David
Security Stuff
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities 21.05.2026 0:31
Microsoft is warning security teams about two critical vulnerabilities in Windows Defender that are being actively exploited in the wild. The flaws, which impact Microsoft's built-in antivirus software, have already been leveraged by attackers, prompting urgent recommendations for Windows users to apply security patches immediately. Microsoft has released fixes for both vulnerabilities as par...
Content Delivery Exploit Opens Websites to Brand Hijacking 21.05.2026 0:40
Researchers have discovered a new exploit called "Underminr" that affects 42% of websites globally, allowing attackers to hijack trusted domains to hide malicious activity from security filters. The attack works by exploiting how DNS and content delivery networks handle web requests separately, enabling threat actors to route traffic through legitimate sites while actually directing user...
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks 21.05.2026 0:38
Chinese state-aligned hackers have been using a Linux backdoor called "Showboat" to spy on telecommunications companies in Central Asia for at least four years, with multiple Chinese APT groups sharing the malware among themselves. The tool, which went undetected on VirusTotal until recently, appears designed as a practical rather than sophisticated solution for smaller market targets in...
GitHub Confirms Hack Impacting 3,800 Internal Repositories 20.05.2026 0:50
GitHub has confirmed that approximately 3,800 internal repositories were compromised in a supply chain attack after an employee installed a malicious Visual Studio Code extension. The breach, claimed by hacking group TeamPCP who's demanding at least $50,000 for the stolen data, highlights a critical blind spot in developer security—extensions can access all data on a developer's machine...
Real-World ICS Security Tales From the Trenches 20.05.2026 0:49
ICS security experts shared real-world stories from the field that expose the dangerous gap between written policies and actual practice on plant floors. The incidents include an Iranian-linked threat actor trying to infiltrate a Middle East facility's operational technology systems, a vulnerability scan that accidentally shut down two power plant turbines, and an undocumented federal agency...
Virtual Event Today: Threat Detection & Incident Response Summit 20.05.2026 0:42
SecurityWeek is hosting a virtual Threat Detection and Incident Response Summit today from 11 AM to 4 PM Eastern Time, focusing on how organizations can combat increasingly sophisticated cyberattacks. The free online event features panels and presentations from cybersecurity leaders at companies like Amazon, Spotify, Wiz, and Okta, covering topics ranging from AI-driven threat detection and breach...
Caught Off Guard: Securing AI After It Hits Production 20.05.2026 0:42
Security teams are finding themselves caught off guard as companies rapidly move AI projects from experimentation to production without involving them in the process. To prepare for these surprise deployments, experts recommend security organizations focus on data-driven conversations with development teams, maintain operational agility, ensure workflows can quickly integrate new AI applications,...
Anthropic Silently Patches Claude Code Sandbox Bypass 20.05.2026 0:39
Anthropic has quietly patched a sandbox bypass vulnerability in Claude Code that could have allowed attackers to exfiltrate sensitive data like credentials and tokens. Security researcher Aonan Guan discovered the flaw, which involved a SOCKS five hostname null-byte injection that tricked the network filter into approving connections to unauthorized hosts. While Anthropic says they fixed the issue...
Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack 20.05.2026 0:57
A major supply chain attack attributed to the TeamPCP hacking group has compromised over 320 NPM packages, with attackers gaining access to the 'atool' maintainer account that controls high-profile packages like timeago.js with 1.5 million weekly downloads. The malicious code steals credentials from over 130 file paths including AWS, Azure, and cryptocurrency wallets, harvests plaintext...
1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials 20.05.2026 0:47
1Password and OpenAI have teamed up to tackle a critical security challenge in AI-powered software development: preventing credentials from being exposed or stolen when AI coding agents like Codex need access to databases, APIs, and deployment pipelines. The new integration uses 1Password's Environments MCP Server to provide just-in-time, task-scoped credentials that remain encrypted and neve...
Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem 20.05.2026 0:34
Typosquatting has evolved from simply tricking end users into visiting malicious websites to becoming a serious supply chain threat. Attackers are now registering misspelled versions of popular software package names, allowing them to inject malicious code when developers accidentally mistype dependency names in their projects. This shift means a simple typo during software development can comprom...
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit 20.05.2026 0:35
Microsoft has released a mitigation for a BitLocker vulnerability known as YellowKey, tracked as CVE-2026-45585, which allows attackers to bypass the disk encryption security. The flaw represents a significant security concern as BitLocker is widely used to protect sensitive data on Windows devices. Organizations using BitLocker are advised to apply Microsoft's mitigation immediately to preve...
GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos 20.05.2026 0:31
GitHub has confirmed a security breach after attackers compromised an employee's device and exfiltrated code from roughly thirty-eight hundred internal repositories. The breach occurred through the employee's compromised system, which gave attackers access to GitHub's internal code storage. GitHub is investigating the incident and notifying affected parties, though the company says...
Agent AI is Coming. Are You Ready? 20.05.2026 0:39
Agent AI represents the next evolution in artificial intelligence, moving from passive tools to autonomous systems that can take actions on behalf of users. These AI agents can independently plan tasks, make decisions, and execute complex workflows without constant human intervention, fundamentally changing how we interact with technology and conduct business. Organizations need to prepare now by...
Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East 20.05.2026 0:48
Interpol's Operation Ramz marks a historic first in the Middle East, bringing together law enforcement from 13 countries across the MENA region in a five-month cybercrime crackdown. The operation identified nearly 583 suspected cybercriminals, led to 201 arrests, and notified nearly 4,000 victims while shutting down fraud operations ranging from investment scams using trafficking victims in J...
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API 20.05.2026 0:39
A hacking group called Webworm has been caught deploying sophisticated backdoors named EchoCreep and GraphWorm that exploit legitimate services from Discord and Microsoft's Graph API to avoid detection. By leveraging these trusted platforms for command and control operations, the attackers can blend malicious traffic with normal business communications, making their activities harder to spot...
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa 19.05.2026 0:43
Interpol's Operation Ramz resulted in 201 arrests and 382 identified suspects in a major cybercrime crackdown across 13 countries in the Middle East and North Africa. The operation, which ran from October 2025 through February 2026, targeted phishing and malware operations, leading to the seizure of 53 servers and identification of nearly 4,000 victims. Notable actions included shutting down...
PoC Released for DirtyDecrypt Linux Kernel Vulnerability 19.05.2026 0:40
Proof-of-concept exploit code has been released for DirtyDecrypt, a Linux kernel vulnerability that allows attackers to escalate privileges to root level access. The flaw affects distributions like Arch Linux, Fedora, and openSUSE that have the RxGK security component enabled, and it stems from a missing copy-on-write guard that lets attackers write data to privileged system files. This vulnerabil...
B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards 19.05.2026 0:42
The dark web marketplace B1ack's Stash has released 4.6 million stolen credit card records for free after suspending sellers who violated its policies by reselling data on competing platforms. According to cybersecurity firm SOCRadar, the data includes complete card details, CVV codes, cardholder information, and addresses, with about 70% of the cards originating from the United States. The l...
Cyber Resilience is the New Business Continuity Plan 19.05.2026 0:57
Business continuity planning has evolved beyond traditional disaster recovery to focus on cyber resilience, as modern disruptions from ransomware, identity breaches, or cloud failures can cascade across interconnected systems affecting operations, compliance, and customer access simultaneously. The Information Security Forum's latest framework emphasizes that effective continuity requires org...
Unpatched ChromaDB Vulnerability Can Lead to Server Takeover 19.05.2026 0:54
ChromaDB, a popular open-source vector database used for AI applications with around 13 million monthly downloads, has an unpatched vulnerability that could allow attackers to completely take over servers without authentication. The flaw, tracked as CVE-2026-45829 and nicknamed ChromaToast, lets attackers exploit the system by supplying a malicious model through HuggingFace that executes before th...
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer 19.05.2026 0:43
A malicious version of the popular NX Console extension, version 18.95.0, was released targeting Visual Studio Code developers with credential-stealing malware. The compromised extension, which is used for development workflow management, represents a supply chain attack aimed at harvesting sensitive information from unsuspecting developers who installed the tainted update. This incident highlight...
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks 19.05.2026 0:49
A decades-old Windows utility called MSHTA is driving a sharp rise in silent malware attacks, according to BitDefender researchers who detected dramatic increases in abuse since the start of this year. The Microsoft-signed tool, originally designed to run HTML applications, is being exploited by attackers as a "Living-off-the-Land binary" to deliver everything from cryptocurrency-stealin...
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access 19.05.2026 0:34
Multiple critical security vulnerabilities have been discovered in SEPPMail's Secure E-Mail Gateway that could allow attackers to execute remote code and gain unauthorized access to email traffic. The flaws represent a significant risk for organizations using the platform, as they could enable hackers to compromise the email gateway and intercept sensitive communications. Security researchers...
The New Phishing Click: How OAuth Consent Bypasses MFA 19.05.2026 0:35
A new phishing technique is exploiting OAuth consent prompts to bypass multi-factor authentication, allowing attackers to gain access to user accounts even when MFA is enabled. Unlike traditional phishing that steals passwords, these attacks trick users into granting malicious applications permission to access their accounts through legitimate-looking authorization requests. Security experts warn...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.