OpenClaw targets ClawHub users Notepad++ update delivers malware APT28 attackers abuse Microsoft Office zero-day Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-targets-clawhub-users-notepad-update-delivers-malware-apt28-attackers-abuse-microsoft-office-zero-day/ Huge thanks to our sponsor, Strike48 It's no secret that AI is only as good as the data available to it. Strike48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. B...
Feb 03, 2026•7 min
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Steve Zalewski , co-host, Defense in Depth, and Nick Espinosa , host, The Deep Dive Radio Show Thanks to our show sponsor, Devo/Strike 48 Strike48 is the Agentic Log Intelligence Platform that actually puts AI agents to work, maximizing log visibility without blowing your budget. Find threats your siloed tools miss. Get started today with pre-built AI agents and workflows that investigate, detect, and r...
Feb 02, 2026•46 min
Coupang CEO questioned by police regarding data breach probe Cyberattack on large Russian bread factory disrupts deliveries Real estate agents in Australia use apps that leave lease documents at risk Get the show notes here: https://cisoseries.com/cybersecurity-news-police-question-coupang-ceo-russia-bakery-cyberattack-australian-real-estate-scandal/ Huge thanks to our sponsor, Strike48 Strike48 is the Agentic Log Intelligence Platform that actually puts AI agents to work, maximizing log visibil...
Feb 02, 2026•8 min
France fines unemployment agency €5 million over data breach Microsoft Teams addition will allow for suspicious calls to be reported UK leaders warned about absorbing cyberattacks without offensive deterrence Check out the show notes here: Huge thanks to our episode sponsor, Conveyor Want to hear a horror story? An infosec manager found out that their sales rep had filled in a customer security questionnaire themselves and sent it back to the customer without review. Which led to dozens of follo...
Jan 30, 2026•8 min
Sandbox flaw exposes n8n instances Fake Moltbot assistant drops malware PeckBirdy takes flight for cross-platform attacks Check out the show notes here: https://cisoseries.com/cybersecurity-news-sandbox-flaw-exposes-n8n-instances-fake-moltbot-assistant-drops-malware-peckbirdy-takes-flight-for-cross-platform-attacks/ Huge thanks to our episode sponsor, Conveyor Another security questionnaire hits your desk. Ever wish it could magically disappear? You already have the answers that customers should...
Jan 29, 2026•8 min
US cyber chief uploaded sensitive files into public ChatGPT Vibe-coded 'Sicarii' ransomware can't be decrypted WhatsApp account feature combats spyware Check out the show notes here: https://cisoseries.com/cybersecurity-news-us-cyber-chief-uploaded-sensitive-files-into-public-chatgpt-vibe-coded-sicarii-ransomware-cant-be-decrypted-whatsapp-account-feature-combats-spyware/ Huge thanks to our episode sponsor, Conveyor Ever dream of giving customers instant answers to their security questions witho...
Jan 28, 2026•7 min
Microsoft patches Office zero-day vulnerability Indian users targeted by Blackmoon Konni targets blockchain developers Huge thanks to our episode sponsor, Conveyor True story, an infosec team had to give customers MapQuest style directions just to navigate their Trust Center. Spoiler: it didn't reduce follow-up questions and created even more work for everyone involved. With Conveyor's new Trust Center AI Agent, customers get answers instantly and can even upload questionnaires for the Agent to ...
Jan 27, 2026•8 min
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Krista Arndt , associate CISO, St. Luke's University Health Network , and Jason Shockey , CISO, Cenlar FSB Thanks to our show sponsor, Conveyor Ever dream of giving customers instant answers to their security questions without ever filling out another questionnaire? Meet Conveyor's new Trust Center Agent. The Agent lives in your Conveyor Trust Center and answers every customer question, surfaces documen...
Jan 27, 2026•34 min
Microsoft Outlook and boot problems Sandworm likely behind cyberattack on Poland's power grid Dresden museum network suffers cyberattack Huge thanks to our episode sponsor, Conveyor Ever wish your customers could magically get answers to their own security questionnaires before they ever hit your desk? We've heard this wish from hundreds of teams so Conveyor just launched a new Trust Center AI Agent. The Agent lives in your Conveyor hosted Trust Center and answers customer questions, surfaces do...
Jan 26, 2026•8 min
Multi‑stage AiTM phishing and BEC campaign abusing SharePoint SmarterMail auth bypass flaw now exploited despite patch The problem of AI agents emerges at Davos Huge thanks to our sponsor, Dropzone AI All week we've talked about alert fatigue, MTTR, and the math that's breaking your SOC. Here's the proof. Dropzone AI is trusted by over 300 global enterprises and MSSPs. Named a Gartner Cool Vendor. Recognized in the Fortune Cyber 60. And backed by $37 million in Series B funding. But they're not ...
Jan 23, 2026•9 min
Tesla hacked at Pwn2Own Automotive Everest sitting on Under Armour data? PurpleBravo fake jobs campaign targets IP addresses Huge thanks to our sponsor, Dropzone AI Quick tip for SOC leaders measuring MTTR. Stop optimizing the human. Optimize what the human has to do. Dropzone AI handles the investigation legwork autonomously. Correlating alerts, gathering evidence, documenting findings. Your analysts only engage when it actually matters. The results are investigations that took hours and now ta...
