https://r3b00t.org Daily cybersecurity threat intelligence briefing. Each episode covers the day's top three stories selected from 290+ ranked sources, scored by the Rainmaker virality + severity model and validated against multiple cited references. en-us Andy / The Rainmaker Report Daily cybersecurity threat intelligence briefing. Each episode covers the day's top three stories selected from 290+ ranked sources, scored by the Rainmaker virality + severity model and validated against multiple cited references. Andy / The Rainmaker Report podcast@r3b00t.org no episodic Microsoft 200 Flaws Patch, Handala Hack, CISA Rethinks Risk - June 10, 2026 **Microsoft June 2026 Patch Tuesday Fixes Over 200 Flaws Including Three Zero-Days** Microsoft released its June 2026 Patch Tuesday update, addressing more than 200 vulnerabilities across its product line. Among the fixes are three zero-day vulnerabilities actively exploited in the wild. The update covers critical remote code execution flaws in Windows, Office, and Exchange Server, along with numerous privilege escalation and spoofing issues. Administrators are urged to apply patches immediately... **Microsoft June 2026 Patch Tuesday Fixes Over 200 Flaws Including Three Zero-Days** Microsoft released its June 2026 Patch Tuesday update, addressing more than 200 vulnerabilities across its product line. Among the fixes are three zero-day vulnerabilities actively exploited in the wild. The update covers critical remote code execution flaws in Windows, Office, and Exchange Server, along with numerous privilege escalation and spoofing issues. Administrators are urged to apply patches immediately... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-06-10_overnight.mp4 Thu, 11 Jun 2026 00:05:44 +0000 435 no full NSO Group, Apple Password Fix, Malware via Ghidra Clones - June 09, 2026 Story 1: NSO Group Spyware Resurfaces on WhatsApp Meta has filed a contempt complaint against NSO Group, alleging that the spyware vendor violated a court order by deploying new zero-click spyware attacks on WhatsApp in June 2026. The attacks targeted journalists and civil society members, using a previously unseen payload that bypassed recent WhatsApp security patches. Meta states the exploitation relied on a chain of undisclosed vulnerabilities, and it has since blocked the associated infrastr... Story 1: NSO Group Spyware Resurfaces on WhatsApp Meta has filed a contempt complaint against NSO Group, alleging that the spyware vendor violated a court order by deploying new zero-click spyware attacks on WhatsApp in June 2026. The attacks targeted journalists and civil society members, using a previously unseen payload that bypassed recent WhatsApp security patches. Meta states the exploitation relied on a chain of undisclosed vulnerabilities, and it has since blocked the associated infrastr... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-06-09_manual_124604.mp4 Tue, 09 Jun 2026 19:02:59 +0000 483 no full Europol Busts Streaming Rings, TA4922 Deploys SilentRunLoader, ShinyHunters Hits Charter - June 05, 2026 **Story 1: European Authorities Dismantle Illegal Streaming Networks** European law enforcement agencies, led by Europol, executed Operation Kratos II, arresting 29 individuals and dismantling nine organized crime groups involved in large-scale illegal streaming operations. The crackdown targeted networks that distributed pirated content, causing significant revenue losses to legitimate media providers. Authorities seized servers, domain names, and financial assets linked to the illicit streamin... **Story 1: European Authorities Dismantle Illegal Streaming Networks** European law enforcement agencies, led by Europol, executed Operation Kratos II, arresting 29 individuals and dismantling nine organized crime groups involved in large-scale illegal streaming operations. The crackdown targeted networks that distributed pirated content, causing significant revenue losses to legitimate media providers. Authorities seized servers, domain names, and financial assets linked to the illicit streamin... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-06-05_overnight.mp4 Fri, 05 Jun 2026 18:38:12 +0000 480 no full Ransomware Works 9-to-5, Red Hat NPM Backdoor, Russian Spy Phone Hack - June 03, 2026 Story 1: BlackCat ransomware operators maintain regular business hours, according to an analysis of 24 months of leak site posts. The data shows a clear pattern of activity during standard workdays and hours, suggesting organized criminal operations rather than opportunistic attacks. • https://securityaffairs.com/192969/cyber-crime/ransomware-operators-keep-business-hours-the-data-proves-it.html • https://www.reddit.com/r/hacking/comments/1ttwgfq/analyzed_24_months_of_ransomware_leaksite_posts/ ... Story 1: BlackCat ransomware operators maintain regular business hours, according to an analysis of 24 months of leak site posts. The data shows a clear pattern of activity during standard workdays and hours, suggesting organized criminal operations rather than opportunistic attacks. • https://securityaffairs.com/192969/cyber-crime/ransomware-operators-keep-business-hours-the-data-proves-it.html • https://www.reddit.com/r/hacking/comments/1ttwgfq/analyzed_24_months_of_ransomware_leaksite_posts/ ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-06-03_overnight.mp4 Wed, 03 Jun 2026 21:20:07 +0000 441 no full Meta AI Bot Hijacks Instagram, GTA/Counter-Strike Cheat Breach, Dashlane Brute-Force - June 02, 2026 This week's cybersecurity roundup covers three major incidents: a novel social engineering attack using Meta's AI support bot to steal Instagram accounts, a massive data breach at the Atlas Menu cheat service for Grand Theft Auto V and Counter-Strike 2, and a brute-force attack that forced Dashlane to suspend customer accounts. **Story 1: Hackers Used Meta's AI Support Bot to Seize Instagram Accounts** Threat actors exploited Meta's AI-powered support chatbot by impersonating account owners and... This week's cybersecurity roundup covers three major incidents: a novel social engineering attack using Meta's AI support bot to steal Instagram accounts, a massive data breach at the Atlas Menu cheat service for Grand Theft Auto V and Counter-Strike 2, and a brute-force attack that forced Dashlane to suspend customer accounts. **Story 1: Hackers Used Meta's AI Support Bot to Seize Instagram Accounts** Threat actors exploited Meta's AI-powered support chatbot by impersonating account owners and... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-06-02_overnight.mp4 Tue, 02 Jun 2026 23:26:32 +0000 3809 no full Carnival Breach Hits 6M, Pentagon Phone Tracking Crisis, NATO Taps Microsoft & ESET - May 29, 2026 ## Story 1: Carnival Corporation Confirms Breach Impacting Nearly 6 Million Customers Carnival Cruise Line has confirmed a data breach affecting close to 6 million customers, with the ShinyHunters extortion group claiming responsibility. Stolen records reportedly include names, contact details, dates of birth, and loyalty program information tied to Carnival, Princess, and Holland America bookings. The incident is part of the broader Salesforce-related data theft campaign that ShinyHunters has ... ## Story 1: Carnival Corporation Confirms Breach Impacting Nearly 6 Million Customers Carnival Cruise Line has confirmed a data breach affecting close to 6 million customers, with the ShinyHunters extortion group claiming responsibility. Stolen records reportedly include names, contact details, dates of birth, and loyalty program information tied to Carnival, Princess, and Holland America bookings. The incident is part of the broader Salesforce-related data theft campaign that ShinyHunters has ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-29_FHNGQ84sPII.mp4 Fri, 29 May 2026 19:34:13 +0000 548 no full Apple Blocks 2M Apps, Kimwolf Botnet Admin Arrested, CVE-2026-5194 AI Flaw - May 25, 2026 In this episode, we cover three major cybersecurity stories shaping the week: Apple's massive App Store enforcement actions and a critical Cisco patch, the takedown of the Kimwolf DDoS botnet operator, and Anthropic's Glasswing AI uncovering thousands of vulnerabilities including CVE-2026-5194. === Story 1: Apple Rejects 2M Apps, Cisco Patches Critical Secure Workload Flaw, Ocean Launches Email Security === Apple disclosed it rejected over 2 million App Store submissions in 2025 as part of expa... In this episode, we cover three major cybersecurity stories shaping the week: Apple's massive App Store enforcement actions and a critical Cisco patch, the takedown of the Kimwolf DDoS botnet operator, and Anthropic's Glasswing AI uncovering thousands of vulnerabilities including CVE-2026-5194. === Story 1: Apple Rejects 2M Apps, Cisco Patches Critical Secure Workload Flaw, Ocean Launches Email Security === Apple disclosed it rejected over 2 million App Store submissions in 2025 as part of expa... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-26_t2e-D88uS4M.mp4 Tue, 26 May 2026 01:46:33 +0000 834 no full Shinyhunters Canvas Breach, Android Malware & CVE-2025-66479 - May 21, 2026 Story 1: Shinyhunters Canvas Data Breach The threat actor group Shinyhunters claimed to have stolen student data from Canvas, a widely-used learning management system, but security researchers and congressional investigators express skepticism about whether the stolen information was actually deleted as promised. The breach has drawn attention from Congress and triggered inquiries into Instructure's security practices and incident response protocols. Experts warn that verification of data delet... Story 1: Shinyhunters Canvas Data Breach The threat actor group Shinyhunters claimed to have stolen student data from Canvas, a widely-used learning management system, but security researchers and congressional investigators express skepticism about whether the stolen information was actually deleted as promised. The breach has drawn attention from Congress and triggered inquiries into Instructure's security practices and incident response protocols. Experts warn that verification of data delet... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-21_plhPdq2AzZo.mp4 Thu, 21 May 2026 20:32:14 +0000 431 no full GitHub TeamPCP Breach, CISA Credential Leak, Mac Malware - May 20, 2026 GitHub TeamPCP Breach Investigation GitHub is investigating a claimed breach by threat actor TeamPCP affecting approximately 4,000 internal repositories. The attacker claims to have accessed sensitive GitHub infrastructure, raising concerns about the security of the platform's internal development assets. This incident highlights risks to major software development platforms and their internal code repositories. Sources: • https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.... GitHub TeamPCP Breach Investigation GitHub is investigating a claimed breach by threat actor TeamPCP affecting approximately 4,000 internal repositories. The attacker claims to have accessed sensitive GitHub infrastructure, raising concerns about the security of the platform's internal development assets. This incident highlights risks to major software development platforms and their internal code repositories. Sources: • https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-20_VYRv4vmpJ4g.mp4 Wed, 20 May 2026 21:54:53 +0000 551 no full Double Canvas, AppDirect, Foxconn Breaches: ShinyHunters & Qilin Strike - May 17, 2026 STORY 1: Double Canvas Breach Acknowledged by ShinyHunters Instructure's Canvas learning management platform suffered a confirmed data breach after threat actor ShinyHunters gained unauthorized access. The group has set a new pay-or-leak deadline, pressuring the company to negotiate ransom terms. Double Canvas users and institutions face potential exposure of sensitive educational data. Sources: • https://www.theregister.com/security/2026/05/12/double-canvas-intrusion-confirmed-as-shinyhunters... STORY 1: Double Canvas Breach Acknowledged by ShinyHunters Instructure's Canvas learning management platform suffered a confirmed data breach after threat actor ShinyHunters gained unauthorized access. The group has set a new pay-or-leak deadline, pressuring the company to negotiate ransom terms. Double Canvas users and institutions face potential exposure of sensitive educational data. Sources: • https://www.theregister.com/security/2026/05/12/double-canvas-intrusion-confirmed-as-shinyhunters... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-18_PdBQRcosJNA.mp4 Mon, 18 May 2026 00:10:04 +0000 136 no full Scattered Spider Skid Kiddie Arrested, Attack-Chaining Cisco, Gremin is Back! - May 16, 2026 🚨 British hacker just pleaded guilty to $10M+ crypto heist 🚨 Tylerb, a 24-year-old member of Scattered Spider, admitted to wire fraud and identity theft in US federal court. Here's the wild part: he didn't use fancy hacking tools. Instead, he sent fake IT texts (smishing), stole employee passwords, and his crew hit over a dozen major tech companies. Scattered Spider's whole playbook is social engineering. SIM swaps, vishing calls, phishing texts. Low tech barrier, high success rate. Tylerb was... 🚨 British hacker just pleaded guilty to $10M+ crypto heist 🚨 Tylerb, a 24-year-old member of Scattered Spider, admitted to wire fraud and identity theft in US federal court. Here's the wild part: he didn't use fancy hacking tools. Instead, he sent fake IT texts (smishing), stole employee passwords, and his crew hit over a dozen major tech companies. Scattered Spider's whole playbook is social engineering. SIM swaps, vishing calls, phishing texts. Low tech barrier, high success rate. Tylerb was... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-16_C9iieaBWbiQ.mp4 Sat, 16 May 2026 22:48:44 +0000 157 no full Pixel Zero-Click, Stryker Wiper, OpenAI hit by TanStack Supply Chain Attack - May 15, 2026 🚨 OpenAI Got Hit in the TanStack Supply Chain Attack 🚨 Two OpenAI employee devices were compromised when attackers poisoned hundreds of npm and PyPI packages. Here's what went down. TanStack is everywhere in JavaScript and Python projects. Attackers injected malicious code into the supply chain, and anyone who pulled those packages during the compromise window got exposed. OpenAI immediately rotated their code-signing certificates, which is a huge deal. Those certs prove your software is l... 🚨 OpenAI Got Hit in the TanStack Supply Chain Attack 🚨 Two OpenAI employee devices were compromised when attackers poisoned hundreds of npm and PyPI packages. Here's what went down. TanStack is everywhere in JavaScript and Python projects. Attackers injected malicious code into the supply chain, and anyone who pulled those packages during the compromise window got exposed. OpenAI immediately rotated their code-signing certificates, which is a huge deal. Those certs prove your software is l... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-15_2Y_ess3tNB0.mp4 Fri, 15 May 2026 22:24:12 +0000 127 no full LinkedIn BrowserGate, Anthropic's Mythos, and Microsoft's Token Theft Warning - 5/5/26 👀 LinkedIn Was Quietly Inspecting Your Browser Like a Nosy Cop 👀 "BrowserGate," a report alleging LinkedIn quietly scanned users’ browsers for thousands of installed extensions and attached a hardware-style fingerprint to session activity without meaningful disclosure. LinkedIn says the probing is a security measure aimed at scraping tools, but the reporting and independent testing show the behavior is real, extensive, and a lot more invasive than most people would expect from the site where th... 👀 LinkedIn Was Quietly Inspecting Your Browser Like a Nosy Cop 👀 "BrowserGate," a report alleging LinkedIn quietly scanned users’ browsers for thousands of installed extensions and attached a hardware-style fingerprint to session activity without meaningful disclosure. LinkedIn says the probing is a security measure aimed at scraping tools, but the reporting and independent testing show the behavior is real, extensive, and a lot more invasive than most people would expect from the site where th... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-05_SgiW7uvB95E.mp4 Tue, 05 May 2026 19:06:45 +0000 134 no full UK Biobank Breach Put 500,000 Health Records Up for Sale in China - 5/4/26 My first story tracks a brutal trust failure inside one of the world’s most famous health research projects: data tied to all 500,000 UK Biobank volunteers was advertised for sale on Alibaba by sellers linked to research access abuse. The UK government said names and contact details were not included, but the whole selling point of de-identified health data is that it is not supposed to wind up on a Chinese marketplace like discount headphones. UK Biobank paused access, cut off the implicated in... My first story tracks a brutal trust failure inside one of the world’s most famous health research projects: data tied to all 500,000 UK Biobank volunteers was advertised for sale on Alibaba by sellers linked to research access abuse. The UK government said names and contact details were not included, but the whole selling point of de-identified health data is that it is not supposed to wind up on a Chinese marketplace like discount headphones. UK Biobank paused access, cut off the implicated in... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-05_-v6WnVLMC10.mp4 Tue, 05 May 2026 03:26:06 +0000 73 no full Github Super-Vuln, Chinese Espionage, Malvertising a Go-Go! - May 1, 2026 💥 GitHub Had an RCE Problem the Size of the Internet 💥 CVE-2026-3854, a critical GitHub flaw that let an authenticated user turn a normal `git push` into remote code execution on backend infrastructure. Wiz said the issue could expose millions of public and private repositories on affected GitHub.com storage nodes, while GitHub Enterprise Server instances faced full server compromise if left unpatched. So yes, one semicolon and a bad design assumption almost turned the world’s code locker into a... 💥 GitHub Had an RCE Problem the Size of the Internet 💥 CVE-2026-3854, a critical GitHub flaw that let an authenticated user turn a normal `git push` into remote code execution on backend infrastructure. Wiz said the issue could expose millions of public and private repositories on affected GitHub.com storage nodes, while GitHub Enterprise Server instances faced full server compromise if left unpatched. So yes, one semicolon and a bad design assumption almost turned the world’s code locker into a... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-05-01_OlGong4omOw.mp4 Fri, 01 May 2026 19:08:39 +0000 86 no full Europe’s Biggest Gym Breach, Iran Targets US Water, & Omnistealer Goes On-Chain - 4/15/26 Yeah...I know the audio sounds terrible. I'll figure it out and it'll be better tomorrow. -AT Basic-Fit, Europe’s largest gym chain, disclosed a breach affecting roughly 1 million members across six countries after attackers accessed a system used to record club visits. Stolen data includes names, contact details, dates of birth, and bank account information, which makes this a whole lot worse than a marketing email leak. Apparently the hardest part of going to the gym in 2026 is not getting ... Yeah...I know the audio sounds terrible. I'll figure it out and it'll be better tomorrow. -AT Basic-Fit, Europe’s largest gym chain, disclosed a breach affecting roughly 1 million members across six countries after attackers accessed a system used to record club visits. Stolen data includes names, contact details, dates of birth, and bank account information, which makes this a whole lot worse than a marketing email leak. Apparently the hardest part of going to the gym in 2026 is not getting ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-15_KEohDXna17E.mp4 Wed, 15 Apr 2026 16:09:40 +0000 81 no full AI prompts exposed, China's supercomputer looted, and a Meta insider stole 30K photos - 4/10/2026 💋 70,000 NSFW AI Prompts Just Got Tied Back to Real People 💋 A breach involving MyLovely.AI exposed data on more than 100,000 users, including explicit prompts, generated content links, account metadata, and roughly 70,000 prompts directly tied to unique user IDs. That matters because the leak does not just reveal email addresses — it deanonymizes deeply personal sexual content and creates obvious openings for sextortion, doxxing, and harassment. The lesson is brutal and simple: people keep tre... 💋 70,000 NSFW AI Prompts Just Got Tied Back to Real People 💋 A breach involving MyLovely.AI exposed data on more than 100,000 users, including explicit prompts, generated content links, account metadata, and roughly 70,000 prompts directly tied to unique user IDs. That matters because the leak does not just reveal email addresses — it deanonymizes deeply personal sexual content and creates obvious openings for sextortion, doxxing, and harassment. The lesson is brutal and simple: people keep tre... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-10_3DbSgHU6kpI.mp4 Fri, 10 Apr 2026 17:22:25 +0000 96 no full Emoji's, LATAM Mobile Fraud, and Microsoft Bricks Lazy Devs. - 4/9/26 🤖 Cybercriminals Are Using Emojis to Hide in Plain Sight 🤖 Threat actors are increasingly using emojis as a functional layer of communication across Telegram, Discord, dark web forums, and cybercrime marketplaces to flag tools, stolen data, payouts, urgency, and targets while dodging simplistic keyword-based monitoring. Researchers say the symbols are not decorative fluff — they help criminals compress meaning, build reputation, speed up coordination, and add a second layer of obfuscation that ... 🤖 Cybercriminals Are Using Emojis to Hide in Plain Sight 🤖 Threat actors are increasingly using emojis as a functional layer of communication across Telegram, Discord, dark web forums, and cybercrime marketplaces to flag tools, stolen data, payouts, urgency, and targets while dodging simplistic keyword-based monitoring. Researchers say the symbols are not decorative fluff — they help criminals compress meaning, build reputation, speed up coordination, and add a second layer of obfuscation that ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-10_wRu7FF48Rrg.mp4 Fri, 10 Apr 2026 02:15:18 +0000 108 no full 🛡️ Microsoft Patches 77 Bugs Including Critical Office RCE Flaws 🛡️ Microsoft released security updates fixing 77 vulnerabilities across Windows and related software in its March 2026 Patch Tuesday, including critical remote code execution flaws in Microsoft Office that can be triggered simply by viewing a malicious email in the Preview Pane. Two publicly disclosed zero-days were patched: CVE-2026-21262, a privilege escalation bug in SQL Server that allows network-based elevation to sysadmin, and CVE-2026-26127, a .NET denial-of-service vulnerability. Over half ... Microsoft released security updates fixing 77 vulnerabilities across Windows and related software in its March 2026 Patch Tuesday, including critical remote code execution flaws in Microsoft Office that can be triggered simply by viewing a malicious email in the Preview Pane. Two publicly disclosed zero-days were patched: CVE-2026-21262, a privilege escalation bug in SQL Server that allows network-based elevation to sysadmin, and CVE-2026-26127, a .NET denial-of-service vulnerability. Over half ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-08_PLNm1hXuDk0.mp4 Wed, 08 Apr 2026 18:03:54 +0000 73 no full Russia Hacks Routers, Patch Tuesday, TeamPCP attacks Iran with Wiper Malware - 4/8/2026 🐻 Russia Stole Microsoft Tokens from 18,000 Hacked Routers 🐻 Russian military intelligence unit APT28 (Forest Blizzard) compromised over 18,000 Internet routers to conduct a massive DNS hijacking campaign that stole Microsoft Office authentication tokens from 200+ organizations and 5,000 consumer devices. The state-sponsored hackers exploited vulnerabilities in older TP-Link and MikroTik routers to redirect DNS traffic through attacker-controlled servers, intercepting OAuth tokens after users c... 🐻 Russia Stole Microsoft Tokens from 18,000 Hacked Routers 🐻 Russian military intelligence unit APT28 (Forest Blizzard) compromised over 18,000 Internet routers to conduct a massive DNS hijacking campaign that stole Microsoft Office authentication tokens from 200+ organizations and 5,000 consumer devices. The state-sponsored hackers exploited vulnerabilities in older TP-Link and MikroTik routers to redirect DNS traffic through attacker-controlled servers, intercepting OAuth tokens after users c... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-08_bGQGPwBNwx0.mp4 Wed, 08 Apr 2026 18:00:09 +0000 202 no full GitHub Supply Chain Attack: AI-Powered PRT-Scan Targets Developers - 4/7/26 🚨 AI-Powered GitHub Attack Steals Secrets from Open Source Projects 🚨 A sophisticated AI-assisted supply chain attack called "PRT-scan" has targeted hundreds of GitHub repositories using fake pull requests to exfiltrate developer credentials and secrets. The campaign, which began on March 11, 2026, leverages automated AI to rapidly identify and exploit GitHub Actions misconfigurations across open source projects. Threat actors created multiple disposable accounts to submit over 256 malicious pu... 🚨 AI-Powered GitHub Attack Steals Secrets from Open Source Projects 🚨 A sophisticated AI-assisted supply chain attack called "PRT-scan" has targeted hundreds of GitHub repositories using fake pull requests to exfiltrate developer credentials and secrets. The campaign, which began on March 11, 2026, leverages automated AI to rapidly identify and exploit GitHub Actions misconfigurations across open source projects. Threat actors created multiple disposable accounts to submit over 256 malicious pu... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-07_hzpstXTM4Ok.mp4 Tue, 07 Apr 2026 16:57:18 +0000 116 no full UNKN Unmasked, Ransomware killing 300+ EDR, & Beware of 3rd Party QR code Scanners - April 6, 2026 Germany Finally IDs the Ghost Behind REvil & GandCrab Ransomware Germany just unmasked one of cybercrime's biggest ghosts—Daniil Shchukin, the 31-year-old Russian who ran both GandCrab and REvil ransomware operations. From $2 billion in extortion to the Kaseya attack that hit 1,500+ businesses, this is the story of how they finally caught the hacker known as "UNKN." Sources: - https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/ - https://www.bka.d... Germany Finally IDs the Ghost Behind REvil & GandCrab Ransomware Germany just unmasked one of cybercrime's biggest ghosts—Daniil Shchukin, the 31-year-old Russian who ran both GandCrab and REvil ransomware operations. From $2 billion in extortion to the Kaseya attack that hit 1,500+ businesses, this is the story of how they finally caught the hacker known as "UNKN." Sources: - https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/ - https://www.bka.d... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-07_Vz14NFYG3n4.mp4 Tue, 07 Apr 2026 03:09:12 +0000 121 no full AI Agents Gone Rogue: Google Exposed, Venom Persists & Anthropic Leaks 500K Lines | April 1, 2026 🔐 Google's AI Agent Permissions Are a Ticking Time Bomb 💣 Palo Alto Networks Unit 42 researchers discovered that Google's Vertex AI gives AI agents dangerously excessive default permissions that allow attackers to break out of the AI environment, steal customer data from Google Cloud Projects, and even access Google's internal infrastructure. The vulnerability stems from the overprivileged Per-Project, Per-Product Service Agent (P4SA) that's automatically assigned to every AI agent deployed on t... 🔐 Google's AI Agent Permissions Are a Ticking Time Bomb 💣 Palo Alto Networks Unit 42 researchers discovered that Google's Vertex AI gives AI agents dangerously excessive default permissions that allow attackers to break out of the AI environment, steal customer data from Google Cloud Projects, and even access Google's internal infrastructure. The vulnerability stems from the overprivileged Per-Project, Per-Product Service Agent (P4SA) that's automatically assigned to every AI agent deployed on t... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-04-01_4w_BB3jeiNs.mp4 Wed, 01 Apr 2026 18:10:43 +0000 99 no full Triple Cyber Threat: Professional Networks, npm Supply Chain & AWS Under Attack - 3/31/2026 💼🕵️ Professional Networks Under Attack: PXA Stealer Campaign 🕵️💼 A Vietnam-linked hacking group is targeting LinkedIn users with PXA Stealer malware, designed to harvest saved passwords, browser cookies, and two-factor authentication codes from professionals on the platform. Once credentials are stolen, hackers can impersonate victims to phish coworkers, spread malware through DMs, and run fake job offer scams. Protect yourself now by enabling authenticator-based 2FA, avoiding unsolicited links... 💼🕵️ Professional Networks Under Attack: PXA Stealer Campaign 🕵️💼 A Vietnam-linked hacking group is targeting LinkedIn users with PXA Stealer malware, designed to harvest saved passwords, browser cookies, and two-factor authentication codes from professionals on the platform. Once credentials are stolen, hackers can impersonate victims to phish coworkers, spread malware through DMs, and run fake job offer scams. Protect yourself now by enabling authenticator-based 2FA, avoiding unsolicited links... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-31_e2_W9KNoexY.mp4 Tue, 31 Mar 2026 21:05:30 +0000 104 no full Crunchyroll 6.8M Breach, North Korea Owns VS Code & Russia Hacks Signal | Mar 24 🍣 Crunchyroll Confirmed 6.8M Users Were Breached. It Wasn't Even Their Fault. 😭 ShinyHunters, the group behind breaches at AT&T, Ticketmaster, and Santander, stole data on 6.8 million Crunchyroll users via a supply chain attack through Telus Digital. A Telus employee ran malware on their work laptop, giving the attacker access to Crunchyroll's environment. Stolen data includes names, emails, passwords, support records, and potentially payment details. ShinyHunters has a track record of selling ... 🍣 Crunchyroll Confirmed 6.8M Users Were Breached. It Wasn't Even Their Fault. 😭 ShinyHunters, the group behind breaches at AT&T, Ticketmaster, and Santander, stole data on 6.8 million Crunchyroll users via a supply chain attack through Telus Digital. A Telus employee ran malware on their work laptop, giving the attacker access to Crunchyroll's environment. Stolen data includes names, emails, passwords, support records, and potentially payment details. ShinyHunters has a track record of selling ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-24_NPA3fVA495Y.mp4 Tue, 24 Mar 2026 18:13:44 +0000 138 no full Crunchyroll Hacked, H&R Block Backdoor & FBI Can't Stop Iran | Mar 23 🍥 Crunchyroll Got Hacked — Your Email, Password & Credit Card May Be Gone A threat actor breached Crunchyroll on March 12, 2026 through a compromised employee at TELUS, their outsourcing partner — who had malware on his machine that gave the attacker access to Crunchyroll's environment. Roughly 100GB of customer analytics data was exfiltrated before the breach was stopped, potentially including emails, passwords, and credit card information. Crunchyroll took 24 hours to detect the breach. As of... 