Afleveringen

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: AI Export Controls, Defender Zero-Day & APT28 Attacks - 2026-06-19

    Episode Number: 3x53

    Overview

    Weekly roundup of the most critical cybersecurity developments from 2026-06-14 to 2026-06-18. The White House forces Anthropic to restrict AI model access, Microsoft's own Defender gets a zero-day, Russian hackers exploit Office within hours of disclosure, Splunk Enterprise falls to unauthenticated RCE, and Kodak gets hit by ShinyHunters. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.

    Guest Information

    None this episode

    Topics Covered

    * AI export controls and government intervention in AI safety

    * Microsoft Defender RoguePlanet zero-day privilege escalation

    * APT28 rapid weaponization of Office zero-day against Ukraine/EU

    * Splunk Enterprise unauthenticated RCE zero-day (CVE-2026-20253)

    * ShinyHunters extortion campaign targeting Oracle PeopleSoft users

    Top Stories

    1. The Korean Telecom Giant at the Center of Anthropic's Mythos Controversy - https://www.wired.com/story/sk-telecom-anthropic-mythos-export-controls/

    2. Microsoft Defender Zero-Day 'RoguePlanet' - CVE-2026-50656 - https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html

    3. Russian APT28 Exploits Microsoft Office Zero-Day Hours After Disclosure - CVE-2026-21509 - https://thecyberexpress.com/russian-apt28-exploit-zero-day-cve-2026-21509/

    4. Splunk Enterprise Zero-Day — CVE-2026-20253 — https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/

    5. Kodak Confirms Data Breach as ShinyHunters Threatens 2.2M Record Leak - https://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadline

    Resources & Links

    * CISA Known Exploited Vulnerabilities Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

    * CERT-UA Advisory on CVE-2026-21509: https://cert.gov.ua/

    * Microsoft Security Response Center: https://msrc.microsoft.com/

    * Splunk Security Advisory CVE-2026-20253: https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: ShinyHunters Just Hit 100+ Companies — And Microsoft Dropped 200 Patches in One Day

    Episode Number: 352

    Overview

    Weekly roundup of the most critical cybersecurity developments from 2026-06-07 to 2026-06-11. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.

    Guest Information

    None this episode

    Topics Covered

    * Oracle PeopleSoft zero-day exploited by ShinyHunters across 100+ organizations

    * University of Nottingham breach — 40GB of student data leaked

    * Maine breach portal weaponized for fake disclosure misinformation

    * CISA KEV listing: actively exploited Magento RCE (CVE-2026-45247)

    * Microsoft record Patch Tuesday: 200 vulnerabilities, 6 zero-days, BitLocker bypasses

    Top Stories

    1. Oracle warns of security bug that hackers abused to breach 100+ companies | TechCrunch - https://techcrunch.com/2026/06/11/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies/

    Additional Cybersecurity News – Titles and URLs

    2. Maine breach portal abused to publish fake data breach disclosures - https://www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/

    3. ShinyHunters Leak 40GB of University of Nottingham Student Data - https://hackread.com/shinyhunters-university-of-nottingham-student-data-leak/

    4. CISA Lists Actively Exploited Magento RCE — CVE-2026-45247 - https://cipherssecurity.com/cve-2026-45247-magento-mirasvit-rce-cisa-kev/

    5. Microsoft June Patch Tuesday fixes 6 zero-days and 200 flaws — a record-breaking month - https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-3-zero-day-200-flaws/

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Zijn er afleveringen die ontbreken?

    Klik hier om de feed te vernieuwen.

  • Hosts

    * Professor CyberRisk

    *Cyber Cowboy

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    ---

    ## EPISODE TITLE

    FBI FLASH Alert: Ransomware Gang Sending Fake IT Workers Into Law Firms

    Episode Number: 351

    ---

    ## EPISODE DESCRIPTION

    The Silent Ransom Group just crossed from cyber into the physical world — and the FBI's highest-urgency FLASH alert is their warning. Russia-linked extortion operatives are walking into law firm offices disguised as IT support, plugging in USB drives, and stealing data when remote social engineering fails. We break down the full attack chain, the 100+ firms hit so far, and why Jones Day (yes, Trump's lawyers) is on their leak site.

    Plus this week: A Cisco SD-WAN zero-day with NO PATCH that gives attackers root across your entire network fabric. An AI-discovered "HTTP/2 Bomb" that can take down any major web server in seconds — found by OpenAI's own Codex. Google and YouTube ads silently delivering a macOS backdoor that passed Apple notarization. And how Grafana Labs got hit by the same npm supply chain attack that compromised OpenAI and Mistral.

    Links to all stories below. Subscribe for weekly threat intelligence breakdowns.

    ----

    ## STORY LINKS

    **Silent Ransom Group FBI Alert:** https://techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/

    **Cisco SD-WAN 0-Day (CVE-2026-20245):** https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/

    **HTTP/2 Bomb (CVE-2026-49975):** https://cybersecuritynews.com/http-2-bomb-remote-dos-exploit/

    **Operation FlutterBridge:** https://unit42.paloaltonetworks.com/flutterbridge-new-fluttershell-backdoor/

    **Grafana Labs Supply Chain Breach:** https://thehackernews.com/2026/05/grafana-github-breach-exposes-source.html

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: AI Is Now the Weapon — GreyVibe, BTMOB, and the New Attack Pipeline

    Episode Number: 350

    Overview

    This week: A Russian-linked threat group called GreyVibe is weaponizing ChatGPT, Google Gemini, and Ideogram AI to run sophisticated cyberespionage campaigns against Ukrainian targets across military, government, and civilian sectors. ESET documents BTMOB, an Android RAT sold as malware-as-a-service with a point-and-click builder for generating custom phishing payloads. Perplexity launches Bumblebee, an open-source developer supply chain scanner. And we look at how social engineering on gaming platforms like Roblox is leading to malware infections and extortion attempts targeting younger demographics.

