David
Security Stuff
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker 15.06.2026 0:38
France's official government messaging platform Tchap was breached on June 7th, exposing personal details of over 70,000 government employees out of 825,000 registered users. A previously unknown hacker calling themselves "Misere" claimed responsibility and allegedly stole 13.5 gigabytes of data including names, email addresses, government departments, and over 640,000 plaintext mes...
ShinyHunters Claims Council of Europe Hack 15.06.2026 0:45
The notorious hacking group ShinyHunters claims it has stolen nearly 300 gigabytes of data from the Council of Europe, threatening to release the information publicly if the organization doesn't begin negotiations by June 16th. The alleged breach includes sensitive data on over 10,000 employees spanning from 2011 to 2026, including payroll information, social security numbers, medical records...
Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems 15.06.2026 0:40
Novo Nordisk, the Danish pharmaceutical giant behind popular drugs like Ozempic and Wegovy, has disclosed a cybersecurity breach involving unauthorized access to some of its internal IT systems. The company says limited patient data from clinical trials was exposed, including randomly assigned patient IDs, birth years, and health data, though not information that directly identifies participants b...
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges 15.06.2026 0:43
A 44-year-old Ukrainian national has pleaded guilty in US court to his role in the notorious Conti ransomware group, which targeted over 1,000 organizations between 2020 and 2022. Oleksii Lytvynenko admitted to developing malware for the operation starting in September 2021 and possessing data from 12 victims including eight in the US, and he now faces up to 20 years in prison. The Conti ransomwar...
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites 15.06.2026 0:29
Multiple WordPress plugin scripts have been compromised with hidden backdoors, allowing attackers to gain unauthorized access to websites. The tampered plugins pose a significant security risk to site owners who may unknowingly install or update these compromised versions. WordPress site administrators are urged to verify their plugin sources and check for any unauthorized modifications to prevent...
NewCore Emerges From Stealth Mode With $66 Million in Funding 15.06.2026 0:43
Israeli cybersecurity startup NewCore has launched from stealth mode with 66 million dollars in seed funding to tackle identity security in the age of AI agents. The Tel Aviv-based company, founded by Israeli intelligence veterans, has built a security platform designed to protect human, machine, and AI agent identities across organizations, using technology that claims to eliminate entire categor...
The Onboarding Password Mistake That Creates Unnecessary Risk 15.06.2026 0:35
Many organizations make a critical security mistake during employee onboarding by requiring new hires to set passwords immediately, often before security training or before accounts are fully configured with proper protections. This practice creates an unnecessary vulnerability window where weak passwords or poor security habits can take root from day one. The better approach is to delay password...
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic 15.06.2026 0:40
Security researchers have uncovered a massive browser extension scheme involving 152 Chrome wallpaper extensions with over 105,000 combined installations that were secretly distributing adware and generating fake web traffic. These malicious extensions posed as legitimate wallpaper customization tools while running unauthorized background activities. The discovery highlights the ongoing risk of co...
US Cracks Down on Anthropic AI Models Amid Abuse Concerns 15.06.2026 0:53
The US government has ordered Anthropic to suspend foreign national access to its latest AI models, Fable 5 and Mythos 5, citing national security concerns after research showed adversaries are increasingly using AI to create malicious code, find vulnerabilities, and automate cyberattacks. The move comes as multiple AI companies report evidence of nation-state actors and cybercriminals using advan...
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication 13.06.2026 0:28
Splunk Enterprise has disclosed a critical security vulnerability that allows attackers to execute code remotely without requiring authentication credentials. The flaw poses a serious risk to organizations using the platform, as it could enable unauthorized access and complete system compromise. Splunk users are urged to patch their systems immediately to protect against potential exploitation.
Anthropic Disputes Fable 5 AI Jailbreak 12.06.2026 0:35
Anthropic has pushed back against claims that its new Claude Fable 5 AI model was jailbroken by a researcher known as Pliny the Liberator. The company says the researcher's demonstration doesn't represent a true bypass of its safety systems, which include independent classifiers that prevent the model from helping with dangerous tasks like bioweapons development or sophisticated cyberatt...
Ivanti Sentry Exploitation Attempts Hitting Honeypots 12.06.2026 0:43
CISA has added a critical Ivanti Sentry vulnerability to its Known Exploited Vulnerabilities catalog, but Ivanti says the exploitation attempts were only observed on honeypots, not actual production systems. The vulnerability, tracked as CVE-2026-10520 with a maximum severity score of 10, allows remote attackers to execute arbitrary code as root, but requires access to a management port that shoul...
Chrome 149 Update Patches 28 Vulnerabilities 12.06.2026 0:42
Google has released Chrome 149, patching 28 vulnerabilities including five critical-severity bugs, with twelve of them being use-after-free flaws that could enable remote code execution or sandbox escape. The update continues a dramatic surge in Chrome vulnerability patches this year, with over 700 bugs fixed so far in 2025, more than five times the number resolved in the entire previous year, lik...
