David

Security Stuff

Author

David

Category

Technology

Latest episode

Jul 2, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Remembering Tim Wilson, Whose Legacy Lives on at Dark Reading 26.05.2026

Dark Reading is marking its 20th anniversary by honoring the memory of co-founder and former editor-in-chief Tim Wilson, who passed away five years ago this November after a brief battle with cancer. Wilson was instrumental in establishing Dark Reading's reputation for smart security journalism and created pioneering initiatives like the INsecurity conference for security professionals, setti...

‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains 23.05.2026

Security researchers have discovered "Underminr," a new vulnerability affecting approximately 88 million domains that allows attackers to hide malicious connections behind legitimate, trusted domains. This technique is a variant of domain fronting that exploits shared content delivery network infrastructure by presenting one domain's credentials while routing requests to a different...

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root 23.05.2026

A critical vulnerability in the LiteSpeed cPanel plugin is being actively exploited, allowing attackers to execute scripts with root-level privileges on affected systems. The flaw, tracked as CVE-2026-48172, poses a serious security risk as root access grants complete control over a server. System administrators running LiteSpeed with cPanel are urged to update immediately to prevent potential com...

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV 23.05.2026

The Cybersecurity and Infrastructure Security Agency has added a SQL injection vulnerability in Drupal Core to its Known Exploited Vulnerabilities catalog, indicating the flaw is being actively exploited in the wild. This addition signals that threat actors are successfully targeting the weakness to compromise Drupal-based websites. Organizations running Drupal are urged to apply security patches...

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer 23.05.2026

Several Laravel-Lang PHP packages were compromised in a supply chain attack that delivered a cross-platform credential stealer to developers. The malicious packages, which are commonly used for language localization in Laravel applications, were modified to steal sensitive credentials from infected systems. This latest incident highlights the ongoing security risks in open-source software reposito...

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software 23.05.2026

Anthropic's Claude Mythos AI has discovered ten thousand high-severity security vulnerabilities in widely used software, demonstrating AI's growing capability in automated security research. The discovery highlights how artificial intelligence is fundamentally changing the cybersecurity landscape, both for defenders who can now scan code at unprecedented scale and for attackers who can p...

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack 22.05.2026

Grafana has confirmed that hackers stole its codebase and internal business data through the TanStack supply chain attack after failing to revoke one GitHub workflow token. The company detected the breach on May 11th, received a ransom demand five days later which it refused to pay, and says no customer production systems or the Grafana Cloud platform were affected. While the attackers accessed pu...

‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested 22.05.2026

International law enforcement has disrupted First VPN, a cybercrime service operating since 2014 that provided anonymization tools used by at least 25 ransomware groups and other cybercriminals. Authorities seized 33 servers across 27 countries, arrested the alleged administrator in Ukraine, and identified 506 users whose information has been shared internationally for potential prosecution. The o...

TrendAI Patches Apex One Zero-Day Exploited in the Wild 22.05.2026

Trend Micro has patched a zero-day vulnerability in its Apex One security software that was actively exploited in the wild by suspected nation-state hackers. The flaw, tracked as CVE-2026-34926, allows attackers with local access and admin credentials to inject malicious code into on-premises Apex One servers, pushing it out to connected agents. CISA has added the vulnerability to its Known Exploi...

Canadian Man Arrested for Operating Kimwolf Botnet 22.05.2026

The US Justice Department announced the arrest of Jacob Butler, a 23-year-old Canadian man accused of operating the Kimwolf botnet, which infected approximately 2 million devices and was linked to a record-breaking distributed denial of service attack that peaked at over 31 terabytes per second. Butler, who went by the online name "Dort," was arrested in Canada and faces extradition to t...

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective 22.05.2026

A new research perspective reveals how attackers can exploit vulnerable drivers without needing specific hardware conditions, challenging previous assumptions about BYOVD attacks. The technique, known as "Bring Your Own Vulnerable Driver," allows threat actors to bypass security measures by loading legitimate but flawed drivers that grant them kernel-level access to systems. This finding...

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks 22.05.2026

Canadian authorities have arrested the alleged operator of the Kimwolf DDoS botnet, who is accused of running a DDoS-for-hire service. The arrest marks another enforcement action against so-called "booter" or "stresser" services that allow users to launch distributed denial-of-service attacks against websites and online services. DDoS-for-hire operations have become a persisten...