    Guest Information

    None this episode

    Topics Covered

    * GreyVibe threat group uses AI tools (ChatGPT, Gemini, Ideogram) for cyberespionage against Ukrainian targets

    * BTMOB Android RAT-as-a-service with graphical APK builder for custom phishing payloads

    * Perplexity launches Bumblebee open-source developer supply chain scanner

    * Roblox social engineering campaign leads to malware infection and cookie-logging extortion

    Top Stories

    1. GreyVibe hackers use ChatGPT, Gemini to power cyberattacks - https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/

    Additional Cybersecurity News - Titles and URLs

    2. BTMOB Android malware service generates custom phishing payloads - https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/

    3. Perplexity launches Bumblebee: open-source read-only dev supply chain scanner - https://www.zdnet.com/article/perplexity-launches-bumblebee-how-its-new-read-only-dev-scanner-differs-from-chainguard/

    4. Roblox social engineering leads to malware infection and extortion - https://www.bleepingcomputer.com/forums/t/816420/malware-extortion-and-cookie-logging/

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Netherlands Seizes 800 Servers in Pro-Russian Cyber Takedown + Microsoft Defender Zero-Days

    Episode Number: 349

    Overview

    This week: Dutch authorities dismantle a massive bulletproof hosting operation linked to pro-Russian cyberattacks, seizing 800 servers and arresting two suspects. Microsoft confirms two actively exploited zero-days in Windows Defender and rushes emergency mitigation for a BitLocker bypass vulnerability. A solo researcher's six-week campaign of retaliatory zero-days against Microsoft is now being weaponized by ransomware groups. And Foxconn confirms a Nitrogen ransomware attack stole 8TB of data including network topology maps for Intel, Google, and other major tech firms.

    Guest Information

    None this episode

    Topics Covered

    * Netherlands seizes 800 servers of hosting firm enabling pro-Russian cyberattacks

    * Two actively exploited Microsoft Defender zero-days (CVE-2026-41091, CVE-2026-45498)

    * YellowKey BitLocker bypass zero-day - emergency manual mitigation required

    * Nightmare-Eclipse: six zero-days targeting Windows core security stack

    * Foxconn Nitrogen ransomware attack - 8TB stolen, supply chain implications

    Top Stories

    1. Netherlands Seizes 800 Servers, Arrests Two in Major Takedown of Pro-Russian Cyberattack Hosting Infrastructure - https://www.bleepingcomputer.com/news/security/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/

    Additional Cybersecurity News - Titles and URLs

    2. Microsoft Warns of Two Actively Exploited Defender Zero-Days - Patches Rolling Out - https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/

    3. Microsoft Rushes Emergency Mitigation for YellowKey - BitLocker Bypass Zero-Day - https://cybersecuritynews.com/windows-bitlocker-yellowkey-mitigation/

    4. Nightmare-Eclipse - Six Zero-Days, Six Weeks, One Big Grudge - https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge

    5. Foxconn Confirms Nitrogen Ransomware Attack - 8TB Stolen Including Network Topology Maps - https://cybersecuritynews.com/foxconn-confirms-cyberattack/

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Breached, Stolen, Encrypted This Week's Cyber Threat Trifecta

    Episode Number: 349

    Overview

    Weekly roundup of the most critical cybersecurity developments from 2026-05-10 to 2026-05-14. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.

    Guest Information

    None this episode

    Topics Covered

    * Main threat analysis and implications

    * Emerging AI security challenges

    * Vulnerability disclosures and patches

    * Threat landscape updates

    Top Stories

    1. Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/

    Additional Cybersecurity News – Titles and URLs

    2. TeamPCP hackers advertise Mistral AI code repos for sale - https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/

    3. Red Hat outlines sovereign AI strategy amid growing regulation and control concerns - https://siliconangle.com/2026/05/14/red-hat-outlines-sovereign-ai-strategy-amid-growing-regulation-control-concerns/

    4. .VER_TU-[random string] has encrypted my files (Mimic/Pay2Key) - https://www.bleepingcomputer.com/forums/t/816096/ver-tu-random-string-has-encrypted-my-files-mimicpay2key/

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: 9,000 Schools Hacked, AI Used as Malware Bait, and the IMF Sounds the Alarm

    Episode Number: TBD

    Air Date: 2026-05-08

    Overview

    It was a rough week for education, AI trust, and global finance. Join Professor CyberRisk

    and Cyber Cowboy Live as they break down the biggest cybersecurity stories from

    2026-05-03 to 2026-05-07 — including a massive Canvas LMS breach affecting 275 million

    users, attackers using fake AI sites to spread new malware, and the IMF warning that

    advanced AI could trigger a systemic shock to global financial markets.

    Guest Information

    None this episode

    Top Stories

    1. Duke among 9,000 schools affected by Canvas cyberattack - The Duke Chronicle

    The threat group ShinyHunters breached Instructure's Canvas LMS, defacing login pages

    and exfiltrating over 3.65 TB of data across nearly 9,000 institutions worldwide —

    affecting an estimated 275 million users.

    https://slashdot.org/firehose.pl?op=view&id=183156890

    2. Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware

    Attackers built a convincing fake site for a popular AI tool, using SEO poisoning and

    malvertising to deliver a new backdoor called Beagle via DLL sideloading.

    https://hackread.com/hackers-fake-claude-ai-site-infect-beagle-malware/

    3. Akamai shares surge 26% on $1.8B AI infrastructure deal as Q1 results meet estimates

    Akamai is doubling down on AI-powered security with a major acquisition, signaling

    where the industry is heading.

    https://siliconangle.com/2026/05/07/akamai-shares-surge-26-1-8b-ai-infrastructure-deal-q1-results-meet-estimates/

    4. IMF Warns New AI Models Risk 'Systemic' Shock To Finance

    The IMF is raising red flags about AI-powered cyberattacks targeting the highly

    interconnected global financial system — and the potential for cascading consequences.

    https://news.slashdot.org/story/26/05/07/200212/imf-warns-new-ai-models-risk-systemic-shock-to-finance

    Topics Covered

    * Canvas LMS breach: scope, impact, and what schools should do now

    * How attackers are weaponizing AI brand trust to spread malware

    * Akamai's AI security acquisition and what it signals for the industry

    * IMF's warning on AI-driven systemic risk to global finance

    Resources & Links

    None this episode

    Call to Action

    * Subscribe to stay ahead of the latest cybersecurity threats every week

    * Leave a review and let us know what stories you want covered

    * Join the conversation in our Discord community — links below

    Sponsors

    No sponsors this episode

    Connect With Us

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence – Spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Kernel Exploits, Compromised Repos, and a Global Fraud Bust

    Episode Number: 3x47

    Overview

    Weekly roundup of the most critical cybersecurity developments from 2026-04-26 to 2026-04-30. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most for your security operations.

