Linus Torvalds not into AI bug hunters 7-Eleven hit with ransom demand MENA runs new cybercrime op Get the show notes here: https://cisoseries.com/cybersecurity-news-linus-torvalds-talks-ai-bug-hunters-7-eleven-ransom-demand-menas-new-cybercrime-op/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the rig...
May 19, 2026•9 min
Grafana GitHub token breach leads to extortion attempt Microsoft rejects Azure vulnerability report, researcher disputes decision Funnel Builder flaw actively exploited to steal payment data Get the show notes here: https://cisoseries.com/cybersecurity-news-grafan-github-extortion-microsoft-rejects-azure-report-funnel-builder-flaw/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Z...
May 18, 2026•8 min
This week's Department of Know is hosted by Rich Stroffolino , with guests Gary Chan , CISO, SSM Health and Peter Liebert , CISO, Salesloft . Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com . Huge thanks to our sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the...
May 15, 2026•35 min
G7 countries release AI SBOM guidance Dell confirms its SupportAssist software causes Windows BSOD crashes Dirty Frag sequel arrives as Fragnesia Get the show notes here: https://cisoseries.com/cybersecurity-news-g7-releases-ai-sbom-dell-supportassist-bsod-dirty-frag-sequel/ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects a...
May 15, 2026•9 min
Foxconn confirms North American factory attack BitLocker zero-day accesses protected drives MDASH patches 16 Windows flaws Get the show notes here: https://cisoseries.com/cybersecurity-news-foxconn-factory-attacks-bitlocker-zero-day-accesses-protected-drives-mdash-patches-windows-flaws/↗ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platf...
May 14, 2026•7 min
Instructure reaches an "agreement" with ShinyHunters Shai Hulud campaign is back OpenAI launches Daybreak Get the show notes here: https://cisoseries.com/cybersecurity-news-instructures-agreement-shai-hulud-campaign-openais-daybreak/ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, ...
May 13, 2026•8 min
A.I. hackers find software flaw Xbox leaks 'Forza Horizon 6' Linux kernel hit by 2nd flaw Get the show notes here: https://cisoseries.com/cybersecurity-news-a-i-software-flaw-hackers-forza-horizon-6-leak-linux-kernel-hit-again/ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while ...
May 12, 2026•8 min
CPanel, WHM release fixes for three new vulnerabilities Official JDownloader site serves malware to Windows and Linux users Sen. Schumer seeks DHS plan on AI cyber coordination Get the show notes here: https://cisoseries.com/cybersecurity-news-new-cpanel-vulnerabilities-jdownloader-delivers-malware-schumer-pushes-dhs/ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through th...
May 11, 2026•8 min
Link to the episode This week's Department of Know is hosted by Rich Stroffolino , with guests Jonathan Waldrop , CISO, Acoustic , and Jason Elrod , CISO, MultiCare Health System . Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com . Huge thanks to our sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's a...
May 08, 2026•39 min
PAN-OS RCE exploit under active use enabling root access and espionage Polish intelligence says hackers attacked water treatment control systems Ivanti warns of new EPMM flaw exploited in zero-day attacks Get the show notes here: https://cisoseries.com/cybersecurity-news-pan-os-rce-exploit-poland-water-hacks-ivanti-epmm-flaw/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, ...
May 08, 2026•9 min
Google Chrome installs 4GB AI model on devices Daemon Tools disk app backdoored in supply-chain attack Crypto's 'decentralised finance' sector hit by investor exodus Get the show notes here: Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vant...
May 07, 2026•8 min
Video game platform hit by supply chain attack Bleeding Llama could expose your data US gets more early LLM access Get the show notes here: https://cisoseries.com/cybersecurity-news-video-game-supply-chain-attack-bleeding-llama-us-gets-early-llm-access/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're ...
May 06, 2026•8 min
Instructure discloses breach amid leak threats DigiCert revokes certificates Silver Fox targets Indian and Russian orgs Get the show notes here: https://cisoseries.com/cybersecurity-news-instructure-discloses-breach-digicert-revokes-certificates-silver-fox-targets-indian-and-russian-orgs/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-...
May 05, 2026•8 min
Telegram Mini Apps deliver Android malware CISA orders Federal agencies to patch cPanel bug by Sunday British cyber agency warns of looming 'patch wave' due to speedy AI flaw discovery Get the show notes here: https://cisoseries.com/cybersecurity-news-telegram-mini-apps-malware-cpanel-is-sorry-patch-wave-warning/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer ...
May 04, 2026•8 min
This week's Department of Know is hosted by Rich Stroffolino , with guests Janet Heins , CISO, ChenMed , and TC Niedzialkowski , Head of IT & Security, Opendoor . Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com . Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/ Thank...
May 01, 2026•40 min
Critical cPanel and WHM bug exploited as zero-day Swiss police arrest suspected members of Black Axe group HHS ponders government posture for protecting data centers Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/ Thanks to our episode sponsor, Guardsqaure Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unaut...
May 01, 2026•8 min
Hackers arrested for selling Roblox accounts Microsoft's patch for a 0-day falls short US & China partner on Dubai scam takedown Get the show notes here: https://cisoseries.com/cybersecurity-news-roblox-hackers-arrested-microsoft-0-day-falls-short-dubai-scam-takedown/ Thanks to our episode sponsor, Guardsqaure AI is speeding up development, but at what cost? While ninety-six percent of teams now use AI tools, eighty-one percent report that AI-generated code has introduced new vulnerabilities...