🍥 Crunchyroll Got Hacked — Your Email, Password & Credit Card May Be Gone A threat actor breached Crunchyroll on March 12, 2026 through a compromised employee at TELUS, their outsourcing partner — who had malware on his machine that gave the attacker access to Crunchyroll's environment. Roughly 100GB of customer analytics data was exfiltrated before the breach was stopped, potentially including emails, passwords, and credit card information. Crunchyroll took 24 hours to detect the breach. As of... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-23_-42TDnyn9as.mp4 Mon, 23 Mar 2026 17:43:41 +0000 79 no full AI Fraud, iPhone Exploits & Microsoft's Self-Inflicted Outage | Cybersecurity News 🎵 This Musician Made $10 Million Streaming His Own Songs — With Fake AI Listeners. He's Going to Prison. Michael Smith, a North Carolina musician, pleaded guilty to wire fraud conspiracy after using AI-generated music and AI bots to fake billions of streams on Spotify, Apple Music, and Amazon Music — pocketing over $10 million in royalty payments that should have gone to real artists. He created thousands of fake streaming accounts, generated AI songs to fill them, and had bots stream them arou... 🎵 This Musician Made $10 Million Streaming His Own Songs — With Fake AI Listeners. He's Going to Prison. Michael Smith, a North Carolina musician, pleaded guilty to wire fraud conspiracy after using AI-generated music and AI bots to fake billions of streams on Spotify, Apple Music, and Amazon Music — pocketing over $10 million in royalty payments that should have gone to real artists. He created thousands of fake streaming accounts, generated AI songs to fill them, and had bots stream them arou... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-22_taw8ujQ0aaQ.mp4 Sun, 22 Mar 2026 20:09:32 +0000 75 no full Russian Hackers Hold Kids Hospital Hostage + AI Phishing Scam EXPOSED | BreachForums DOWN - 3/18/26 🏥 Ransomware Gang Knocked Out Mississippi's Only Children's Hospital — For 9 Days The Medusa ransomware gang, believed to operate out of Russia, has claimed responsibility for a devastating February cyberattack on the University of Mississippi Medical Center — the state's only children's hospital, Level I trauma center, and organ transplant facility. The hospital went completely dark for nine days, forcing staff to manage cancer infusions, surgeries, and critical care with paper and pen. Medusa... 🏥 Ransomware Gang Knocked Out Mississippi's Only Children's Hospital — For 9 Days The Medusa ransomware gang, believed to operate out of Russia, has claimed responsibility for a devastating February cyberattack on the University of Mississippi Medical Center — the state's only children's hospital, Level I trauma center, and organ transplant facility. The hospital went completely dark for nine days, forcing staff to manage cancer infusions, surgeries, and critical care with paper and pen. Medusa... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-19_RoaY_qHoWK4.mp4 Thu, 19 Mar 2026 00:57:15 +0000 107 no full Hackers Pase as PayPal, $4.4M Crypto Heist via Photo & PowerSchool's Triple Extortion Nightmare 🎣 Hackers Are Posing as PayPal & Amazon Support — And Stealing Your MFA Codes in Real Time Researchers discovered attackers are hijacking LiveChat — the same support tool used by thousands of legitimate companies — to impersonate PayPal and Amazon agents in real time. Victims are lured via phishing emails, connected to a fake live chat, coaxed into sharing credit card numbers and MFA codes, and then redirected to fake login pages where their credentials are captured. The MFA bypass is the criti... 🎣 Hackers Are Posing as PayPal & Amazon Support — And Stealing Your MFA Codes in Real Time Researchers discovered attackers are hijacking LiveChat — the same support tool used by thousands of legitimate companies — to impersonate PayPal and Amazon agents in real time. Victims are lured via phishing emails, connected to a fake live chat, coaxed into sharing credit card numbers and MFA codes, and then redirected to fake login pages where their credentials are captured. The MFA bypass is the criti... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-17_2-1r-oKQ7zs.mp4 Tue, 17 Mar 2026 16:46:10 +0000 95 no full Bing AI Malware + Banking Trojan + EU Bank Ruling | Mar 9, 2026 🤖 Bing AI Promotes Fake GitHub Repos with Malware 🤖 Microsoft Bing's AI search feature promoted fake OpenClaw GitHub repositories that deployed infostealers and proxy malware, marking the first major case of AI search engines serving malicious content. • BleepingComputer: https://www.bleepingcomputer.com/news/security/bing-ai-promoted-fake-openclaw-github-repo-pushing-info-stealing-malware/ • The Register: https://www.theregister.com/2026/03/04/fake_openclaw_installers_malware/ • Security Boul... 🤖 Bing AI Promotes Fake GitHub Repos with Malware 🤖 Microsoft Bing's AI search feature promoted fake OpenClaw GitHub repositories that deployed infostealers and proxy malware, marking the first major case of AI search engines serving malicious content. • BleepingComputer: https://www.bleepingcomputer.com/news/security/bing-ai-promoted-fake-openclaw-github-repo-pushing-info-stealing-malware/ • The Register: https://www.theregister.com/2026/03/04/fake_openclaw_installers_malware/ • Security Boul... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-09_ABFtgsc83kE.mp4 Mon, 09 Mar 2026 19:28:20 +0000 106 no full Meta will Alert Parents if Teens Search Self-Harm. My interview with Fox 6 News Atlanta. https://www.fox5atlanta.com/video/fmc-j4vfei7ygyzc56l6 I was interviewed by Fox 5 Atlanta about Instagram's new safety update that notifies parents when their teen repeatedly searches for suicide or self-harm-related terms. While it sounds like a step forward from Meta, is it really enough? We break down what this feature actually does, what it doesn't, and whether this marks a genuine shift in how Meta approaches teen mental health...or just another PR move. https://www.fox5atlanta.com/video/fmc-j4vfei7ygyzc56l6 I was interviewed by Fox 5 Atlanta about Instagram's new safety update that notifies parents when their teen repeatedly searches for suicide or self-harm-related terms. While it sounds like a step forward from Meta, is it really enough? We break down what this feature actually does, what it doesn't, and whether this marks a genuine shift in how Meta approaches teen mental health...or just another PR move. https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-06_HlBWwUl2i5g.mp4 Fri, 06 Mar 2026 17:33:15 +0000 254 no full 🚨 AI Weaponized Against Mexico, Cancer Center Breach, ClawJacked AI Hijack - Mar 3 🤖 Hackers Weaponize Claude AI - Mexico Government Hacked 🤖 Threat actors weaponized Anthropic's Claude Code AI assistant to breach the Mexican government's systems and steal over 150GB of sensitive data, including civil registry files, tax records, and voter data. Roughly 195 million identities were exposed. This represents the first confirmed use of a commercial AI coding tool in a government-level cyberattack. • https://www.securityweek.com/hackers-weaponize-claude-code-in-mexican-government... 🤖 Hackers Weaponize Claude AI - Mexico Government Hacked 🤖 Threat actors weaponized Anthropic's Claude Code AI assistant to breach the Mexican government's systems and steal over 150GB of sensitive data, including civil registry files, tax records, and voter data. Roughly 195 million identities were exposed. This represents the first confirmed use of a commercial AI coding tool in a government-level cyberattack. • https://www.securityweek.com/hackers-weaponize-claude-code-in-mexican-government... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-03_wsu2s7pbCag.mp4 Tue, 03 Mar 2026 20:56:36 +0000 96 no full 🚨 Europol Arrests 30 Com Hackers, Samsung Smart TV Spying Settlement, Iran Cyber War - Mar 2 👮 Europol Crackdown on The Com Hackers - 30 Arrests 👮 Europol's Project Compass led to 30 arrests of The Com cybercrime collective members across 28 countries. The group targets children for extortion and CSAM production, linked to major ransomware attacks and organized into subgroups including 764. • https://www.bleepingcomputer.com/news/security/police-crackdown-on-the-com-cybercrime-gang-leads-to-30-arrests/ • https://www.europol.europa.eu/media-press/newsroom/news/ • https://www.securitywe... 👮 Europol Crackdown on The Com Hackers - 30 Arrests 👮 Europol's Project Compass led to 30 arrests of The Com cybercrime collective members across 28 countries. The group targets children for extortion and CSAM production, linked to major ransomware attacks and organized into subgroups including 764. • https://www.bleepingcomputer.com/news/security/police-crackdown-on-the-com-cybercrime-gang-leads-to-30-arrests/ • https://www.europol.europa.eu/media-press/newsroom/news/ • https://www.securitywe... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-03-02_jgF0mwH6qKQ.mp4 Mon, 02 Mar 2026 22:38:30 +0000 93 no full 🚨 Defense Contractor Sold Zero-Days to Russia, Job Interview Backdoors, 27-Second Hacks - Feb 26 Ex-L3Harris Executive Sentenced for Selling Zero-Days to Russian Broker Peter Williams, former general manager of L3Harris's Trenchant cybersecurity unit, was sentenced to 87 months in prison for stealing and selling 8 zero-day exploits to Russian broker Operation Zero for $1.3M in cryptocurrency. The theft caused $35M in losses and could enable access to millions of devices worldwide. • https://www.bleepingcomputer.com/news/security/ex-l3harris-exec-jailed-for-selling-zero-days-to-russian-exp... Ex-L3Harris Executive Sentenced for Selling Zero-Days to Russian Broker Peter Williams, former general manager of L3Harris's Trenchant cybersecurity unit, was sentenced to 87 months in prison for stealing and selling 8 zero-day exploits to Russian broker Operation Zero for $1.3M in cryptocurrency. The theft caused $35M in losses and could enable access to millions of devices worldwide. • https://www.bleepingcomputer.com/news/security/ex-l3harris-exec-jailed-for-selling-zero-days-to-russian-exp... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-26_hpn8krD9Zbg.mp4 Thu, 26 Feb 2026 20:49:45 +0000 110 no full Wynn Casino Breach, UAE AI Terror Attack, SLH Hackers Recruit Women for Scams - Feb 25 🎰 Wynn Resorts Las Vegas Hit by Cybersecurity Breach 🎰 What happens in Vegas... apparently gets stolen by ShinyHunters. Wynn Resorts, one of Las Vegas's biggest casino operators, just confirmed they got hacked. And when I say hacked, I mean eight hundred thousand employee records—complete with Social Security numbers—stolen by ransomware criminals who are now demanding a million and a half dollars to keep quiet. The breach was actually revealed in a lawsuit, which is a fun way to learn your com... 🎰 Wynn Resorts Las Vegas Hit by Cybersecurity Breach 🎰 What happens in Vegas... apparently gets stolen by ShinyHunters. Wynn Resorts, one of Las Vegas's biggest casino operators, just confirmed they got hacked. And when I say hacked, I mean eight hundred thousand employee records—complete with Social Security numbers—stolen by ransomware criminals who are now demanding a million and a half dollars to keep quiet. The breach was actually revealed in a lawsuit, which is a fun way to learn your com... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-25_rgiSRJqca1k.mp4 Wed, 25 Feb 2026 22:14:40 +0000 79 no full BREAKING: 25M+ US Breach + Chrome Zero-Day + AI Malware (Feb 24,2026) 🚨 Conduent Breach Now Largest in US History - 25+ Million Affected Conduent Business Services confirmed one of the largest data breaches in U.S. history affecting 25+ million individuals. Safepay ransomware group stole 8TB of data including SSNs, medical histories, and health insurance details between October 2024 and January 2025. Sources: • https://cybersecuritynews.com/conduent-data-breach/ • https://techcrunch.com/2026/02/24/conduent-data-breach-grows-affecting-at-least-25m-people/ • https:... 🚨 Conduent Breach Now Largest in US History - 25+ Million Affected Conduent Business Services confirmed one of the largest data breaches in U.S. history affecting 25+ million individuals. Safepay ransomware group stole 8TB of data including SSNs, medical histories, and health insurance details between October 2024 and January 2025. Sources: • https://cybersecuritynews.com/conduent-data-breach/ • https://techcrunch.com/2026/02/24/conduent-data-breach-grows-affecting-at-least-25m-people/ • https:... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-24_p4Ky1l4X_c4.mp4 Tue, 24 Feb 2026 23:00:15 +0000 98 no full Texas Sues TP-Link for China Hacking + 1B Records Exposed + First AI Android Malware | Feb 20, 2026 🚨 Texas Sues TP-Link Over Chinese Hacking Risks 🚨 Texas sued TP-Link Systems alleging the company deceptively marketed routers as secure while firmware vulnerabilities enabled Chinese state-backed hackers to compromise American users' devices and networks. Sources: • https://www.bleepingcomputer.com/news/security/texas-sues-tp-link-over-chinese-hacking-risks-user-deception/ • https://www.texasattorneygeneral.gov/news/releases/texas-files-lawsuit-tp-link-systems-deceptive-security-claims • htt... 🚨 Texas Sues TP-Link Over Chinese Hacking Risks 🚨 Texas sued TP-Link Systems alleging the company deceptively marketed routers as secure while firmware vulnerabilities enabled Chinese state-backed hackers to compromise American users' devices and networks. Sources: • https://www.bleepingcomputer.com/news/security/texas-sues-tp-link-over-chinese-hacking-risks-user-deception/ • https://www.texasattorneygeneral.gov/news/releases/texas-files-lawsuit-tp-link-systems-deceptive-security-claims • htt... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-20_h2SBw-XyIeo.mp4 Fri, 20 Feb 2026 20:06:13 +0000 110 no full BREAKING: Chrome Zero-Day + AI Malware + Android Backdoor — Feb 18, 2026 🔴 Google Patches First Chrome Zero-Day of 2026 — Actively Exploited 🔴 Google released emergency updates on February 16, 2026 to patch CVE-2026-2441, a high-severity use-after-free vulnerability in Chrome with a CVSS score of 8.8. The flaw is being actively exploited in the wild, allowing remote attackers to potentially execute code by getting victims to visit a crafted webpage. This is Chrome's first actively exploited zero-day of 2026, and users on all platforms should update immediately. Sou... 🔴 Google Patches First Chrome Zero-Day of 2026 — Actively Exploited 🔴 Google released emergency updates on February 16, 2026 to patch CVE-2026-2441, a high-severity use-after-free vulnerability in Chrome with a CVSS score of 8.8. The flaw is being actively exploited in the wild, allowing remote attackers to potentially execute code by getting victims to visit a crafted webpage. This is Chrome's first actively exploited zero-day of 2026, and users on all platforms should update immediately. Sou... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-18_iXaBDxkj2Ys.mp4 Wed, 18 Feb 2026 19:22:05 +0000 97 no full AI Agent Hack, BeyondTrust Zero-Day & Password Manager Flaws — Cyber News Feb 17, 2026 🦀Infostealer Steals OpenClaw AI Agent Secrets🦀 Information-stealing malware has been observed for the first time specifically targeting OpenClaw, a popular agentic AI assistant framework, stealing API keys, authentication tokens, and cloud credentials stored in its configuration files. This attack vector is particularly dangerous because compromised AI agent credentials can give attackers access to entire automated pipelines and connected cloud services. Security experts warn that as AI agent a... 🦀Infostealer Steals OpenClaw AI Agent Secrets🦀 Information-stealing malware has been observed for the first time specifically targeting OpenClaw, a popular agentic AI assistant framework, stealing API keys, authentication tokens, and cloud credentials stored in its configuration files. This attack vector is particularly dangerous because compromised AI agent credentials can give attackers access to entire automated pipelines and connected cloud services. Security experts warn that as AI agent a... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-17_jeTD2b-yBjE.mp4 Tue, 17 Feb 2026 18:08:49 +0000 80 no full Hackers Using Snail Mail, AI & Data Breaches to Steal Your Money - Feb 16, 2026 📬 Hackers Are Literally Mailing You Fake Letters 📬 Threat actors are sending physical letters through postal mail pretending to be from Trezor and Ledger, manufacturers of cryptocurrency hardware wallets. The letters use official-looking branding and urgent language to trick recipients into revealing their wallet recovery phrases on fake websites. The scam represents a sophisticated blend of physical and digital social engineering. Sources: • https://www.bleepingcomputer.com/news/security/sna... 📬 Hackers Are Literally Mailing You Fake Letters 📬 Threat actors are sending physical letters through postal mail pretending to be from Trezor and Ledger, manufacturers of cryptocurrency hardware wallets. The letters use official-looking branding and urgent language to trick recipients into revealing their wallet recovery phrases on fake websites. The scam represents a sophisticated blend of physical and digital social engineering. Sources: • https://www.bleepingcomputer.com/news/security/sna... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-16_m2eyFsAmNWY.mp4 Mon, 16 Feb 2026 18:05:41 +0000 133 no full 🚨 300K Hit by Fake AI Extensions, Russia Blocks WhatsApp, Hackers Weaponize Gemini AI - Feb 13, 2026 🤖 Hackers Weaponize Google's Gemini AI in Multi-Stage Attacks 🤖 Google Threat Intelligence Group published a report warning about AI model extraction and distillation attacks where threat actors abuse legitimate API access to systematically probe AI models. Attackers are using Gemini AI across all stages of cyber attacks, from reconnaissance to payload delivery. Sources: • https://www.bleepingcomputer.com/news/security/google-says-hackers-are-abusing-gemini-ai-for-all-attacks-stages/ • https:... 🤖 Hackers Weaponize Google's Gemini AI in Multi-Stage Attacks 🤖 Google Threat Intelligence Group published a report warning about AI model extraction and distillation attacks where threat actors abuse legitimate API access to systematically probe AI models. Attackers are using Gemini AI across all stages of cyber attacks, from reconnaissance to payload delivery. Sources: • https://www.bleepingcomputer.com/news/security/google-says-hackers-are-abusing-gemini-ai-for-all-attacks-stages/ • https:... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-13_7xmTNnR_eLs.mp4 Fri, 13 Feb 2026 20:45:16 +0000 83 no full 🚨 BREAKING: Apple Zero-Day, 4K Microsoft Accounts Stolen & More! 🚨 - Feb 12, 2026 📝 Windows 11 NOTEPAD RCE ZERO-DAY Executes Files Silently 📝 Microsoft patched a remote code execution vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote programs through specially crafted Markdown links without triggering Windows security warnings. Users could be tricked into clicking malicious links in seemingly harmless text files. Sources: • https://www.bleepingcomputer.com/news/microsoft/windows-11-notepad-flaw-let-files-execute-silently-via-markdown-lin... 📝 Windows 11 NOTEPAD RCE ZERO-DAY Executes Files Silently 📝 Microsoft patched a remote code execution vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote programs through specially crafted Markdown links without triggering Windows security warnings. Users could be tricked into clicking malicious links in seemingly harmless text files. Sources: • https://www.bleepingcomputer.com/news/microsoft/windows-11-notepad-flaw-let-files-execute-silently-via-markdown-lin... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-12_qrAnKrJQ_FI.mp4 Thu, 12 Feb 2026 20:21:29 +0000 175 no full Patch Tuesday Chaos, Pig-Butchering Scammer Flees Justice, ZeroDayRat for Android/iOS - Feb 11, 2026 🚨 Microsoft Patches 6 Actively Exploited Zero-Days 🚨 Microsoft's February 2026 Patch Tuesday fixes dozens of Windows and Office bugs, including six zero-day vulnerabilities actively exploited in the wild. Security teams are urged to patch quickly, especially for flaws tied to SmartScreen bypass and privilege escalation. Sources: • https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2026-patch-tuesday-fixes-6-zero-days-58-flaws/ • https://thehackernews.com/2026/02/microsoft-patch... 🚨 Microsoft Patches 6 Actively Exploited Zero-Days 🚨 Microsoft's February 2026 Patch Tuesday fixes dozens of Windows and Office bugs, including six zero-day vulnerabilities actively exploited in the wild. Security teams are urged to patch quickly, especially for flaws tied to SmartScreen bypass and privilege escalation. Sources: • https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2026-patch-tuesday-fixes-6-zero-days-58-flaws/ • https://thehackernews.com/2026/02/microsoft-patch... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-11_Xa5_B-fRSpo.mp4 Wed, 11 Feb 2026 21:58:26 +0000 93 no full AI Phishing Storm, Signal Attacks & Massive Gov Breach - Feb 10, 2026 🏢 Conduent Breach Balloons to Millions 🏢 The data breach at government technology giant Conduent has expanded dramatically, now affecting millions more Americans. The Safeway ransomware group claims responsibility for stealing over 8 terabytes of data containing personal and health information. Conduent handles data for more than 100 million people across America, making this one of the largest breaches of 2026. Sources: • https://techcrunch.com/2026/02/05/data-breach-at-govtech-giant-conduen... 🏢 Conduent Breach Balloons to Millions 🏢 The data breach at government technology giant Conduent has expanded dramatically, now affecting millions more Americans. The Safeway ransomware group claims responsibility for stealing over 8 terabytes of data containing personal and health information. Conduent handles data for more than 100 million people across America, making this one of the largest breaches of 2026. Sources: • https://techcrunch.com/2026/02/05/data-breach-at-govtech-giant-conduen... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-10_BdHZ2dhbaP0.mp4 Tue, 10 Feb 2026 20:20:53 +0000 105 no full 🚨 BeyondTrust RCE Exposes 11K Servers +EU Hacked + Home Security Breach | Cyber News Feb 9 ⚠️ BeyondTrust Critical RCE Flaw Patched ⚠️ BeyondTrust patched a critical pre-authentication remote code execution vulnerability (CVE-2026-1731) in Remote Support and PRA products. Attackers could run OS commands via crafted requests without authentication. Approximately 11,000 exposed instances were found online. Security patches have been released for all affected versions. Sources: • https://thehackernews.com/2026/02/beyondtrust-patches-pre-auth-rce.html • https://x.com/TheHackersNews/statu... ⚠️ BeyondTrust Critical RCE Flaw Patched ⚠️ BeyondTrust patched a critical pre-authentication remote code execution vulnerability (CVE-2026-1731) in Remote Support and PRA products. Attackers could run OS commands via crafted requests without authentication. Approximately 11,000 exposed instances were found online. Security patches have been released for all affected versions. Sources: • https://thehackernews.com/2026/02/beyondtrust-patches-pre-auth-rce.html • https://x.com/TheHackersNews/statu... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-09_0HMRz_NnEAc.mp4 Mon, 09 Feb 2026 18:46:06 +0000 118 no full BREAKING: 40 Million People Hacked Today - Air France, ManoMano, BridgePay Breaches ✈️ Air France Data Breach Exposes 2M+ Records ✈️ Threat actors claim access to Air France admin panel exposing over 2 million customer purchase records including PII, Flying Blue loyalty data, and booking details. If you've ever flown Air France, your data might be at risk. Sources: • https://darkwebinformer.com/threat-actor-claims-air-france-vulnerability-exposes-2-million-customer-records-via-admin-panel/ • https://www.bleepingcomputer.com/news/security/air-france-and-klm-disclose-data-brea... ✈️ Air France Data Breach Exposes 2M+ Records ✈️ Threat actors claim access to Air France admin panel exposing over 2 million customer purchase records including PII, Flying Blue loyalty data, and booking details. If you've ever flown Air France, your data might be at risk. Sources: • https://darkwebinformer.com/threat-actor-claims-air-france-vulnerability-exposes-2-million-customer-records-via-admin-panel/ • https://www.bleepingcomputer.com/news/security/air-france-and-klm-disclose-data-brea... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-07_OquSQEyMqfM.mp4 Sat, 07 Feb 2026 22:07:24 +0000 172 no full OpenClaw : When AI Gets Hands | The Autonomous Agent Revolution and What It Means for Security #openclaw (formerly Clawdbot/Moltbot) exploded to 160,000 GitHub stars in 6 weeks and represents a fundamental shift in AI: autonomous agents that execute terminal commands, manage emails, and operate 24/7 without human oversight. This isn't a chatbot. It's AI with hands. In this 30-minute talk, I break down the security nightmare keeping CISOs awake: active vulnerabilities (CVE-2026-25253), 1.5 million exposed API keys, malicious marketplace entries, and why traditional IAM can't handle autono... #openclaw (formerly Clawdbot/Moltbot) exploded to 160,000 GitHub stars in 6 weeks and represents a fundamental shift in AI: autonomous agents that execute terminal commands, manage emails, and operate 24/7 without human oversight. This isn't a chatbot. It's AI with hands. In this 30-minute talk, I break down the security nightmare keeping CISOs awake: active vulnerabilities (CVE-2026-25253), 1.5 million exposed API keys, malicious marketplace entries, and why traditional IAM can't handle autono... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-06_cXY33kolToo.mp4 Fri, 06 Feb 2026 04:50:04 +0000 895 no full Notepad++ Hacked + X Raided + AI Malware | Cyber News Feb 3, 2026 ⚠️ Chinese Hackers Hijack Notepad++ Updates for Months ⚠️ Chinese state-sponsored hackers compromised Notepad++ update infrastructure from June through December 2025, delivering malware to select targets via hijacked hosting provider. The attack used Microsoft Warbird obfuscation APIs and went undetected for half a year. Sources: • https://www.bleepingcomputer.com/news/security/notepad-plus-plus-update-feature-hijacked-by-chinese-state-hackers-for-months/ • https://thehackernews.com/2026/01/c... ⚠️ Chinese Hackers Hijack Notepad++ Updates for Months ⚠️ Chinese state-sponsored hackers compromised Notepad++ update infrastructure from June through December 2025, delivering malware to select targets via hijacked hosting provider. The attack used Microsoft Warbird obfuscation APIs and went undetected for half a year. Sources: • https://www.bleepingcomputer.com/news/security/notepad-plus-plus-update-feature-hijacked-by-chinese-state-hackers-for-months/ • https://thehackernews.com/2026/01/c... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-02-03_JArHI512uQs.mp4 Tue, 03 Feb 2026 17:49:42 +0000 100 no full CISA Director Leaks Docs to ChatGPT | Bumble Hack Exposes 30GB | China Hacked Wiretaps for 4 Years 🚨 CISA Director Uploaded Classified Docs to ChatGPT (After Failing Polygraph) 🚨 The acting Director of CISA, America's top cybersecurity agency, uploaded classified government documents to public ChatGPT four times. He specifically requested access even though it's blocked on DHS networks. Oh, and he failed a polygraph test before getting the job. Classic "do as I say, not as I do." Sources: - https://twitter.com/IntCyberDigest/status/2016575284946837691 - https://twitter.com/TheHackersNews/st... 🚨 CISA Director Uploaded Classified Docs to ChatGPT (After Failing Polygraph) 🚨 The acting Director of CISA, America's top cybersecurity agency, uploaded classified government documents to public ChatGPT four times. He specifically requested access even though it's blocked on DHS networks. Oh, and he failed a polygraph test before getting the job. Classic "do as I say, not as I do." Sources: - https://twitter.com/IntCyberDigest/status/2016575284946837691 - https://twitter.com/TheHackersNews/st... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-30_cg-LE4_xUs0.mp4 Fri, 30 Jan 2026 23:14:13 +0000 144 no full WinRAR Exploit Still Active, OpenSSL Critical RCE, SolarWinds Irony | Cybersecurity News 📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨 A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract see... 📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨 A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract see... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-29_wwIhaJ9-19M.mp4 Thu, 29 Jan 2026 17:53:16 +0000 81 no full Dating Apps, DHS Agents, and Chinese APT Breaches Expose Million 💔 10M Dating App Users Exposed in Match Group Breach 💔 ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump ... 💔 10M Dating App Users Exposed in Match Group Breach 💔 ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump ... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-28_Ur_pDQx50oU.mp4 Wed, 28 Jan 2026 19:02:21 +0000 95 no full 🔐 Clawdbot/Moltbot Servers Exposed Online, Russia Attacks Poland's Grid, 149M Passwords Leaked 🚨 🤖 Hundreds of Clawdbot Servers Exposed with API Keys & Private Chats 🔓 Security researchers have discovered hundreds of publicly exposed Clawdbot control servers containing API keys, private messages, and OAuth credentials. The viral AI assistant, which went mainstream over the weekend, has critical authentication vulnerabilities allowing unauthorized access to users' complete chat histories, financial accounts, and system commands. Misconfigured servers could enable credential theft and remote... 🤖 Hundreds of Clawdbot Servers Exposed with API Keys & Private Chats 🔓 Security researchers have discovered hundreds of publicly exposed Clawdbot control servers containing API keys, private messages, and OAuth credentials. The viral AI assistant, which went mainstream over the weekend, has critical authentication vulnerabilities allowing unauthorized access to users' complete chat histories, financial accounts, and system commands. Misconfigured servers could enable credential theft and remote... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-27_Mu2xvA-Puwo.mp4 Tue, 27 Jan 2026 19:43:06 +0000 136 no full 🔥 Fortinet Firewall Under Attack, UK Bans VPNs for Kids, Nike Data Breach! 🚨 🇬🇧 UK Lords Vote to Ban VPNs for Kids 🇬🇧 The UK House of Lords voted 207 to 159 to ban VPNs for anyone under 18, claiming it will prevent children from bypassing age verification on social media and adult content. The amendment would require VPN providers to implement age verification, likely through government IDs or facial scans. Privacy advocates are calling it surveillance infrastructure disguised as child protection, and the measure now heads to the House of Commons. - https://hansard.par... 