Blumira
Blumira Briefings
Staying on top of security news shouldn't be another full-time job. Enter Blumira Briefings , our weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! 🔒 Each week, join a lineup of different Blumira experts (and sometimes special guests!) who will: Share the top threats, suspects, and risks we're seeing across our detection and response platform Discuss significant security stories and what they mean for YOU Provide practical advice you can actually implement right away ••Keep it conversation...
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
Microsoft Defender, SimpleHelp Auth Vulns, and the ARToken Platform - Blumira Briefings, July 3 2026 03.07.2026 10:27
Welcome to Blumira Briefings, your weekly download of the top headlines and trends for your security practice! In this week's edition: - CISA Confirms Microsoft Defender Flaw Actively Exploited in Ransomware Campaigns for System Access - Critical SimpleHelp Authentication Bypass Actively Exploited, Puts Managed Service Providers at Risk - Advanced Phishing Kit Resembles Business Email Comp...
FortiBleed Exposure, Remote Access Trojans, and WordPress Supply Chain Attacks - Blumira Briefings 26.06.2026 16:51
Welcome to Blumira Briefings, your weekly download of the top headlines and trends for your security practice! This week: - Cyber Broker Exposes Access to Over 73,000 Fortinet Firewalls for Sale - New Mistic Remote Access Trojan Utilized by Ransomware Initial Access Brokers in Active Campaigns - Supply Chain Attack Infects WordPress Plugins, Stealing Credentials and 2FA Secrets Sources: FortiBle...
CISA KEV Additions, FortiSandbox Vulns, and Rokarolla Android Trojan - Blumira Briefings 19.06.2026 10:37
Welcome to Blumira Briefings, your weekly download of the top headlines and trends for your security practice! In this week's edition: - CISA Directs Agencies to Patch Actively Exploited Cisco and cPanel Vulnerabilities This Week - FortiSandbox Vulnerabilities Actively Exploited, Urgent Patching Recommended for Critical Flaws - Rokarolla Android Trojan Actively Spreads, Stealing Banking and...
Kali365 Phishing Kit, SharePoint RCE, and 30K+ Databases Targeted - Blumira Briefings 29.05.2026 14:15
Welcome to Blumira Briefings, your top headlines and trends for your security practice! In this week's episode: - FBI Alert: New Kali365 Phishing Kit Bypasses Multi-Factor Authentication for Microsoft 365 - Critical Remote Code Execution Flaw in Microsoft SharePoint Requires Immediate Patching - Automated Attacks Target Over 30,000 Exposed Databases Globally with Ransom Demands Have a securit...
CISA Credentials, Drupal Security Update, and Shai-Hulud Clones - Blumira Briefings 22.05.2026 16:28
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - Government Contractor Exposes Sensitive CISA and AWS GovCloud Credentials on Public GitHub - Drupal Issues Critical Security Update Amid Warnings of Rapid Exploit Development Risk - Shai-Hulud Worm Clones Emerge After Source Code Leak, Intensifying NPM Supply Chain Attacks Have a sec...
Mini Shai-Hulud, BitLocker Bypass, and AI Vulnerability Discovery - Blumira Briefings 15.05.2026 14:47
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - ‘Mini Shai-Hulud’ Malware Compromises Hundreds of Open-Source Software Packages in Supply Chain Attack - Researcher Releases Proof-of-Concept for BitLocker Bypass and Privilege Escalation on Windows Systems - Patch Tuesday, Accelerating Attacks, and AI Vulnerability Discovery Have a...
cPanel Vulnerability, Global Phishing, and the Instructure Breach - Blumira Briefings 08.05.2026 15:03
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - A critical authentication bypass vulnerability, identified as CVE-2026-41940, in cPanel and WHM software is currently being actively exploited by threat actors. - Microsoft has unveiled details of a sophisticated global phishing campaign that successfully targeted over 35,000 users a...
CISA KEV Additions, LiteLLM Vulnerability, ShinyHunters, and Copy Fail - Blumira Briefings 01.05.2026 15:25
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - The U.S. Cybersecurity and Infrastructure Security Agency has added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation - A severe SQL injection vulnerability, identified as CVE-2026-42208, in BerriAI's LiteLLM Python packag...
SharePoint Zero-Day, Prompt Injection Vulnerabilities, and Chrome Extensions - Blumira Briefings 17.04.2026 13:54
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - Microsoft has released its April 2026 Patch Tuesday updates, addressing a record 167 security vulnerabilities across its product portfolio. - Security researchers have identified prompt injection vulnerabilities in prominent enterprise artificial intelligence (AI) agents, specificall...
BlueHammer, Forst Blizzard, and a Flowise Workflow Exploit - Blumira Briefings 10.04.2026 12:46
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - A critical and unpatched vulnerability, named "BlueHammer," has been publicly disclosed for Microsoft Windows operating systems, allowing a local attacker to gain elevated privileges up to a system-level account. - A sophisticated espionage campaign, attributed to the Russi...
Axios Compromised, Chrome Zero-Day, and WhatsApp Malware - Blumira Briefings 03.04.2026 17:44
Axios Compromised, Chrome Zero-Day, and WhatsApp Malware - Blumira Briefings Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - The npm account for Axios, a JavaScript library with over 100 million weekly downloads, was compromised by threat actors who published malicious versions (1.14.1 and 0.30.4) containing remote access trojan (...
FCC Router Ban, Darksword Exploit, and VS Code Malware - Blumira Briefings 27.03.2026 11:28
Welcome to Blumira Briefings, your weekly download of the top headlines and trends for your security practice. This week's episode: - The U.S. Federal Communications Commission, a government agency that regulates interstate and international communications, recently announced a significant new policy. The commission is banning the import of all new foreign-made consumer routers into the Unite...