Apr 30, 2026•7 min
FIDO Alliance working on securing AI agent payments Germany suspects Russia in Signal phishing RCE flaw in open-source robotics platform Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/ Thanks to our episode sponsor, Guardsqaure Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection repor...
Apr 29, 2026•7 min
PhantomRPC flaw enables privilege escalation Checkmarx confirms GitHub data hit dark web PyPI package hacked to push infostealer Get the show notes here: https://cisoseries.com/cybersecurity-news-phantomrpc-flaw-checkmarx-github-dark-web-data-pypi-package-infostealer/ Thanks to our episode sponsor, Guardsqaure Your backend is only as secure as your frontend. Research shows that client-side compromise is now a primary driver of API risk. With sixty-three percent of leaders detecting mobile app ta...
Apr 28, 2026•8 min
ADT says customer data stolen in cyberattack SMS blasting comes to Toronto Researchers find pre-Stuxnet malware targeting engineering software Get the show notes here: https://cisoseries.com/cybersecurity-news-adt-data-breach-toronto-sms-blasting-pre-stuxnet-malware-discovery/ Thanks to our episode sponsor, Guardsquare Mobile app security isn't just a tech issue; it's a revenue issue. A recent global study found that seventy-two percent of organizations experienced a mobile app security incident...
Apr 27, 2026•8 min
Link to episode This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon , CISO, American Century Investments , and Michael Bickford , former CISO, New York State Gaming Commission. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com . Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. ...
Apr 24, 2026•40 min
Cosmetics giant Rituals discloses data breach Apple fixes iOS flaw exploited by the FBI Microsoft Teams Helpdesk impersonation Get the show notes here: https://cisoseries.com/cybersecurity-news-rituals-cosmetics-breach-fbi-ios-flaw-fixed-teams-helpdesk-malware-impersonation/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alon...
Apr 24, 2026•8 min
OpenAI shares cyber product with government orgs Unauthorized Mythos access, Firebox bugs fixed by Mythos Insurers move to cap LLMjacking cyber payouts Get the show notes here: https://cisoseries.com/cybersecurity-news-new-openai-cyber-product-unauthorized-mythos-access-insurers-to-cap-llmjacking-payouts/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access ...
Apr 23, 2026•7 min
CISA lacks Mythos access Lovable denies data leak YouTube opens up deepfake detection tool Get the show notes here: https://cisoseries.com/cybersecurity-news-cisa-lacks-mythos-lovables-leak-by-design-youtubes-deepfake-detection/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device...
Apr 22, 2026•8 min
Vercel confirms breach, stolen data for sale ZionSiphon targets water infrastructure Bluesky blames outage on DDoS Get the show notes here: https://cisoseries.com/cybersecurity-news-vercel-breach-zionsiphon-targets-water-infrastructure-bluesky-ddos/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right u...
Apr 21, 2026•8 min
London hospitals continue to suffer from 2024 ransomware attack Four arrested in PowerOFF takedown Microsoft Defender "RedSun" zero-day Get the show notes here: https://cisoseries.com/cybersecurity-news-london-hospital-ransomware-legacy-poweroff-takedown-microsoft-redsun-zero-day/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credential...
Apr 20, 2026•9 min
Link to episode page This week's Department of Know is hosted by Rich Stroffolino, with guests Andrew Storms , security engineering, Kilo Code, and Eduardo Ortiz-Romeu , VP, global head of cybersecurity, Techtronic Industries. Missed the live show? Check it out on YouTube . Huge thanks to our sponsor, Conveyor Happy Friday. Hope there isn't a fresh security questionnaire sitting in your inbox right now. If there is, here's something worth knowing. The teams that have fully automated their custom...
Apr 17, 2026•38 min
Cisco posts urgent Webex Services warning Splunk issues fixes for Enterprise vulnerability Git identity spoof tricks Claude into approving bad code Get the show notes here: https://cisoseries.com/cybersecurity-news-cisco-webex-warning-splunks-enterprise-fix-git-spoof-tricks-claude/ Huge thanks to our sponsor, Conveyor Happy Friday. Hope there isn't a fresh security questionnaire sitting in your inbox right now. If there is, here's something worth knowing. The teams that have fully automated thei...
Apr 17, 2026•8 min
OpenAI rolls out GPT-5.4-Cyber McGraw Hill breach due to Salesforce misconfig Signed adware operation disables antivirus Get the show notes here: https://cisoseries.com/cybersecurity-news-openais-gpt-5-4-cyber-mcgraw-hill-blames-salesforce-for-breach-signed-adware-disables-antivirus/ Huge thanks to our sponsor, Conveyor At some point, every fast-growing SaaS team hits the same wall. The trust center is live. The SOC 2 is published. And somehow the security questionnaires just keep piling up. Tha...
Apr 16, 2026•7 min
Ransomware rivals turn on each other Fake Ledger app drains millions in crypto US Treasury wants access to Mythos Get the show notes here: https://cisoseries.com/cybersecurity-news-ransomware-drama-faked-ledger-app-treasury-wants-mythos/ Huge thanks to our sponsor, Conveyor Your trust center was a great start. But if your team is still manually answering questionnaires and fielding sales questions, it hasn't solved the problem. Conveyor goes beyond a trust center. You get a living knowledge libr...
Apr 15, 2026•7 min