    Guest Information

    None this episode

    Topics Covered

    * Critical Linux kernel privilege escalation vulnerability "Copy Fail" threatening major distributions

    * Apple patches iOS flaw that allowed FBI access to deleted Signal messages

    * cPanel authentication bypass CVE-2026-41940 actively exploited across 1.5M+ exposed instances

    * PyTorch Lightning PyPI supply chain attack harvesting developer credentials and crypto wallets

    * FBI-led global operation busts 276 in crypto pig-butchering crackdown across 9 scam centers

    Top Story

    1. As the Most Severe Linux Threat in Years Surfaces, the World Scrambles – Ars Technica

    https://slashdot.org/firehose.pl?op=view&id=183083220

    Additional Cybersecurity News – Titles and URLs

    2. Apple Plugs Security Hole That Enabled FBI to Access Deleted Signal Messages on iPhone

    https://www.cnet.com/tech/mobile/apple-plugs-iphone-hole-that-enabled-fbi-to-access-deleted-signal-messages/

    3. Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

    https://thehackernews.com/2026/04/critical-cpanel-authentication.html

    4. PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

    https://thehackernews.com/2026/04/pytorch-lightning-compromised-in-pypi.html

    5. Coordinated Takedown of Scam Centers Leads to at Least 276 Arrests – DOJ

    https://www.justice.gov/opa/pr/coordinated-takedown-scam-centers-leads-least-276-arrests-alleged-managers-and-recruiters

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on the cybersecurity threats that matter most.

    * Leave a Review: Let us know what you think of the show.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Quantum Ransomware Is Here. You're Not Ready

    Episode Number: 3x46

    Overview

    Weekly roundup of the most critical cybersecurity developments from 2026-04-19 to 2026-04-23. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.

    Guest Information

    None this episode

    Topics Covered

    * Main threat analysis and implications

    * Emerging AI security challenges

    * Vulnerability disclosures and patches

    * Threat landscape updates

    Top Stories

    1. Hackers exploit file upload bug in Breeze Cache WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/

    Additional Cybersecurity News – Titles and URLs

    2. Cyera acquires Ryft to give enterprises traceable data access for AI agents - https://siliconangle.com/2026/04/23/cyera-acquires-ryft-give-enterprises-traceable-data-access-ai-agents/

    3. Bitwarden CLI is the next compromise in supply chain campaign - https://slashdot.org/submission/17346688/bitwarden-cli-is-the-next-compromise-in-supply-chain-campaign

    4. In a first, a ransomware family is confirmed to be quantum-safe - https://slashdot.org/firehose.pl?op=view&id=181960188

    5. Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet - https://www.wired.com/story/fast16-malware-stuxnet-precursor-iran-nuclear-attack/

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    ‱ Professor CyberRisk

    ‱ Cyber Cowboy

    ---

    Live Cyber Maps

    Bitdefender Threat Map — https://threatmap.bitdefender.com/

    Checkpoint Threat Map — https://threatmap.checkpoint.com/

    Kaspersky Cyber Threat Map — https://cybermap.kaspersky.com/

    Talos Intelligence (EBC Spam Map) — https://talosintelligence.com/ebc_spam

    ---

    Episode Information

    Title: NIST Pulls Back: CVE Enrichment Limits Shake the Industry

    Episode Number: 3x45

    ---

    Overview

    This week, the cybersecurity world reacted to NIST’s decision to scale back automatic CVE enrichment after a massive surge in vulnerability submissions. We break down what this means for defenders, vendors, and anyone relying on the NVD for prioritization. We also cover major developments in AI infrastructure, government–AI relations, and the rapidly growing AI chip market.

    ---

    Guest Information

    None this episode

    ---

    Topics Covered

    ‱ NIST’s new CVE enrichment limits

    ‱ AI’s shifting role in government cybersecurity

    ‱ Enterprise AI infrastructure consolidation

    ‱ AI chip market expansion and IPO activity

    ---

    Top Stories

    1. NIST Limits CVE Enrichment After 263% Surge in Submissions

    NIST is restricting automatic CVE enrichment due to overwhelming volume growth. Only CVEs tied to KEV, federal software, or EO 14028 critical software will be prioritized. Everything else risks being marked “Not Scheduled.”

    Source: https://it.slashdot.org/story/26/04/17/2127243/nist-limits-cve-enrichment-after-263-surge-in-vulnerability-submissions (it.slashdot.org in Bing)

    2. Anthropic’s New Cybersecurity Model Reopens Doors in Washington

    After months of tension with the administration, Anthropic’s “Claude Mythos Preview” — a defensive cybersecurity model — appears to be improving relations with federal leadership.

    Source: https://www.theverge.com/ai-artificial-intelligence/914229/tides-turning-anthropic-trump-administration-cybersecurity-mythos-preview (theverge.com in Bing)

    3. Dell & Nvidia Position AI Infrastructure as the New Enterprise Power Center

    A major partnership aims to unify Dell’s server ecosystem with Nvidia’s GPU dominance, creating a turnkey AI infrastructure stack for enterprises.

    Source: https://siliconangle.com/2026/04/17/dell-nvidia-push-ai-infrastructure-aifactoriesdatacenters/ (siliconangle.com in Bing)

    4. Cerebras Systems Files for IPO Amid Explosive Growth

    AI chipmaker Cerebras is heading toward one of the largest tech IPOs in recent years after reporting massive revenue gains.