Clickfix AI Tactics, Aura Exposure, and RondoDox Botnet - Blumira Briefings 20.03.2026 13:01
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - ClickFix attacks evolve techniques targeting macOS and Windows users with AI-based lures - A targeted voice phishing attack has led to unauthorized access to about 900,000 records at identity protection firm Aura - RondoDox attacks are becoming more focused and strategic, targeting 1...
Salesforce Settings, Rust Crate Risks, and Stryker Attacked - Blumira Briefings 13.03.2026 12:22
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - Salesforce warns that a threat campaign is exploiting overly permissive Experience Cloud guest configurations to harvest data from public portals. - Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file da...
Iran-Linked Hacking, Microsoft OAuth, and Starkiller Phishing Suite - Blumira Briefings 06.03.2026 15:22
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - Pro-Russia threat actors have formed a loose coalition with Iran-nexus hacking groups in response to the bombing campaign launched by the U.S. and Israel on Iran. - Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to...
NPM Malware, Top IRS Scams 2026, and SonicWall Security Failings - Blumira Briefings 27.02.2026 15:22
Welcome to Blumira Briefings, bringing you a weekly download of the top headlines and trends for your security practice. *This week's episode:* - Another software supply chain hit: Typosquatted npm packages are harvesting creds and propagating through dev environments. - Tax season is open season for threat actors: refund hijacking, credential phishing, and payroll fraud risks are escalating...
Operation DoppelBrand, OpenClaw Exfiltration, and AI-Generated Passwords - Blumira Briefings 20.02.2026 13:44
Welcome to Blumira Briefings, your weekly download of the top headlines and trends for your security practice. In this week's episode: - Threat actor group GS7 impersonates Fortune 500 companies (incl. Wells Fargo, USAA, Navy Federal, and Fidelity) using spoofed domains with highly accurate cloned login portals. - Hudson Rock detected the first known case of infostealer malware successfully...
Microsoft Super Patch Tuesday, Trojanized Installers and Ransomware Groups Pivot - Blumira Briefings 13.02.2026 11:04
Welcome to Blumira Briefings, your top headlines and trends for your security practice. This week's episode: - Microsoft released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild - A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user’s computer...
Blumira Briefings Feb 6, 2026: SolarWinds vulns, infostealers without borders, and AI agent risk 06.02.2026 11:02
Welcome back to this week's Blumira Briefings, your top headlines and trends for your security practice. In this episode: - SolarWinds Web Help Desk critical vulnerabilities allowing unauthenticated remote code execution - Microsoft's warning about sophisticated infostealer campaigns targeting macOS, Python apps, and messaging platforms - Emerging threat vector: AI agents with privileged...
New Year, New Blumira Briefing: AiTM Attacks, AD/POSIX, and AI Agents 30.01.2026 10:03
Blumira Briefings are back for 2026 with a svelte new runtime to get you the critical security developments you need to know about even faster. In this episode: - Microsoft 365 services being exploited in sophisticated Adversary-in-the-Middle phishing campaigns - Active Directory vulnerability involving the 'primaryGroupID' attribute that could enable privilege escalation - Emerging sec...
🦔 Blumira Briefings Ep. 20: Rootkit Fixes, Airport Outages, & Entra ID Takeover 26.09.2025 54:31
🔔Welcome back for this week’s Blumira Briefings! This week, we're joined by Jake Ouellette and Mike Toole to break down the week's most important security headlines with context to help your security practice. 🔔 What We Cover This Week: 🔥 WatchGuard critical vulnerability fix for Firebox firewalls with 9.3 CVSS score 🛡️ SonicWall releases firmware update to remove OVERSTEP rootkit fr...
🦔 Blumira Briefings Ep. 19: Security Wins, Zero Trust Turns 15, Education Beats Ransomware 19.09.2025 55:06
It was a rare "light week" for major critical updates, giving us a chance to talk about some deeper trends and stories. Here’s what we covered: 📧 Microsoft Exchange 2016/2019 end of support coming in 30 days - migration options and considerations 💻 NPM supply chain attack limited to minimal damage despite widespread potential impact, attackers made less than $1k 🤖 Microsoft forcing C...
🦔 Blumira Briefings Ep. 18: Android's Mega Patch, API Key Exploits, Remote Access Abuse Tactics 18.09.2025 41:56
🔔 It's time for your essential security download with Blumira Briefings! This week, Zoe is joined by Mike Toole, Nick Dixon, and Justin Kikani to break down the week's most important security headlines with context you can actually use. 🔔 What We Cover This Week: 📱 Android's largest patch of 2025 with 120 fixes, including two actively exploited vulnerabilities 🌐 EOL’d TP-Link ro...
🦔 Blumira Briefings Ep. 17: Microsoft ADFS Phishing, NHI Boom, SSA Whistleblower 27.08.2025 42:36
🔐 Welcome to Blumira Briefings! This week, Zoe is joined by Chris Furner and Mike Toole to download the latest on critical vulnerabilities and emerging threats you need to know about. 🔐 What We Cover This Week: 🐳 Critical Docker Desktop vulnerability would allow attacks on host through unauthenticated Engine API access 🔑 Git code execution vulnerability added to CISA's Known Exploited Vu...
🦔 Blumira Briefings Ep. 16: New Cisco CVSS 10, Zero Trust Temp Check, & Special Guest Tom Lawrence! 22.08.2025 55:29
🔐 Welcome to Blumira Briefings! This week, our security experts are joined by Tom Lawrence of Lawrence Systems to break down the latest headlines, trends, and tips you need to know about. What We Cover This Week: 🔥 Cisco's latest CVSS 10.0 vulnerability in Secure Firewall Management Center allows unauthenticated remote command execution 🖥️ Zoom Windows client privilege escalation vulnerabi...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.