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows 22.05.2026

A massive cyberattack dubbed "Megalodon" has compromised over 5,500 GitHub repositories by exploiting CI/CD workflows to inject malicious code. The attack targets the software development pipeline, allowing hackers to potentially spread malware through continuous integration and deployment systems that automatically build and release software. Security researchers are warning developers...

China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments 22.05.2026

A Chinese hacking group called Webworm has shifted its focus from Asia to European government targets in Belgium, Italy, Serbia, Spain, and Poland, using unconventional command-and-control methods through Discord, Microsoft Graph API, and GitHub repositories. Security researchers at ESET found the group has evolved from using well-known malware to deploying stealthier proxy tools and custom backdo...

Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility 21.05.2026

A new report from Black Kite warns that over 48,000 vulnerabilities were published in 2025, with hackers exploiting them before patches even become available—a negative seven-day window according to Mandiant's data. While this creates an impossible patching challenge, the report found that only 58 of these vulnerabilities pose genuine, discoverable threats to enterprise supply chains, highlig...

Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI 21.05.2026

Google has seen a dramatic surge in Chrome vulnerability discoveries, jumping from handfuls of bugs in early April to over 100 in early May, with strong indications that AI tools are behind the spike. While Google hasn't explicitly confirmed AI's role, the timing aligns with their recent statements about AI helping security teams remediate risks at unprecedented rates, and they've b...

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days 21.05.2026

Microsoft has patched two critical zero-day vulnerabilities in Windows Defender that were actively exploited in the wild. The flaws, known as UnDefend and RedSun, allow attackers to escalate privileges to system-level access and launch denial-of-service attacks, and they're linked to the publicly released BlueHammer exploit toolkit. CISA has added both vulnerabilities to its Known Exploited V...

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking 21.05.2026

Drupal has patched a highly critical vulnerability that could allow hackers to compromise websites using the popular open source content management system through SQL injection attacks. The flaw, which affects sites using PostgreSQL databases, can be exploited without authentication to steal information and potentially achieve remote code execution. This is Drupal's first highly critical secu...

Socket Raises $60 Million at $1 Billion Valuation 21.05.2026

Socket, a California-based supply chain protection provider, has raised 60 million dollars in Series C funding at a 1 billion dollar valuation, bringing its total funding to 125 million dollars. The company, founded in 2020, uses AI-assisted analysis combined with human verification to scan open source dependencies for malicious behavior before they affect enterprise products. Socket plans to use...

Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention 21.05.2026

Apple blocked over 2 million apps from entering the App Store in 2025 and prevented more than 2.2 billion dollars in potentially fraudulent transactions using a combination of artificial intelligence and human review. The company also deactivated more than 40 million accounts for fraud and abuse, terminated 193,000 developer accounts suspected of fraudulent activities, and blocked nearly 195 milli...

Ocean Emerges From Stealth With $28M for Agentic Email Security Platform 21.05.2026

Ocean, a New York and Tel Aviv-based startup, has emerged from stealth with 28 million dollars in funding for an AI-powered email security platform. The company deploys specialized AI agents to inspect every incoming message, evaluating sender intent and analyzing conversation context to detect sophisticated threats like business email compromise and AI-generated phishing attacks that are designed...

Cisco Patches Critical Vulnerability in Secure Workload 21.05.2026

Cisco has patched a critical vulnerability in its Secure Workload software that earned a perfect 10 out of 10 severity score. The flaw could allow attackers to send crafted API requests to gain Site Admin privileges, letting them read sensitive information and modify configurations across tenant boundaries in both cloud and on-premises deployments. Cisco says the vulnerability hasn't been exp...

When Identity is the Attack Path 21.05.2026

Identity-based attacks have become a primary pathway for cybersecurity breaches, as attackers increasingly exploit credentials and access rights rather than traditional network vulnerabilities. Modern threats leverage compromised identities to move rapidly through systems, particularly through remote access tools like VPNs that were designed for security but now provide attackers with fast lateral...

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros 21.05.2026

A critical nine-year-old vulnerability in the Linux kernel has been discovered that allows attackers to execute commands with root privileges on major Linux distributions. The flaw, which has existed undetected since its introduction nearly a decade ago, poses a significant security risk as it affects widely-used operating systems across the Linux ecosystem. Security teams are now working to patch...

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories 21.05.2026

Security researchers have identified multiple serious threats including new Linux rootkits, a zero-day vulnerability affecting routers, and AI-enabled intrusion tools, according to the latest ThreatsDay Bulletin. The security report encompasses 25 new threats and scam kits that organizations need to address. Industry experts warn that artificial intelligence is fundamentally transforming attack su...

Listen to the Security Stuff podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.