    Source: https://siliconangle.com/2026/04/17/ai-chip-developer-cerebras-systems-files-go-public-amid-rapid-revenue-growth/ (siliconangle.com in Bing)

    ---

    Additional Cybersecurity News – Titles and URLs

    ‱ NIST Limits CVE Enrichment After 263% Surge In Vulnerability Submissions — https://it.slashdot.org/story/26/04/17/2127243/nist-limits-cve-enrichment-after-263-surge-in-vulnerability-submissions (it.slashdot.org in Bing)

    ‱ Anthropic’s Cybersecurity Model May Repair Government Relations — https://www.theverge.com/ai-artificial-intelligence/914229/tides-turning-anthropic-trump-administration-cybersecurity-mythos-preview (theverge.com in Bing)

    ‱ Dell & Nvidia Turn AI Infrastructure Into Enterprise Power Center — https://siliconangle.com/2026/04/17/dell-nvidia-push-ai-infrastructure-aifactoriesdatacenters/ (siliconangle.com in Bing)

    ‱ Cerebras Systems Files for IPO Amid Rapid Growth — https://siliconangle.com/2026/04/17/ai-chip-developer-cerebras-systems-files-go-public-amid-rapid-revenue-growth/ (siliconangle.com in Bing)

    ---

    Resources & Links

    None this episode

    ---

    Call to Action

    ‱ Subscribe: Stay updated on cybersecurity threats.

    ‱ Leave a Review: Let us know what you think.

    ‱ Join the Conversation: Follow our community and ask questions.

    ---

    Sponsor (if applicable)

    No sponsors this episode

    ---

    Podcast Socials & Website

    ‱ Website: https://www.youvealreadybeenhacked.com

    ‱ X: @professorcyberrisk

    ‱ YouTube: https://www.youtube.com/@YABHPodcast

    ‱ Discord — The Neural Network: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: LucidRook, Ransomware, and AI Fallout

    Episode Number: 344

    Guest Information

    None this episode

    Topics Covered

    * Main threat analysis and implications

    * Emerging AI security challenges

    * Vulnerability disclosures and patches

    * Threat landscape updates

    Top Stories

    1. New ‘LucidRook’ malware used in targeted attacks on NGOs, universities - https://www.bleepingcomputer.com/news/security/new-lucidrook-malware-used-in-targeted-attacks-on-ngos-universities/

    Additional Cybersecurity News – Titles and URLs

    2. Florida AG announces investigation into OpenAI over shooting that allegedly involved ChatGPT | TechCrunch - https://techcrunch.com/2026/04/09/florida-ag-investigation-openai-chatgpt-shooting/

    3. Healthcare IT solutions provider ChipSoft hit by ransomware attack - https://www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/

    4. After data breach, $10B valued startup Mercor is having a month | TechCrunch - https://techcrunch.com/2026/04/09/after-data-breach-10b-valued-startup-mercor-is-having-a-month/

    5. Barcelona complain to Uefa about VAR in Atletico loss - https://www.bbc.com/sport/football/articles/cr41dq4pywxo

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Hijacking the Machines: The New AI Attack Surface

    Episode Number: 3x43

    Guest Information

    None this episode

    Topics Covered

    * Main threat analysis and implications

    * Emerging AI security challenges

    * Vulnerability disclosures and patches

    * Threat landscape updates

    Top Stories

    1. Google Researchers Reveal Every Way Hackers Can Trap, Hijack AI Agents - https://decrypt.co/363201/google-researchers-reveal-every-way-hackers-can-trap-hijack-ai-agents

    Additional Cybersecurity News – Titles and URLs

    2. Mercor, a $10 billion AI startup that works with companies including OpenAI and Anthropic, confirms major data breach - https://fortune.com/2026/04/02/mercor-ai-startup-security-incident-10-billion/

    3. The democratisation of business email compromise fraud - https://blog.talosintelligence.com/the-democratisation-of-business-email-compromise-fraud/

    4. Critical Cisco IMC auth bypass gives attackers Admin access - https://www.bleepingcomputer.com/news/security/critical-cisco-imc-auth-bypass-gives-attackers-admin-access/

    5. Maintaining cyber control when AI can act autonomously - https://www.techradar.com/pro/maintaining-cyber-control-when-ai-can-act-autonomously

    Resources & Links

    None this episode

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    ---

  • Hosts

    ‱ Professor CyberRisk

    ‱ Cyber Cowboy

    ---

    Live Cyber Maps

    ‱ Bitdefender Threat Map — https://threatmap.bitdefender.com/

    ‱ Check Point Threat Map — https://threatmap.checkpoint.com/

    ‱ Kaspersky Cyber Threat Map — https://cybermap.kaspersky.com/

    ‱ Talos Intelligence Spam Map — https://talosintelligence.com/ebc_spam

    ---

    Episode Information

    Title: Vibe Coding’s Hidden Cost: AI‑Generated Code Is Creating Real CVEs

    Episode Number: March 27, 2026

    ---

    Overview

    Security researchers at Georgia Tech have uncovered a disturbing trend: AI coding assistants are now directly responsible for at least 35 newly reported CVEs, each introduced by AI‑generated code. This marks a fundamental shift in software security — vulnerabilities are no longer just human mistakes or malicious injections, but systemic flaws created by the tools meant to accelerate development.

    This episode explores how AI‑generated vulnerabilities, leaked iPhone exploits, macOS malware using fake CAPTCHAs, human psychology at RSAC 2026, and a cyberattack on medical device manufacturer Stryker all point to the same conclusion: the threat landscape is evolving faster than traditional defenses can keep up.

    From the document:

    “At least 35 new Common Vulnerabilities and Exposures entries have been identified where the flaw was introduced specifically by AI-generated code.”

    ---

    Guest Information

    None this episode.