🇬🇧 UK Lords Vote to Ban VPNs for Kids 🇬🇧 The UK House of Lords voted 207 to 159 to ban VPNs for anyone under 18, claiming it will prevent children from bypassing age verification on social media and adult content. The amendment would require VPN providers to implement age verification, likely through government IDs or facial scans. Privacy advocates are calling it surveillance infrastructure disguised as child protection, and the measure now heads to the House of Commons. - https://hansard.par... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-26_c0_6aznC44o.mp4 Mon, 26 Jan 2026 19:12:51 +0000 94 no full 300TB Spotify Lawsuit, Okta Vishing Attack & 28M SoundCloud Breach 🎵⚖️ Spotify Pulled Off a SECRET LAWSUIT to Stop Pirates Who Stole 300TB of Music 🎵⚖️ Shadow library Anna's Archive, which scraped nearly 300 terabytes of Spotify's music catalog in December 2025, lost its primary .org domain after Spotify and major record labels filed a sealed lawsuit and secured a court order before the site even knew it was being sued. A federal judge granted a preliminary injunction on January 16, 2026, ordering domain registries and internet infrastructure providers worldwi... 🎵⚖️ Spotify Pulled Off a SECRET LAWSUIT to Stop Pirates Who Stole 300TB of Music 🎵⚖️ Shadow library Anna's Archive, which scraped nearly 300 terabytes of Spotify's music catalog in December 2025, lost its primary .org domain after Spotify and major record labels filed a sealed lawsuit and secured a court order before the site even knew it was being sued. A federal judge granted a preliminary injunction on January 16, 2026, ordering domain registries and internet infrastructure providers worldwi... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-23_eochC-TVlHc.mp4 Fri, 23 Jan 2026 22:05:10 +0000 88 no full Nvidia Gets Caught Pirating AI Training Data | ATM Hackers Busted | Ransomware OPSEC Fail 🤖 NVIDIA & Meta Caught Pirating 500TB to Train AI Models 🏴‍☠️ Billion-dollar tech companies got caught red-handed downloading hundreds of terabytes of pirated books to train their AI. NVIDIA literally asked a piracy site for 500TB of stolen content, got WARNED it was illegal, and said "send it anyway." Meanwhile Zuckerberg's playing dumb even though internal messages show he approved it…classic corporate villain energy. Sources: - https://torrentfreak.com/nvidia-contacted-annas-archive-to-sec... 🤖 NVIDIA & Meta Caught Pirating 500TB to Train AI Models 🏴‍☠️ Billion-dollar tech companies got caught red-handed downloading hundreds of terabytes of pirated books to train their AI. NVIDIA literally asked a piracy site for 500TB of stolen content, got WARNED it was illegal, and said "send it anyway." Meanwhile Zuckerberg's playing dumb even though internal messages show he approved it…classic corporate villain energy. Sources: - https://torrentfreak.com/nvidia-contacted-annas-archive-to-sec... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-22_n-kdDIe1TgE.mp4 Thu, 22 Jan 2026 18:50:22 +0000 88 no full YouTube: 🚨 LastPass Phishing, Tesla HACKED Live, & Security Vendors Epic FAIL | Cybersecurity News 🚨 LastPass Phishing Alert: Fake Backup Emails Target Your Master Password 🔐 LastPass users are being targeted by a phishing campaign that started January 19th, with fake emails claiming urgent maintenance requires vault backups within 24 hours. The emails redirect victims to malicious sites attempting to steal master passwords. The campaign was deliberately launched during the MLK holiday weekend when security teams are understaffed. - https://www.securityweek.com/lastpass-users-targeted-with-... 🚨 LastPass Phishing Alert: Fake Backup Emails Target Your Master Password 🔐 LastPass users are being targeted by a phishing campaign that started January 19th, with fake emails claiming urgent maintenance requires vault backups within 24 hours. The emails redirect victims to malicious sites attempting to steal master passwords. The campaign was deliberately launched during the MLK holiday weekend when security teams are understaffed. - https://www.securityweek.com/lastpass-users-targeted-with-... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-21_zbIMM6_MJlw.mp4 Wed, 21 Jan 2026 21:31:00 +0000 130 no full ESA Hacked Again, Iran State TV Hijacked, Black Basta Ransomware Boss Exposed 🚨 ESA Breached Twice in 2 Weeks: Space Mission Data Stolen 🚀 - https://cisoseries.com/cybersecurity-news-esa-confirms-new-data-heist-ni8mare-lets-hackers-hijack-n8n-servers-taiwan-blames-cyber-army-for-intrusion-attempts/ - https://www.theregister.com/2026/01/07/european_space_agency_breach_criminal_probe/ - https://www.space.com/space-exploration/esa-email-credentials-on-dark-web - https://www.securityweek.com/european-space-agency-confirms-breach-after-hacker-offers-to-sell-data - https://www.... 🚨 ESA Breached Twice in 2 Weeks: Space Mission Data Stolen 🚀 - https://cisoseries.com/cybersecurity-news-esa-confirms-new-data-heist-ni8mare-lets-hackers-hijack-n8n-servers-taiwan-blames-cyber-army-for-intrusion-attempts/ - https://www.theregister.com/2026/01/07/european_space_agency_breach_criminal_probe/ - https://www.space.com/space-exploration/esa-email-credentials-on-dark-web - https://www.securityweek.com/european-space-agency-confirms-breach-after-hacker-offers-to-sell-data - https://www.... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-19_eUruYFww0k8.mp4 Mon, 19 Jan 2026 22:44:10 +0000 77 no full StealC Malware Exposed | Toyota Remotely Disables Car Heaters in Germany | Grubhub Hacked 🚨 CyberArk Labs Hacks the Hackers with XSS on StealC Credential Stealing Malware. 🚨 • https://www.cyberark.com/resources/threat-research-blog/uno-reverse-card-stealing-cookies-from-cookie-stealers • https://www.bleepingcomputer.com/news/security/stealc-hackers-hacked-as-researchers-hijack-malware-control-panels/ • https://www.bleepingcomputer.com/news/security/stealc-hackers-hacked-as-researchers-hijack-malware-control-panels/ • https://bazaar.abuse.ch/browse/tag/Stealc-v2/ • https://www.zscale... 🚨 CyberArk Labs Hacks the Hackers with XSS on StealC Credential Stealing Malware. 🚨 • https://www.cyberark.com/resources/threat-research-blog/uno-reverse-card-stealing-cookies-from-cookie-stealers • https://www.bleepingcomputer.com/news/security/stealc-hackers-hacked-as-researchers-hijack-malware-control-panels/ • https://www.bleepingcomputer.com/news/security/stealc-hackers-hacked-as-researchers-hijack-malware-control-panels/ • https://bazaar.abuse.ch/browse/tag/Stealc-v2/ • https://www.zscale... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-16_VvQi5xTN_eM.mp4 Fri, 16 Jan 2026 22:14:55 +0000 75 no full China Bans US Cybersecurity Software, Verizon's Huge Outage & Microsoft Takes Out $40M Fraud Network 🇨🇳🛡️ China orders firms to drop US and Israeli cybersecurity software, major vendors hit 🛡️🇨🇳 China has told domestic companies to stop using cybersecurity products from a list of US and Israeli firms, citing national security concerns. The move could force rapid tool replacements inside networks where security platforms have deep visibility into traffic and identity. • https://www.reuters.com/world/china/beijing-tells-chinese-firms-stop-using-us-israeli-cybersecurity-software-sources-2026-01-1... 🇨🇳🛡️ China orders firms to drop US and Israeli cybersecurity software, major vendors hit 🛡️🇨🇳 China has told domestic companies to stop using cybersecurity products from a list of US and Israeli firms, citing national security concerns. The move could force rapid tool replacements inside networks where security platforms have deep visibility into traffic and identity. • https://www.reuters.com/world/china/beijing-tells-chinese-firms-stop-using-us-israeli-cybersecurity-software-sources-2026-01-1... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-15_b4ktiEMQVfg.mp4 Thu, 15 Jan 2026 22:19:58 +0000 93 no full ConsentFix OAuth Attack Exploited by APT29 | Magecart Returns | ServiceNow BodySnatcher Vuln Patched 🚨 BREAKING: Russian Hackers Use Simple Copy-Paste Trick to Steal Your Entire Microsoft Account 🚨 A sophisticated phishing attack called ConsentFix exploits OAuth vulnerabilities by tricking users into copying and pasting a malicious URL that contains their Microsoft authorization code. Attackers exchange this code for access tokens, gaining full account access without passwords or MFA, and the technique is already being used by APT29 (Cozy Bear) and other threat actors. - https://www.hendryadr... 🚨 BREAKING: Russian Hackers Use Simple Copy-Paste Trick to Steal Your Entire Microsoft Account 🚨 A sophisticated phishing attack called ConsentFix exploits OAuth vulnerabilities by tricking users into copying and pasting a malicious URL that contains their Microsoft authorization code. Attackers exchange this code for access tokens, gaining full account access without passwords or MFA, and the technique is already being used by APT29 (Cozy Bear) and other threat actors. - https://www.hendryadr... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-14_peJgYBkDU1M.mp4 Wed, 14 Jan 2026 21:05:37 +0000 58 no full Apex Legends Hacked LIVE, BreachForums Exposed, Apple Partners with Google for AI Apex Legends match hack: During a live Apex Legends Global Series tournament, someone pushed cheats onto pro players mid match. Players suddenly had aimbot and wallhacks they never installed. The attacker appeared to hijack controls in real time, which points to a serious security hole in the game or its tournament environment. BreachForums data breach: BreachForums got breached. Data tied to about 324,000 users leaked, including details that can expose admin identities. It is a reminder that c... Apex Legends match hack: During a live Apex Legends Global Series tournament, someone pushed cheats onto pro players mid match. Players suddenly had aimbot and wallhacks they never installed. The attacker appeared to hijack controls in real time, which points to a serious security hole in the game or its tournament environment. BreachForums data breach: BreachForums got breached. Data tied to about 324,000 users leaked, including details that can expose admin identities. It is a reminder that c... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-13_0DQN54Z5Pa0.mp4 Tue, 13 Jan 2026 21:41:38 +0000 87 no full T-Mobile’s Latest Breach, Bank Hack Infrastructure Seized, University of Hawaii Pays Ransom T-Mobile Hacked - https://topclassactions.com/lawsuit-settlements/t-mobile-data-breach-2026 - https://www.cisa.gov/news-events/t-mobile-breach-2026 - https://www.bloomberg.com/news/articles/2026-01-11/t-mobile-breach - https://www.bleepingcomputer.com/news/security/t-mobile-breach-2026/ Bank Infra Takedown - https://www.securityweek.com/feds-seize-password-database-used-in-massive-bank-account-takeover-scheme/ - https://www.justice.gov/opa/pr/justice-department-announces-seizure-stolen-passwor... T-Mobile Hacked - https://topclassactions.com/lawsuit-settlements/t-mobile-data-breach-2026 - https://www.cisa.gov/news-events/t-mobile-breach-2026 - https://www.bloomberg.com/news/articles/2026-01-11/t-mobile-breach - https://www.bleepingcomputer.com/news/security/t-mobile-breach-2026/ Bank Infra Takedown - https://www.securityweek.com/feds-seize-password-database-used-in-massive-bank-account-takeover-scheme/ - https://www.justice.gov/opa/pr/justice-department-announces-seizure-stolen-passwor... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-13_tBrksG4ILUg.mp4 Tue, 13 Jan 2026 15:45:08 +0000 81 no full 🚨 Instagram Data Leak, Iran Blocks Starlink, & Black Axe Cult Busted First up: Instagram is dealing with a massive data leak affecting 17.5 million users. If you've been getting random password reset emails, you're not alone. I'll break down what happened, what data was exposed, and the critical steps you need to take right now to protect your account. Next: Iran's nationwide protests have sparked an unprecedented internet blackout, with the government deploying military-grade jamming technology to disrupt Starlink satellite services. Iexplore how this sophistic... First up: Instagram is dealing with a massive data leak affecting 17.5 million users. If you've been getting random password reset emails, you're not alone. I'll break down what happened, what data was exposed, and the critical steps you need to take right now to protect your account. Next: Iran's nationwide protests have sparked an unprecedented internet blackout, with the government deploying military-grade jamming technology to disrupt Starlink satellite services. Iexplore how this sophistic... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-12_csM19TuigE0.mp4 Mon, 12 Jan 2026 06:00:29 +0000 99 no full 😱 Stolen Nudes, Bank Scams & Hijacked Wheelchairs Exposed! 😱 Illinois man charged with hacking Snapchat accounts to steal nude photos - https://www.bleepingcomputer.com/news/security/illinois-man-charged-with-hacking-snapchat-accounts-to-steal-nude-photos/ - https://storage.courtlistener.com/recap/gov.uscourts.mad.293918/gov.uscourts.mad.293918.1.0.pdf - https://www.justice.gov/usao-ma/pr/former-college-track-and-field-coach-sentenced-five-years-prison-sextortion Banks Report Explosion in Apple Pay/Google Pay "Panic" Scams - https://dailyhodl.com/2026/01... Illinois man charged with hacking Snapchat accounts to steal nude photos - https://www.bleepingcomputer.com/news/security/illinois-man-charged-with-hacking-snapchat-accounts-to-steal-nude-photos/ - https://storage.courtlistener.com/recap/gov.uscourts.mad.293918/gov.uscourts.mad.293918.1.0.pdf - https://www.justice.gov/usao-ma/pr/former-college-track-and-field-coach-sentenced-five-years-prison-sextortion Banks Report Explosion in Apple Pay/Google Pay "Panic" Scams - https://dailyhodl.com/2026/01... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-10_vDrkDhLwaGo.mp4 Sat, 10 Jan 2026 15:01:55 +0000 84 no full Android Dolby Hack Exposed! + Black Cat Ransomware SEO Scam + 5.8M SSNs Stolen from Car Buyers 📱 Critical Android Dolby Flaw Can Hijack Your Phone 📱 - https://www.securityweek.com/critical-dolby-vulnerability-patched-in-android/ - https://source.android.com/docs/security/bulletin/2026/2026-01-01 - https://social.cyware.com/cyber-security-news-articles 🐱Black Cat Ransomware SEO Poisoning Campaign🐱 - https://thehackernews.com/2026/01/black-cat-behind-seo-poisoning-malware.html - https://www.securityweek.com/black-cat-group-using-seo-poisoning-to-deliver-malware/ 🚗5.8 Million SSNs Stolen i... 📱 Critical Android Dolby Flaw Can Hijack Your Phone 📱 - https://www.securityweek.com/critical-dolby-vulnerability-patched-in-android/ - https://source.android.com/docs/security/bulletin/2026/2026-01-01 - https://social.cyware.com/cyber-security-news-articles 🐱Black Cat Ransomware SEO Poisoning Campaign🐱 - https://thehackernews.com/2026/01/black-cat-behind-seo-poisoning-malware.html - https://www.securityweek.com/black-cat-group-using-seo-poisoning-to-deliver-malware/ 🚗5.8 Million SSNs Stolen i... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-09_pY10qoKmA_8.mp4 Fri, 09 Jan 2026 14:01:35 +0000 76 no full Pink Power Ranger Hacks Nazi Sites + OpenAI Warns Injection “Unsolvable” + ShinySp1d3r RaaS Emerges Martha Root dressed as Pink Power Ranger takes down white supremacist dating website live on stage. - https://x.com/IntCyberDigest/status/2007183888377118750 - https://en.rattibha.com/thread/2007183888377118750 - https://media.ccc.de/v/39c3-the-heartbreak-machine-nazis-in-the-echo-chamber - https://techcrunch.com/2026/01/05/hacktivist-deletes-white-supremacist-websites-live-on-stage-during-hacker-conference/ - https://gizmodo.com/hacker-dressed-as-the-pink-ranger-takes-down-white-supremacist-we... Martha Root dressed as Pink Power Ranger takes down white supremacist dating website live on stage. - https://x.com/IntCyberDigest/status/2007183888377118750 - https://en.rattibha.com/thread/2007183888377118750 - https://media.ccc.de/v/39c3-the-heartbreak-machine-nazis-in-the-echo-chamber - https://techcrunch.com/2026/01/05/hacktivist-deletes-white-supremacist-websites-live-on-stage-during-hacker-conference/ - https://gizmodo.com/hacker-dressed-as-the-pink-ranger-takes-down-white-supremacist-we... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-07_XPZqzIYntJc.mp4 Wed, 07 Jan 2026 14:15:10 +0000 141 no full VVS Stealer Targets Discord Gamers + AI Honeypot Traps “Scattered Lapsus” + Venezuela Cyber Blackout 1. VVS Stealer Targeting Discord - https://unit42.paloaltonetworks.com/vvs-stealer/ - https://thehackernews.com/2026/01/new-vvs-stealer-malware-targets-discord.html - https://www.scworld.com/news/pyarmor-obfuscated-vvs-stealer-targets-discord-browser-data = https://www.infosecurity-magazine.com/news/vvs-stealer-advanced-obfuscation/ - https://socprime.com/active-threats/vvs-stealer-malware-targets-discord-accounts/ - https://cybersecuritynews.com/vvs-stealer-uses-pyarmor-obfuscation-to-evade-sta... 1. VVS Stealer Targeting Discord - https://unit42.paloaltonetworks.com/vvs-stealer/ - https://thehackernews.com/2026/01/new-vvs-stealer-malware-targets-discord.html - https://www.scworld.com/news/pyarmor-obfuscated-vvs-stealer-targets-discord-browser-data = https://www.infosecurity-magazine.com/news/vvs-stealer-advanced-obfuscation/ - https://socprime.com/active-threats/vvs-stealer-malware-targets-discord-accounts/ - https://cybersecuritynews.com/vvs-stealer-uses-pyarmor-obfuscation-to-evade-sta... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-06_YJSsNxP_qZ4.mp4 Tue, 06 Jan 2026 14:01:06 +0000 72 no full 01/03/2026 - X’s AI Crackdown + Apple Supply Chain Attack + “Pig Butchering” Scam Playbook Exposed India/X (Grok) • https://m.economictimes.com/tech/technology/meity-issues-notice-to-x-over-misuse-of-grok-to-create-obscene-content/articleshow/126308251.cms?from=mdr • https://m.economictimes.com/news/india/meity-issues-formal-notice-to-x-over-groks-it-act-lapses/articleshow/126307971.cms • https://www.ndtv.com/india-news/it-ministry-issues-notice-to-x-formerly-twitter-over-obscene-indecent-and-sexually-explicit-content-on-grok-10203213 • https://www.reuters.com/legal/litigation/grok-says-s... India/X (Grok) • https://m.economictimes.com/tech/technology/meity-issues-notice-to-x-over-misuse-of-grok-to-create-obscene-content/articleshow/126308251.cms?from=mdr • https://m.economictimes.com/news/india/meity-issues-formal-notice-to-x-over-groks-it-act-lapses/articleshow/126307971.cms • https://www.ndtv.com/india-news/it-ministry-issues-notice-to-x-formerly-twitter-over-obscene-indecent-and-sexually-explicit-content-on-grok-10203213 • https://www.reuters.com/legal/litigation/grok-says-s... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-03_TjRnI14mTq8.mp4 Sat, 03 Jan 2026 19:14:03 +0000 69 no full Jan 2, 2026 - Reddit Bans ChatGPT Jailbreaks, Zoom Meetings Spied On, ESA Hacke Reddit permanently banned a 229,000-member ChatGPT jailbreak community after AI prompt injection attacks interfered with its automated systems. Meanwhile, a China-linked threat actor spied on over 2.2 million Zoom and Microsoft Teams meetings using malicious browser extensions. To top it off, the European Space Agency confirmed a breach exposing 200GB of source code and infrastructure secrets. Cybersecurity is escalating fast — here’s what actually matters. 📱 Reddit Bans ChatGPT Jailbreak Comm... Reddit permanently banned a 229,000-member ChatGPT jailbreak community after AI prompt injection attacks interfered with its automated systems. Meanwhile, a China-linked threat actor spied on over 2.2 million Zoom and Microsoft Teams meetings using malicious browser extensions. To top it off, the European Space Agency confirmed a breach exposing 200GB of source code and infrastructure secrets. Cybersecurity is escalating fast — here’s what actually matters. 📱 Reddit Bans ChatGPT Jailbreak Comm... https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-02_kVNbI65yLrc.mp4 Fri, 02 Jan 2026 21:30:29 +0000 105 no full 🍯 Honey Browser Extension Under Fire: PayPal-Owned Tool Accused of Scamming 🍯 • https://www.theverge.com/24343913/paypal-honey-megalag-coupon-scam-affiliate-fees • https://www.theverge.com/news/848870/honey-paypal-megalag-part-two • https://fortune.com/2024/12/23/honey-extension-scam-drama/ • https://www.newsweek.com/honey-coupon-browser-extension-mrbeast-youtube-influencer-2007484 • https://ppc.land/honey-co-founder-ryan-hudson-defends-extension-amid-fraud-detection-allegations/ • https://www.theverge.com/24343913/paypal-honey-megalag-coupon-scam-affiliate-fees • https://www.theverge.com/news/848870/honey-paypal-megalag-part-two • https://fortune.com/2024/12/23/honey-extension-scam-drama/ • https://www.newsweek.com/honey-coupon-browser-extension-mrbeast-youtube-influencer-2007484 • https://ppc.land/honey-co-founder-ryan-hudson-defends-extension-amid-fraud-detection-allegations/ https://pub-a686e1e4dc964163b819f274227e1622.r2.dev/podcast/episodes/2026-01-01_c818QklKMks.mp4 Thu, 01 Jan 2026 19:39:00 +0000 156 no full