-hijacks/

https://blogs.microsoft.com/on-the-issues/2025/10/16/mddr-2025/

https://www.theguardian.com/technology/2025/oct/19/global-cyber-attack-russian-hack-solarwinds-stress-health

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Here are the stories we discuss this week:

https://cybersecuritynews.com/hackers-actively-compromising-databases/

https://www.bleepingcomputer.com/news/security/hackers-target-university-hr-employees-in-payroll-pirate-attacks/

https://securityaffairs.com/183154/security/threat-actors-steal-firewall-configs-impacting-all-sonicwall-cloud-backup-users.html

https://www.theregister.com/2025/10/07/gen_ai_shadow_it_secrets/

https://thehackernews.com/2025/10/from-phishing-to-malware-ai-becomes.html?m=1

https://databreaches.net/2025/10/12/from-sizzle-to-drizzle-to-fizzle-the-massive-data-leak-that-wasnt/

Want to be the first to hear our episodes each week? Become a Patreon donor here.

Here are links to the stories we discuss this week:

https://www.theregister.com/2025/09/29/postmark_mcp_server_code_hijacked/

https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/

https://www.bleepingcomputer.com/news/security/westjet-data-breach-exposes-travel-details-of-12-million-customers/

https://www.cybersecuritydive.com/news/material-cybersecurity-breaches-unreported/760892/

https://www.securityweek.com/red-hat-confirms-gitlab-instance-hack-data-theft/

https://www.securityweek.com/hackers-extorting-salesforce-after-stealing-data-from-dozens-of-customers/

https://databreaches.net/2025/10/04/just-days-before-its-data-might-be-leaked-qantas-airways-obtained-a-permanent-injunction/