    ---

    Topics Covered

    ‱ AI‑generated vulnerabilities and the rise of “vibe coding”

    ‱ Leaked nation‑state iPhone exploits targeting older devices

    ‱ Infiniti Stealer: macOS malware using ClickFix and fake CAPTCHAs

    ‱ RSAC 2026: Why phishing still works on everyone

    ‱ Stryker cyberattack and the fragility of healthcare manufacturing

    ---

    Top Stories

    1. AI‑Generated Code Is Creating Real CVEs

    Georgia Tech researchers identify at least 35 CVEs introduced by AI coding tools.

    Link: https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/

    2. Leaked iPhone Exploits Leave Millions Exposed

    Nation‑grade spyware targeting older iOS versions is now in the wild.

    Link: https://techcrunch.com/2026/03/26/apple-made-strides-with-ios-26-security-but-leaked-hacking-tools-still-leave-millions-exposed-to-spyware-attacks/

    3. Infiniti Stealer Targets macOS Users

    A new infostealer uses fake CAPTCHA pages and ClickFix to trick users into running malicious commands.

    Link: https://www.malwarebytes.com/blog/threat-intel/2026/03/infiniti-stealer-a-new-macos-infostealer-using-clickfix-and-python-nuitka

    4. RSAC 2026: Phishing Still Works Because of Human Psychology

    Researchers show that cognitive biases—not weak passwords—drive phishing success.

    Link: https://uk.pcmag.com/security/164040/rsac-2026-the-surprising-reason-phishing-still-works-on-everyone

    5. Stryker Recovers After Major Cyberattack

    A cyberattack disrupts medical device manufacturing, highlighting cyber‑physical risk.

    Link: https://www.channelnewsasia.com/business/stryker-says-manufacturing-mostly-restored-after-cyberattack-6019376

    ---

    Additional Cybersecurity News – Titles and URLs

    None beyond the top stories this episode.

    ---

    Resources & Links

    None this episode.

    ---

    Call to Action

    ‱ Subscribe: Stay updated on cybersecurity threats.

    ‱ Leave a Review: Tell us what you think.

    ‱ Join the Conversation: Follow our community and ask questions.

    ---

    Sponsor (if applicable)

    No sponsors this episode.

    ---

    Podcast Socials & Website

    ‱ Website: https://www.youvealreadybeenhacked.com

    ‱ X: @professorcyberrisk

    ‱ YouTube: https://www.youtube.com/@YABHPodcast

    ‱ Discord – The Neural Network: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Iran-Linked Hack Shuts Down Stryker Medical - AI Risks, 1B Record Leak & New Cyber Strategy

    Episode Number: XxX (to be filled in)

    Overview

    This week's episode covers the devastating Iran-linked ransomware attack that shut down Stryker's global medical device infrastructure, China's CERT warning about OpenClaw security risks, a massive 1 billion record identity leak across 26 countries, the White House's new AI-first cyber defense strategy, and Anthropic's new institute for AI risk research.

    Guest Information

    None this episode

    Topics Covered

    * Destructive ransomware attacks on critical healthcare infrastructure

    * Security risks of autonomous agentic AI systems

    * Massive data breaches and cloud security hygiene

    * U.S. National Cyber Strategy 2026 and AI-driven defense

    * Industry initiatives for AI safety and risk research

    Top Stories

    1. Stryker Suffers Global Outage After Iran-Linked Hack - https://www.nbcnews.com/world/iran/iran-appears-conducted-significant-cyberattack-us-company-first-war-st-rcna263084

    Additional Cybersecurity News – Titles and URLs

    2. China's CERT Warns About OpenClaw's Security Risks - https://www.theregister.com/2026/03/12/china_cert_openclaw_security_warning/

    3. One-Billion-Record Identity Leak Exposed Across 26 Countries - https://www.breitbart.com/politics/2026/03/11/one-billion-identity-records-26-countries-exposed-data-leak/

    4. U.S. National Cyber Strategy 2026: AI-First Cyber Defense - https://www.elastic.co/blog/cyber-strategy-for-america

    5. Anthropic Launches Institute to Study AI Risks - https://siliconangle.com/2026/03/11/anthropic-launches-anthropic-institute-tackle-ai-risks/

    Resources & Links

    * Medical device firmware audit: Verify OTA update mechanisms enforce signed binaries

    * Cloud security review: Ensure all storage containers are private and encrypted

    * AI governance compliance: Adopt transparent model-audit trails and bias mitigation

    * Zero-Trust 4.0: Re-architect networks for continuous verification

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • Hosts

    * Professor CyberRisk

    * Cyber Cowboy Live

    Cyber Maps (Live Threat Visualization)

    * Bitdefender Threat Map: https://threatmap.bitdefender.com/

    * Checkpoint Threat Map: https://threatmap.checkpoint.com/

    * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

    Episode Information

    Title: Zero-Day Apocalypse: Google's Warning

    Episode Number: 3x40

    Overview

    This week brings a perfect storm of zero-day exploits targeting enterprise systems. Professor CyberRisk and Cyber Cowboy Live break down Google Threat Intelligence's alarming report, plus four other stories that demand your attention. From iOS crypto scams to China-linked APTs, we cover what matters most.

    Guest Information

    None this episode - deep dive analysis from the hosts

    Topics Covered

    * Zero-day exploit surge targeting enterprise infrastructure

    * Nation-state actor activity and supply chain implications

    * Mobile security threats: iOS crypto scams

    * Zero Trust architecture implementations

    * 90 zero-days exploited in a single year - the new normal?