Jan 22, 2026•8 min
UK and China try to ease cyberattack tensions Iranian state TV hijacked VoidLink malware is AI-generated Huge thanks to our sponsor, Dropzone AI Remember yesterday's 2 AM alert? Here's how it ends differently with Dropzone AI . The alert fires. Within minutes, not hours, their AI SOC agents have already correlated logs across your entire security stack, built a complete evidence chain, and delivered a verdict. False positive, or escalate immediately. Your analyst wakes up to answers, not a queue...
Jan 21, 2026•7 min
Gemini prompt injection flaw exposes calendar info Hacker admits to leaking stolen Supreme Court data Researchers uncover PDFSIDER malware Huge thanks to our sponsor, Dropzone AI It's 2 AM. An alert fires. Possible data exfiltration. Your on-call analyst is three time zones away, half-asleep, context-switching between tools. By the time they piece together the evidence, forty-five minutes have passed. Was it a real threat or another false positive? The clock is ticking. Tomorrow, I'll tell you h...
Jan 20, 2026•7 min
Link to episode page This week's Department of Know is hosted by Sarah Lane with guests Dmitriy Sokolovskiy , senior vice president, information security, Semrush , and Nick Espinosa , host, The Deep Dive Radio Show Thanks to our show sponsor, Dropzone AI How many alerts did your SOC investigate last week? How many sat in the queue untouched? If you don't know those numbers, or you don't like them, Dropzone AI can help. They've helped enterprises like UiPath and Zapier handle ten times more aler...
Jan 20, 2026•37 min
Cybercom-NSA leadership nominee to assess dual-hat role Two-thirds of third-party applications access sensitive data without justification, says report GhostPoster browser extensions up to 840,000 installs Huge thanks to our sponsor, Dropzone AI Here's a security tip most vendors won't tell you. Your SOC analysts aren't slow. They're drowning. The average enterprise faces tens of thousands of alerts daily, and even your best analysts can only investigate so many before burnout wins. Dropzone AI ...
Jan 19, 2026•8 min
Jen Easterly to helm RSAC Windows January update causes login problems UK police blame Copilot for intelligence mistake Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com . Find the stories behind the headlines at CIS...
Jan 16, 2026•8 min
U.S. weighs private companies' cyberwarfare roles China: stop using US and Israeli cybersecurity software DeadLock uses smart contracts to hide work Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com ....
Jan 15, 2026•8 min
GoBruteforcer targets blockchain projects Android accessibility issue just a bug Verizon to stop automatic phone unlocks Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com ....
Jan 14, 2026•8 min
Instagram denies breach post-data leak Sweden detains consultant suspected of spying n8n supply chain attack steals OAuth tokens Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com ....
Jan 13, 2026•9 min
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Johna Till Johnson , CEO and Founder, Nemertes (check out the Nemertes substack ) and Jason Shockey , CISO, Cenlar FSB . Jason will be speaking at MBA Servicing Solution26 in Texas in late February. Details here . Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Tr...
Jan 12, 2026•25 min
BreachForums hacking forum database leaked exposing 324,000 accounts Instagram breach exposes user data, creates password reset panic UK government exempts self from flagship cyber law Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZT...
Jan 12, 2026•8 min
Microsoft to enforce MFA for Microsoft 365 admin center sign-ins Cisco patches ISE security vulnerability after PoC release Illinois state agency breaches itself Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk re...
Jan 09, 2026•8 min
ESA confirms new data heist Ni8mare lets hackers hijack n8n servers Taiwan blames 'cyber army' for intrusion attempts Huge thanks to our sponsor, Hoxhunt Traditional security training fails because it treats employees like the problem. Hoxhunt treats them like the solution. AI-powered simulations mirror actual attacks hitting your inbox. Instant coaching turns mistakes into learning moments. Gamified rewards make security engaging. The result? Real behavior change that measurably reduces your ri...
Jan 08, 2026•7 min
The UK hits reset on cybersecurity No MFA, Know Problems US may have coordinated cyberattacks with Maduro's arrest Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qual...
Jan 07, 2026•7 min
European hospitality blue screen of death Brightspeed investigates breach Convicted Bitfinex launderer freed Huge thanks to our sponsor, Hoxhunt Traditional security training fails because it treats employees like the problem. Hoxhunt treats them like the solution. AI-powered simulations mirror actual attacks hitting your inbox. Instant coaching turns mistakes into learning moments. Gamified rewards make security engaging. The result? Real behavior change that measurably reduces your risk. Thous...
Jan 06, 2026•7 min
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Peter Clay , CISO, Aireon , and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, HoxHunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt . They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reductio...
Jan 06, 2026•31 min
Palo Alto Networks boss calls AI agents biggest insider threat Hackers claim Resecurity hack, firm says it was a honeypot Thousands of ColdFusion exploit attempts spotted during Christmas holiday Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company...
Jan 05, 2026•8 min
NYC mayoral inauguration bans Flipper Zero and Raspberry Pi devices Crypto must now share account details with UK tax officials Finland seizes suspected cable sabotage ship Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26...
Jan 02, 2026•8 min
Hackers drain millions from Unleash Protocol DarkSpectre campaigns exposed Shai-Hulud attack led Trust Wallet heist Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com ....
Jan 01, 2026•7 min
Silver Fox targets Indian users Mustang Panda deploys ToneShell Will prompt injection ever be 'solved'? Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com ....
Dec 31, 2025•7 min