Industry Reactions to Claude Fable 5: Feedback Friday 12.06.2026 0:51
Anthropic has released Claude Fable 5, a powerful AI model with built-in safeguards that automatically downgrade sensitive requests in cybersecurity and biology to the less capable Claude Opus 4.8 to prevent misuse. Industry experts are raising concerns about the tiered access model, noting that while a restricted Mythos 5 version is available exclusively to government agencies and select partners...
Iranian Cyber Group Handala Claims Cal Water Hack 12.06.2026 0:38
The Iran-linked cyber group Handala has claimed responsibility for hacking California Water Service, releasing five gigabytes of stolen data including customer billing information and system credentials. The attackers, who are tied to Iran's Ministry of Intelligence, allegedly gained access through a GPS base station platform and moved laterally to billing systems, though they claimed to have...
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator 12.06.2026 0:32
INTERPOL has successfully dismantled the Sniper Dz phishing-as-a-service platform and arrested its administrator in a coordinated operation. The platform had been enabling cybercriminals to launch phishing attacks by providing ready-made tools and infrastructure. The takedown represents a significant blow to the underground phishing economy, which has increasingly relied on these turnkey criminal...
Rethinking MDR as Attackers and Defenders Embrace AI 12.06.2026 0:28
The article examines how managed detection and response services need to evolve as both cybercriminals and security teams increasingly deploy artificial intelligence in their operations. With AI becoming a double-edged sword in cybersecurity, organizations are rethinking traditional MDR approaches to stay ahead of AI-powered threats while leveraging AI for better defense capabilities.
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution 12.06.2026 0:34
Security researchers have discovered a vulnerability dubbed "Flaw Chain" in LangGraph, a framework used to build self-hosted AI agents, that could allow attackers to execute remote code on affected systems. The flaw poses a significant risk to organizations running AI agents in their own infrastructure, potentially giving malicious actors the ability to take control of these systems. The...
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code 12.06.2026 0:33
Cybersecurity researchers have identified a new attack vector called "agentjacking" that exploits AI coding assistants by tricking them into executing malicious code. The attack takes advantage of how these AI agents interpret and act on instructions, potentially allowing hackers to compromise systems through seemingly legitimate coding suggestions. This emerging threat highlights new se...
Claude Fable 5 Doesn't Change the Mythos Security Story 12.06.2026 0:42
Anthropic has released Claude Fable 5 and Mythos 5, with Fable 5 being the widely available version equipped with safety classifiers that prevent misuse, while Mythos 5 remains restricted to trusted partners due to its advanced vulnerability detection capabilities. Security experts say the release doesn't fundamentally change the threat landscape, as similar AI capabilities likely already exi...
University of Nottingham Confirms Breach After Hackers Leak Data 11.06.2026 0:39
The University of Nottingham has confirmed a major data breach after the ShinyHunters hacker group leaked gigabytes of stolen files from its systems. The compromised data includes roughly 455,000 unique email addresses along with sensitive personal information such as passport numbers, financial records, addresses, and details about ethnicity, disabilities, and citizenship status affecting current...
Splunk, Palo Alto Networks Patch Severe Vulnerabilities 11.06.2026 0:36
Splunk and Palo Alto Networks released patches Wednesday for multiple vulnerabilities across their products, with the most severe being a critical flaw in Splunk Enterprise that could allow unauthenticated attackers to create and modify files through an unprotected database service endpoint. Palo Alto addressed a high-severity credential validation issue in its Cortex platforms, while Splunk fixed...
‘GreatXML’ Zero-Day Exploit Bypasses BitLocker 11.06.2026 0:43
Security researcher Nightmare Eclipse has released a new Windows BitLocker bypass exploit called GreatXML that exploits a vulnerability in Microsoft Defender's offline scan functionality. The exploit allows attackers to bypass BitLocker encryption and gain SYSTEM-level access through Recovery Mode on any Windows machine where Defender's offline scan was initiated at least once. This is t...
Siemens Says Desigo CC Files Flagged as Malware by Security Engines 11.06.2026 0:39
Siemens is alerting customers that patch files for its Desigo CC building management system are being incorrectly flagged as malware by multiple antivirus engines. The company believes the false positives are triggered by a PowerShell script in the patch that performs file system operations, registry modifications, and runs with elevated privileges, though Siemens has verified the files are legiti...
FBI Seizes 13 Websites That Officials Say Were Used by China to Target and Recruit US Workers 11.06.2026 0:46
The FBI has seized 13 websites that were allegedly part of a Chinese espionage operation to recruit American workers with access to classified information. The fake consulting company sites used AI-generated photos and stolen identities to appear legitimate, posting bogus job openings on platforms like LinkedIn to target current and former government employees with security clearances, offering cr...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.