    Top Stories

    1. Google Threat Intelligence warns enterprise systems increasingly targeted by zero-day attacks https://siliconangle.com/2026/03/05/google-threat-intelligence-group-warns-enterprise-systems-increasingly-targeted-by-zero-day-exploits/

    Additional Cybersecurity News – Titles and URLs

    2. Google says spyware makers and China-linked groups dominated zero-day attacks last year - https://www.theregister.com/2026/03/05/zero_day_attacks_enterprise_tech_record/

    3. Google says 90 zero-days were exploited in attacks last year - https://www.bleepingcomputer.com/news/security/google-says-90-zero-days-were-exploited-in-attacks-last-year/

    4. iPhone Users Warned: Crypto Scams Can Trigger 'Coruna' iOS Exploits - https://www.newsbtc.com/news/iphone-users-warned-crypto-scams-can-trigger-coruna-ios-exploits/

    5. ThreatLocker launches Zero Trust network and cloud access to stop credential-based cyberattacks - https://www.globenewswire.com/news-release/2026/03/05/3250529/0/en/ThreatLocker-launches-Zero-Trust-network-and-cloud-access-to-stop-credential-based-cyberattacks.html

    Resources & Links

    * NIST Zero Trust Architecture: https://csrc.nist.gov/publications/detail/sp/800-207/final

    * Google Threat Intelligence Report: See top story link above

    * CVE Database: https://cve.mitre.org/

    Call to Action

    * Subscribe: Stay updated on cybersecurity threats.

    * Leave a Review: Let us know what you think.

    * Join the Conversation: Follow our community and ask questions.

    Sponsor (if applicable)

    No sponsors this episode

    Podcast Socials & Website

    * Website: https://www.youvealreadybeenhacked.com

    * X: @professorcyberrisk

    * YouTube: https://www.youtube.com/@YABHPodcast

    * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

  • **“Your Pre‑Paid Card & Smart Home Are at Risk”**

    ---

    ### Hosts

    - **Professor CyberRisk**

    - **Cyber Cowboy**

    ---

    ### Episode Information

    **Episode Number:** 339

    **Overview:**

    In this episode we dive deep into a sudden surge of fraud on Yes Bank’s forex‑card, unpack the looming Australian IoT security law, explore how AI is turning honeypots into high‑yield threat‑intel labs, and look at the U.S. diplomatic push against global data‑sovereignty rules. We’ll give you the practical steps to safeguard your cards, devices, and data in 2026.

    ---

    ### Guest Information

    *No special guests this episode – the hosts tackle the stories directly.*

    ---

    ### Topics Covered

    | Topic | Key Take‑aways |

    |-------|----------------|

    | **Yes Bank Card Fraud Surge** | 15 Latin‑American merchants flagged; 2‑FA enforcement; bank’s new safeguards. |

    | **Messaging‑Security Market Growth** | $36.82 B by 2033; AI‑driven detection; enterprise messaging as a target. |

    | **Australia’s IoT Security Mandate** | Mandatory secure boot, encryption at rest, OTA updates; “security rating” system. |

    | **AI‑Assisted Honeypots** | Deploy low‑interaction honeypots; use ML for triage; legal/ethical best practices. |

    | **U.S. Diplomats vs. Data‑Sovereignty** | Pushback on global data regulations; implications for AI, national security, and business compliance. |

    ---

    ### Top Story

    **Yes Bank Ramps Up Security After Sudden Surge in Forex‑Card Fraud**

    *Source: [Economictimes.indiatimes.com](https://economictimes.indiatimes.com/industry/banking/finance/banking/yes-bank-tightens-safeguards-after-spike-in-forex-card-transaction-declines/articleshow/128801679.cms)*

    ---

    ### Additional Cybersecurity News – Titles and URLs

    1. **“Phishing & Ransomware Drive Messaging Security Market Surge”** – [Globenewswire.com](https://www.globenewswire.com/news-release/2026/02/26/3245179/0/en/Messaging-Security-Market-to-Surpass-USD-36-82-Billion-by-2033-Driven-by-Escalating-Phishing-and-Ransomware-Threats-SNS-Insider.html)

    2. **“Australia Mandates Minimum Security Standards for Consumer Smart Devices”** – [Itnews.com.au](https://www.itnews.com.au/feature/security-for-smart-devices-time-to-step-forward-because-theres-nowhere-to-hide-623882)

    3. **“Lessons Learned Running a Honeypot with AI Assistance”** – [ISC.SANS.edu](https://isc.sans.edu/diary/32744)

    4. **“US Diplomatic Push Against Global Data‑Sovereignty Regulations”** – [Economictimes.indiatimes.com](https://economictimes.indiatimes.com/tech/technology/us-orders-diplomats-to-fight-data-sovereignty-initiatives/articleshow/128800080.cms)

    ---

    ### Resources & Links

    | Resource | Link |

    |----------|------|

    | Live Cyber Threat Map – Bitdefender | <https://threatmap.bitdefender.com/> |

    | Live Cyber Threat Map – Checkpoint | <https://threatmap.checkpoint.com/> |

    | Live Cyber Threat Map – Kaspersky | <https://cybermap.kaspersky.com/> |

    | Talos Intelligence – ebc_spam Map | <https://talosintelligence.com/ebc_spam> |

    | Podcast Website | <https://www.youvealreadybeenhacked.com> |

    | X (Twitter) | @professorcyberrisk |

    | YouTube | <https://www.youtube.com/@YABHPodcast> |

    | Discord / Community Forum | https://discord.gg/cz3xdsrqAE

    ---

    ### Call to Action

    - **Subscribe** – Stay updated on the latest cybersecurity threats.

    - **Leave a Review** – Tell us what you think so we can improve.

    - **Join the Conversation** – Follow us on X, YouTube, and Discord to ask questions and share insights.

    ---

    ### Sponsor

    *None this episode.*

  • **What’s in this episode?**

    - **Top Story** – How generative AI is letting attackers spin up polymorphic ransomware in minutes.

    - **Support Stories** – New funding for AI‑driven vulnerability remediation, agentic chip design, a Def Con attendance shake‑up, and a Smashing Security podcast on internet sovereignty.

    - **Live Threat Maps** – See the world’s cyber threat landscape in real time.

    ---

    ## 🌐 Live Cyber Threat Maps

    - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/

    - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/

    - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/

    - **Talos Intelligence ebc_spam Map** – https://talosintelligence.com/ebc_spam

    ---

    ## đŸ”„â€ŻTop Story – AI‑Accelerated Malware

    **Title:** *AI‑Accelerated Malware: Hackers are Building More Sophisticated Threats in Half the Time*

    **Summary:**

    TechRadar shows that generative AI is slashing malware development time from days to minutes. Attackers can now produce polymorphic ransomware, encrypted payloads, key‑loggers, and fast exfiltration modules that bypass both signature and behavioral detection. The speed‑up gives attackers a 10× advantage over traditional development cycles.

