Daily Cyber Security News

Cybercriminals weaponize Anthropic Claude for automated phishing, ransomware and real time data extortion. Google removes 77 malicious Play Store apps and patches a critical Chrome zero day. Microsoft RDP AD and Azure endpoints face new exploit waves. Telegram bots deliver spyware. A TransUnion breach exposes 4.4 M consumer records via a third party app flaw.

An overview of cybersecurity Reverse engineering, focussing on reverse engineering overview

Apple released emergency updates for a critical zero click zero day in its ImageIO framework exploited to siphon crypto. The episode also covers Google's AI driven scam lures, Microsoft s CVE 2025 29824 exploits, sweeping Linux kernel fixes and Telegram s new security shields.

An overview of cybersecurity Extended Detection and Response XDR , focussing on xdr overview

Unpack a pre auth FortiSIEM RCE in the wild, brute force SSL VPN sieges, Google and Microsoft s latest security wins and AI injection risks, a Telegram malware surge under Russian crackdowns, and an active WinRAR zero day backdoor campaign.

An overview of cybersecurity Living off the Land LotL attacks, focussing on overview

A prompt injection bug in Google Calendar let attackers embed hidden commands in invites or emails to hijack Gemini AI agents and control smart home devices. Fully patched, it underscores the growing risk of AI promptware and the need to sanitize untrusted inputs.

An overview of cybersecurity Behavioral Fingerprinting, focussing on introduction

Pro Ukraine hacktivists crippled Aeroflot servers, CISA released incident response and Zero Trust guidance, Google patched critical zero days and supply chain flaws, and Telegram rolled out new privacy defenses.

An overview of cybersecurity container security, focussing on container security fundamentals

An overview of cybersecurity LLM jailbreak attacks, focussing on LLM jailbreak attacks overview

This CyberScene episode unpacks the 27M BigONE supply chain crypto hack, Elmo's X account hijack, Google's rapid zero day fixes, and Telegram's Android malware blitz underscoring the critical role of third party controls, strong authentication, and AI driven defenses.

An overview of cybersecurity DNS tunneling, focussing on dns tunneling overview

Highlights include GMX s 40M V1 Arbitrum exploit and white hat bounty, a major Linux kernel patch spree for DoS and privilege bugs, an AI driven Rubio deepfake scam, Microsoft s Patch Tuesday blitz, and Telegram malware scam threats.

An overview of cybersecurity Ransomware as a Service RaaS , focussing on Ransomware as a Service RaaS overview

Covers Cisco s emergency patch for a hard coded SSH root backdoor in UCM CVE 2025 20309 , Qantas s vendor platform breach impacting six million customers, and Telegram s new malware alerts and bot compromise fallout.

An overview of cybersecurity Side Channel Timing Attack, focussing on side channel timing attacks

A sophisticated phishing campaign sidesteps Gmail s MFA and exploits a username recovery flaw to harvest user phone numbers. Also explores Google s AI defenses, Android 16 network protections, Kaspersky s SparkKitty spyware, Telegram data leaks, and critical Ubuntu kernel patches.

An overview of cybersecurity attack surface management, focussing on introduction to attack surface management

This episode dissects Google s Chrome zero day CVE 2025 2783 exploited by TaxOff, Scattered Spider phishing, historic 16B credential breach, Microsoft s Cloud PC security defaults and passkey mandate, Iran s Nobitex exchange hack, Telegram data leaks and malware campaigns, plus Ubuntu s critical privilege escalation and RCE patches.

An overview of cybersecurity Agentic AI vulnerabilities, focussing on prompt injection

Episode covers Apple s iMessage zero click exploit patch that exposed Secure Enclave keys, Google OAuth consent flow abuse for stealthy malware delivery, Microsoft s zero click AI hack fix, Interpol s massive info stealer takedown, and Telegram s new anti scam defenses.

An overview of cybersecurity DNS over HTTPS DoH , focussing on introduction to doh

Dissecting Coinbase s 70K user KYC data leak and 400M response, the FBI s latest phishing, botnet BADBOX 2.0 and ransomware Play warnings, Google s emergency Chrome zero day patches and email safeguards, Microsoft s threat tracking patches, and Telegram malware privacy issues.

An overview of cybersecurity Security Orchestration, Automation, and Response SOAR , focussing on SOAR fundamentals

This episode delves into the ViciousTrap backdoor compromise of over 9,000 ASUS routers, the latest Debian security advisories including kernel and app patches, and emerging threats and defenses in the Telegram ecosystem.

A packed episode covering the 230M Cetus DEX oracle exploit, CISA s new advisories and ICS alerts, Coinbase s insider driven breach of 69K users, and Microsoft s Lumma stealer takedown and critical patches plus the heated DeFi centralization debate on Sui.

An overview of cybersecurity zero knowledge proof, focussing on zero knowledge proof basics

Explore Coinbase s bribed insider breach and 20M extortion, Google s Android 16 security enhancements and emergency Chrome Gmail fixes, and the DragonForce ransomware attack on Marks & Spencer exposing customer data. We unpack attack vectors, mitigation strategies, and lessons for preventing insider threats, hardening mobile browser platforms, and defending retail networks.

An overview of cybersecurity confidential computing, focussing on confidential computing overview

Cisco s Q1 phishing surge and critical IOS SD WAN patches, LockBit s dark web breach exposing 60k Bitcoin wallets, and Telegram s new anti scam malware security controls.

Covers Cisco s critical IOS XE and ASA patches, Talos AI threat research, the LockBit RaaS database leak exposing 60k BTC addresses and insider tools, and Telegram s malware scams and new defenses.

An overview of cybersecurity SBOM, focussing on introduction to sbom

Researchers at Oligo uncovered 23 flaws in Apple s AirPlay allowing unauthenticated code pushes to third party devices. While iOS 18.4 devices are patched, billions of accessories remain exposed. The episode also dives into Apple s mercenary spyware alerts, Telegram s new anti phishing suite, and the DragonForce ransomware breach at the UK Co op.

A technical deep dive into Apple s mercenary spyware alerts and the 23 AirBorne AirPlay flaws risking zero click code execution, Telegram s new anti phishing filters and crypto upgrades, and the Co op s showdown with DragonForce ransomware.

Oligo discovered 23 zero click, wormable remote code exec flaws in Apple s AirPlay protocol SDK. While iOS, macOS and first party devices are patched, millions of third party units remain vulnerable update firmware or disable AirPlay until fixes arrive.

Podcast covers Apple s Pegasus alerts, critical AirPlay AirBorne zero click RCE, Telegram anti spam and phishing defenses, TikTok s 530M GDPR fine, and the Co op s data breach plus key mitigation steps.

An overview of cybersecurity Shift Left, focussing on shift left security overview

This episode covers the FBI s 10M Salt Typhoon hunt and a record breaking 16.6B in internet crime losses Google s MiraclePtr zero day defenses, Android auto reboot, and News plugin CSRF Telegram s encryption upgrades and urgent Ubuntu kernel and package patches.

An overview of cybersecurity attack graphs, focussing on attack graphs overview

An overview of cybersecurity LLM vulnerabilities, focussing on prompt injection

A flawed access control in KiloEx s cross chain price oracle let attackers drain 7M across BNB Chain, Base and Taiko, forcing emergency patches and a 750K bounty to retrieve stolen funds.

Dive into Android 16 s auto restart safeguard, sophisticated Google OAuth phishing, 4chan s record breach, KiloEx s 7M cross chain oracle exploit & full recovery, and MITRE s CVE funding lifeline.

An overview of cybersecurity threat research automation, focussing on cybersecurity automation

Explore key security challenges facing tech giants like Apple, Google, Microsoft, Telegram, and WhatsApp. Delve into vulnerabilities in iOS, Android, and Windows, and learn about critical security updates, privacy issues, and regulatory tensions. Understand the role of AI in enhancing cybersecurity measures and the importance of staying vigilant against evolving threats.

An overview of cybersecurity lateral movement attacks, focussing on lateral movement attacks

Today's podcast explores cybersecurity strategies from Google, Microsoft, Oracle, Ivanti, and Ubuntu. Google addresses North Korean infiltration and enhances Chrome with new security patches. Microsoft tackles phishing threats with AI and passwordless solutions. Oracle faces scrutiny over data breaches. Ivanti patches critical VPN vulnerabilities. Ubuntu releases crucial security updates for Linux systems.

An overview of cybersecurity heap based overflow vulnerability, focussing on heap based overflow vulnerability

The episode delves into critical zero day vulnerabilities affecting Google's Chrome browser, with a focus on Russian organizations and journalists. It discusses Google's quick patching efforts and acquisition of Wiz to enhance security measures.

An overview of cybersecurity Steganographic malware, focussing on steganographic malware