    **Why it Matters:**

    - Speed & Scale

    - Complexity & Evasion

    - Skill Gap

    **What to Do:**

    1. Adopt AI‑driven threat intel.

    2. Implement behavior‑based monitoring.

    3. Update incident‑response playbooks.

    4. Train analysts on AI‑evolved threats.

    **Link:** https://www.techradar.com/pro/security/ai-is-helping-hackers-make-new-malware-faster-and-more-complex-than-ever-and-things-may-only-get-tougher

    ---

    ## 💡 Additional Cybersecurity News

    | # | Title | Why it Matters | Link |

    |---|-------|----------------|------|

    | 1 | *Cogent Security Raises $42M to Scale AI Agents for Enterprise Vulnerability Remediation* | Automation at scale, faster patching, reduced human error | https://siliconangle.com/2026/02/18/cogent-security-raises-42m-scale-ai-agents-enterprise-vulnerability-remediation |

    | 2 | *ChipAgents Secures $50M to Accelerate Agentic Chip Design* | Hardware‑level security, faster time‑to‑market, design automation | https://siliconangle.com/2026/02/18/chipagents-secures-50m-funding-accelerate-agentic-chip-design |

    | 3 | *Def Con Bans Three Attendees Linked to Jeffrey Epstein* | Reputation risk, event security, industry precedent | https://techcrunch.com/2026/02/18/hacking-conference-def-con-bans-three-people-linked-to-epstein/ |

    | 4 | *Smashing Security Podcast #455: Face Off – Meta’s Glasses & America’s Internet Kill Switch* | Policy debate, technical feasibility, cyber‑law implications | https://grahamcluley.com/smashing-security-podcast-455/ |

    ---

    ## 📣 Call to Action

    - **Subscribe**: Stay updated on the latest cybersecurity threats.

    - **Leave a Review**: Tell us what you think – it helps the community grow.

    - **Join the Conversation**: Follow our community and ask questions.

    ---

    ## đŸŽ™ïžâ€ŻSponsor

    **No sponsors this episode**

    ---

    ## đŸ“Č Podcast Socials & Website

    - **Website:** https://www.youvealreadybeenhacked.com

    - **X (formerly Twitter):** @professorcyberrisk

    - **YouTube:** https://www.youtube.com/@YABHPodcast

    - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

  • ## Episode Information

    **Episode Number:** XxX

    **Hosts:**

    - Professor CyberRisk

    - Cyber Cowboy

    **Live Cyber Maps:**

    - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/

    - **Live Cyber threat map (Checkpoint)** – https://threatmap.checkpoint.com/

    - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/

    - **Talos Intelligence – ebc_spam Map** – https://talosintelligence.com/ebc_spam

    **Overview**

    In this episode we unpack Microsoft’s blockbuster patch that closes the one‑click attack vector, dig into CertiK’s fresh transparency play after the Huione fallout, and discuss how geolocation services are becoming an adversarial attack surface. We also explore how CISOs can balance AI innovation with risk and how Red Hat is reshaping vulnerability management with vendor‑centric pipelines.

    **Guest Information**

    None this episode.

    **Topics Covered**

    1. Microsoft’s one‑click exploit patch – what it fixes and why it matters.

    2. CertiK’s rebuild‑trust strategy post‑Huione backlash.

    3. Geofeed manipulation – why it’s a real threat and how to guard against it.

    4. AI in security: governance, bias, adversarial attacks, and human‑in‑the‑loop.

    5. Red Hat’s collaborative vulnerability‑management blueprint and its impact on MTTR.

    **Top Stories**

    - **Microsoft Fixes Bugs Behind One‑Click Attacks** – [PYMNTS](https://www.pymnts.com/cybersecurity/2026/microsoft-fixes-bugs-behind-one-click-attacks/)

    **Additional Cybersecurity News – Titles and URLs**

    - **CertiK Rebuilds Trust After Huione‑Related Backlash** – [CoinDesk](https://www.coindesk.com/business/2026/02/11/how-certik-rebuilt-trust-as-it-prepares-itself-for-an-ipo)

    - **Geofeeds Are Adversarial – A Call for Better IP Geolocation Integrity** – [NANOG Mailing List](https://seclists.org/nanog/2026/Feb/59)

    - **Balancing AI Innovation and Security Risk – A CISO’s Playbook** – [TechTarget](https://www.techtarget.com/searchsecurity/feature/How-CISOs-can-balance-AI-innovation-and-security-risk)

    - **Elevate Your Vulnerability Management Strategy – Red Hat’s Blueprint** – [Red Hat Blog](https://www.redhat.com/en/blog/elevate-your-vulnerability-management-strategy-red-hat)

    **Resources & Links**

    *(All links listed above)*

    ---

    ## Call to Action

    - **Subscribe:** Stay updated on the latest cybersecurity threats.

    - **Leave a Review:** Let us know what you think.

    - **Join the Conversation:** Follow our community and ask questions.

    ---

    ## Sponsor (if applicable)

    No sponsors this episode.

    ---

    ## Podcast Socials & Website

    - **Website:** https://www.youvealreadybeenhacked.com

    - **Twitter/X:** @professorcyberrisk

    - **YouTube:** https://www.youtube.com/@YABHPodcast

    - **Discord / Community Forum (copyable raw link):** https://discord.gg/cz3xdsrqAE

    ---

  • ## đŸ“ș Episode Information

    **Title:** Episode Number: **336** *(to be filled in)*

    ### Overview

    Today’s episode dives into a high‑impact, zero‑day campaign that hijacks web traffic by rewriting NGINX configurations with the React2Shell web shell. We break down the technical mechanics, the broader threat landscape, and actionable defense strategies. In addition, we cover the latest high‑profile data breach, economic fallout from online fraud in Malaysia, the NFL’s cyber‑defense playbook for Super Bowl 2026, and a new MSSP partnership in Singapore.

    ---

    ## 🔧 Topics Covered

    1. **NGINX Traffic Hijack via React2Shell** – The top story, detailing the attack vector, stealth, and mass‑scale risk.

    2. **Canada Computers & Electronics Data Breach** – 1,300 customers impacted; payment data exposure.

    3. **Malaysia’s RM8 Billion Online Fraud Losses** – Economic toll and mitigation tactics.

    4. **NFL Super Bowl 2026 Cyber‑Defense Playbook** – Edge security, AI monitoring, and event‑level protection.

    5. **Acronis & Insightz MSSP Partnership** – Managed security services expansion in Singapore.

    ---

    ## đŸ›Ąïž Top Story – “Hackers Hijack Web Traffic via Compromised NGINX & Baota Panels Using React2Shell”

    **Summary**

    Researchers uncovered a campaign that uses the open‑source shell **React2Shell** to compromise NGINX servers and Baota control panels. Attackers rewrite NGINX’s configuration to forward all inbound traffic through malicious proxy servers, enabling eavesdropping, malware injection, or phishing redirection while keeping the original server’s IP intact.

    **Cited Link**

    [The Hacker News – Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers](https://thehackernews.com/2026/02/hackers-exploit-react2shell-to-hijack.html)

    ---

    ## 📱 Additional Cybersecurity News

    | Title | URL |

    |-------|-----|

    | *Canada Computers & Electronics Under Investigation After Data Breach Hits 1,300 Customers* | https://www.cbc.ca/news/business/canada-computers-data-breach-scope-9.7074605 |

    | *Malaysia Records RM8 Billion Losses From Online Fraud Since 2020* | https://www.thestar.com.my/news/nation/2026/02/05/almost-rm8bil-lost-to-online-fraud-since-2020-dewan-rakyat-told |

    | *Super Bowl 2026: NFL Deploys Cybersecurity Squad, Advanced Routers, & Data Centers* | https://www.pymnts.com/cybersecurity/2026/super-bowl-lineup-includes-cybersecurity-squad-wireless-routers-and-data-centers/ |

    | *Acronis Welcomes Insightz Technology as Singapore’s First MSSP Partner* | https://www.globenewswire.com/news-release/2026/02/05/3232606/0/en/Acronis-Welcomes-Insightz-Technology-as-First-MSSP-Partner-in-Singapore.html |

    ---

    -

    ## 📣 Call to Action

    - **Subscribe**: Stay updated on the latest cybersecurity threats.

    - **Leave a Review**: Let us know what you think – it helps the podcast grow.

    - **Join the Conversation**: Follow our community, ask questions, and share insights.

    ---

    ## đŸ·ïž Sponsor

    No sponsors this episode

    ---

    ## 🌐 Podcast Socials & Website

    - **Website**: https://www.youvealreadybeenhacked.com

    - **X (Twitter)**: @professorcyberrisk

    - **YouTube**: https://www.youtube.com/@YABHPodcast

    - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

  • **Hosts**

    - Professor CyberRisk

    - Cyber Cowboy

    - Live Cyber Maps Bitdefender Threat Map: https://threatmap.bitdefender.com/

    - Live Cyber threat map (Checkpoint): https://threatmap.checkpoint.com/

    - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

    - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam

    **Episode Information**

    - **Title:** *Zero‑Day Chaos & Firmware Secrets: Cisco RCE Alert + UEFI Parser*

    - **Episode Number:** 3x35

    - **Overview:**

    In today’s episode we dive deep into a critically‑exploited Cisco zero‑day that’s been wreaking havoc across Unified Communications and Webex environments. We then turn our attention to a groundbreaking open‑source UEFI parser that’s exposing hidden firmware vulnerabilities, followed by a real‑world watering‑hole attack targeting EmEditor users and an EU telecom supply‑chain purge that could reshape vendor relationships.

    - **Guest Information:**

    *None – this is an all‑host episode.*

    - **Topics Covered:**

    1. Cisco Zero‑Day CVE‑2026‑20045 (UC & Webex RCE)

    2. UEFI Parser – Open‑Source Firmware Vulnerability Discovery

    3. EmEditor Watering‑Hole Malware Campaign

    4. EU Telecom Supplier Ban Proposal

    5. Luxshare Precision Ransomware Incident & Supply‑Chain Implications

    - **Top Stories:**

    - **Cisco Zero‑Day CVE‑2026‑20045** – *Cisco Releases Emergency Patch for Actively Exploited RCE*: https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html

    - **Breaking UEFI Secrets – New Open‑Source Parser** – *CERT/CC Launches UEFI Parser Tool*: https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/

    - **Watering Hole Targets EmEditor** – *TrendMicro Uncovers Multi‑Stage Malware*: https://www.trendmicro.com/en_us/research/26/a/watering-hole-attack-targets-emeditor-users.html

    - **EU Targets High‑Risk Foreign Telecom Suppliers** – *Proposal to Ban Third‑Country Companies from EU Mobile Networks*: https://www.spacewar.com/reports/Eyeing_China_EU_moves_to_ban_high-risk_foreign_suppliers_from_telecoms_networks_999.html

    - **Luxshare Under Attack – Ransomware Claims Apple & Nvidia Data** – *China‑Based Manufacturer Breach*: https://www.digitimes.com/news/a20260122PD226/luxshare-security-electronics-manufacturing-nvidia-apple.html

    - **Additional Cybersecurity News – Titles and URLs:**

    (All links above)

    - **Resources & Links:**

    *None this episode*

    **Call to Action**

    - **Subscribe:** Stay updated on the latest cybersecurity threats – hit that subscribe button!

    - **Leave a Review:** Tell us what you think – reviews help us improve and grow the community.

    - **Join the Conversation:** Follow our community and ask questions on Discord.

    **Sponsor**

    - No sponsors this episode

    **Podcast Socials & Website**

    - **Website:** https://www.youvealreadybeenhacked.com

    - **X:** @professorcyberrisk

    - **YouTube:** https://www.youtube.com/@YABHPodcast

    - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE