Please consider supporting the DefSec podcast here . Links to this week’s stories: https://www.securityweek.com/openai-hit-by-tanstack-supply-chain-attack/ https://thehackernews.com/2026/05/developer-workstations-are-now-part-of.html https://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.html https://www.theregister.com/cyber-crime/2026/05/14/security-pros-doubt-canvas-attackers-really-deleted-stolen-student-data/5240799 https://www.theregister.com/cyber-crime/2026/05/14/security...
May 24, 2026•57 min
Please consider supporting the DefSec podcast here . Links to this week’s stories: https://www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/ https://www.theregister.com/security/2026/05/06/1-in-8-workers-say-selling-company-logins-is-justifiable/5231104 https://www.theregister.com/security/2026/05/02/ai-digs-up-decades-of-code-debt-patch-up/5219734 https://www.theregister.com/security/2026/05/11/anthropics-bug-hunting-mythos-was-greatest-ma...
May 22, 2026•56 min
Please consider supporting the DefSec podcast here . Links to this week’s stories: https://www.darkreading.com/cloud-security/csa-cisos-prepare-post-mythos-exploit-storm https://www.csoonline.com/article/4159292/insurance-carriers-quietly-back-away-from-covering-ai-outputs.html https://www.livescience.com/technology/artificial-intelligence/hackers-used-ai-to-steal-hundreds-of-millions-of-mexican-government-and-private-citizen-records-in-one-of-the-largest-cybersecurity-breaches-ever https://www....
May 15, 2026•1 hr 13 min
Please consider supporting the DefSec podcast here . Links to this week’s stories: https://www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrialized https://www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/ https://www.bleepingcomputer.com/news/security/google-new-unc6783-hackers-steal-corporate-zendesk-support-tickets/ https://www.darkreading.com/vulnerabilities-threats/bluehammer-windows-exploit-micr...
Apr 22, 2026•1 hr 1 min
Please consider supporting the DefSec podcast here . Links to stories: https://www.computerweekly.com/news/366640648/Emergency-Microsoft-Oracle-patches-point-to-wider-cyber-issues https://www.theregister.com/2026/03/27/security_boffins_harvest_bumper_crop/ https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html?m=1 https://www.theregister.com/2026/03/24/trivy_compromise_litellm/ https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html?m=1...
Apr 14, 2026•57 min
Please consider supporting the DefSec podcast here . Here are the links we discuss this week: https://www.darkreading.com/identity-access-management-security/more-attackers-logging-in-not-breaking-in https://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/ https://www.csoonline.com/article/4147833/cisa-urges-it-to-harden-endpoint-management-systems-after-cyberattack-by-pro-iranian-group.html https://arstechnica.com/security/2026/03/widel...
Apr 04, 2026•1 hr 23 min
This time it’s not a rerun! ]Please consider supporting the DefSec podcast here . Here are the links we discuss this week: https://www.bleepingcomputer.com/news/security/ransomware-payment-rate-drops-to-record-low-as-attacks-surge/ https://www.securityweek.com/recent-cisco-catalyst-sd-wan-vulnerability-now-widely-exploited/ https://www.darkreading.com/cyberattacks-data-breaches/nation-state-actor-ai-malware-assembly-line https://www.cybersecuritydive.com/news/ransomware-identity-ai-cloudflare/81...
Mar 28, 2026•1 hr 4 min
Please consider supporting the DefSec podcast here . Here are the links we discuss this week: https://www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/ https://www.theregister.com/2026/02/16/open_source_registries_fund_security/ https://www.bleepingcomputer.com/news/security/infostealer-malware-found-stealing-openclaw-secrets-for-first-time/ https://www.securityweek.com/api-threats-grow-in-scale-as-ai-expands-the-blast-radius/ https://w...
Mar 09, 2026•1 hr 6 min
Please consider supporting the DefSec podcast here . Links to this week’s stories: https://www.theregister.com/2026/02/02/notepad_hijacking_lotus_blossom/ https://www.bleepingcomputer.com/news/security/fake-job-recruiters-hide-malware-in-developer-coding-challenges/ https://www.bleepingcomputer.com/news/security/amos-infostealer-targets-macos-through-a-popular-ai-app/ https://www.theregister.com/2026/02/10/ai_agents_messaging_apps_data_leak/ https://www.theregister.com/2026/02/11/payroll_pirates...
Feb 24, 2026•1 hr 4 min
Please consider supporting the DefSec podcast here . Links to the stories we cover in this episode: https://www.theregister.com/2026/01/29/faster_patching_please_cry_infoseccers/ https://thehackernews.com/2026/01/mandiant-finds-shinyhunters-using.html?m=1 https://www.bleepingcomputer.com/news/security/marquis-blames-ransomware-breach-on-sonicwall-cloud-backup-hack/ https://thehackernews.com/2026/01/researchers-find-175000-publicly.html?m=1 https://www.darkreading.com/application-security/opencla...
Feb 16, 2026•1 hr 8 min
Please consider supporting the DefSec podcast here . Links to the stories we cover in this episode: https://www.bleepingcomputer.com/news/security/hackers-exploit-security-testing-apps-to-breach-fortune-500-firms/ https://www.securityweek.com/analysis-of-6-billion-passwords-shows-stagnant-user-behavior/ https://www.theregister.com/2026/01/20/group_ib_ai_cycercrime_subscriptions/ https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/ https:/...
Feb 02, 2026•58 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to the stories in this episode: https://www.theregister.com/2026/01/09/pyongyangs_cyberspies_are_turning_qr/ https://www.scworld.com/perspective/five-ways-to-conduct-a-more-secure-hiring-process https://cybersecuritynews.com/vmware-esxi-exploited-toolkit/ https://www.darkreading.com/cyber-risk/ciso-succession-crisis-highlights-turnover-amplifies-security-risks...
Jan 26, 2026•1 hr 5 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.darkreading.com/cyber-risk/cybersecurity-tech-recommended-by-cyber-insurer-claims-data https://www.bleepingcomputer.com/news/security/trust-wallet-links-85-million-crypto-theft-to-shai-hulud-npm-attack/ https://www.securityweek.com/hacker-claims-theft-of-40-million-conde-nast-records-after-wired-data-leak/ https://databreaches.net/2025/12/30/software-company-lacked-downstr...
Jan 15, 2026•1 hr 7 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.bleepingcomputer.com/news/security/webrat-malware-spread-via-fake-vulnerability-exploits-on-github/ https://cybersecuritynews.com/mongobleed-poc-exploit-mongodb/ https://cybersecuritynews.com/fortigate-firewall-vulnerability/ https://cybersecuritynews.com/oracle-e-business-suite-hack/...
Jan 07, 2026•49 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Merry Christmas and Happy Holidays! Links to this week’s stories: https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/ https://thehackernews.com/2025/12/russia-linked-hackers-use-microsoft-365.html?m=1 https://cybersecuritynews.com/amazon-catches-north-korean-it-worker/ https://www.darkreading.com/application-security/fake-proof-ai-slop-hobble-defenders https://www.helpnetsecurity...
Dec 25, 2025•1 hr 7 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.theregister.com/2025/12/09/hypervisor_ransomware_attacks_increasing https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable https://www.infosecurity-magazine.com/news/log4shell-downloaded-40-million https://www.infosecurity-magazine.com/news/ncsc-raises-alarms-prompt https://thehackernews.com/2025/12/researche...
Dec 20, 2025•1 hr 12 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics https://www.theregister.com/2025/11/28/posthog_shaihulud/?td=keepreading / https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem https://www.theregister.com/2025/11/27/scattered_lapsus_hunters_zendesk/ https://www.theregister.com/2025/11/25/akira_ransomware_acquisitions Browser extensions...
Dec 13, 2025•1 hr 2 min
Reposting Episode 331 due to the wrong mp3 attached to the original. Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/ / https://www.bleepingcomputer.com/news/security/anthropic-claims-of-claude-ai-automated-cyberattacks-met-with-doubt/ https://www.theregister.com/20...
Dec 02, 2025•1 hr 10 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.cybersecuritydive.com/news/nevada-ransomware-attack-traced-back-to-malware-download-by-employee/805011/ https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools https://www.darkreading.com/application-security/owasp-highlights-supply-chain-risks-new-top-10 https://www.computerweekly.com/news/366634363/Google-Dont-get-distracted-by-AI-focus-on...
Nov 24, 2025•1 hr 2 min
https://www.youtube.com/watch?v=3BaNujBx62Y Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.theregister.com/2025/11/03/mit_sloan_updates_ai_ransomware_paper/ https://www.theregister.com/2025/10/29/ey_exposes_4tb_sql_database/ https://www.darkreading.com/cyber-risk/zombie-projects-rise-again-undermine-security https://www.darkreading.com/cloud-security/cloud-outages-highlight-need-resilient-secure-infrastructure-recovery...
Nov 13, 2025•1 hr
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links we discuss this week: https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html?m=1 https://www.cybersecuritydive.com/news/artificial-intelligence-security-risks-ey-report/803490/ https://www.cybersecuritydive.com/news/ai-augment-security-identity-soc/803608/ https://www.darkreading.com/cyber-risk/best-end-user-security-awareness-programs-arent-about-awareness-anymore https://www.bleepingcom...
Nov 03, 2025•54 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Links to this week’s stories: https://www.cybersecurity-insiders.com/how-ai-will-shape-the-future-of-cyber-defense-a-one-three-and-five-year-outlook/ https://www.helpnetsecurity.com/2025/10/15/f5-big-ip-data-breach/ https://www.bleepingcomputer.com/news/security/fake-lastpass-bitwarden-breach-alerts-lead-to-pc-hijacks/ https://blogs.microsoft.com/on-the-issues/2025/10/16/mddr-2025/ https://www.theguardian.com/tech...
Oct 27, 2025•1 hr
Want to be the first to hear our episodes each week? Become a Patreon donor here . Here are the stories we discuss this week: https://cybersecuritynews.com/hackers-actively-compromising-databases/ https://www.bleepingcomputer.com/news/security/hackers-target-university-hr-employees-in-payroll-pirate-attacks/ https://securityaffairs.com/183154/security/threat-actors-steal-firewall-configs-impacting-all-sonicwall-cloud-backup-users.html https://www.theregister.com/2025/10/07/gen_ai_shadow_it_secre...
Oct 21, 2025•1 hr 7 min
Want to be the first to hear our episodes each week? Become a Patreon donor here . Here are links to the stories we discuss this week: https://www.theregister.com/2025/09/29/postmark_mcp_server_code_hijacked/ https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/ https://www.bleepingcomputer.com/news/security/westjet-data-breach-exposes-travel-details-of-12-million-customers/ https://www.cybersecuritydive.com/news/material-cybersecurity-b...
Oct 13, 2025•1 hr 3 min
Here are links to the stories we discuss this week: https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign https://thehackernews.com/2025/09/github-mandates-2fa-and-short-lived.html https://www.theregister.com/2025/09/23/gartner_ai_attack/ https://www.bleepingcomputer.com/news/security/sonicwall-releases-sma100-firmware-update-to-wipe-rootkit-malware/ https://www.zdnet.com/article/battered-by-cyberattacks-salesforce-faces-a-trust-problem-and-a-potential-class-acti...
Oct 06, 2025•1 hr 20 min
Please follow us on YouTube ! Want episodes a week early? Consider becoming a Patreon sponsor of the DefSec podcast here . Here are links to the stories we talked about this week: https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/ https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/ https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages https://cybersecuritynews.com/finwise-insider-breach/ https://arstechnica.co...
Sep 29, 2025•51 min
Here are the stories we discuss this week: https://natlawreview.com/article/qantas-airways-cuts-executive-pay-after-cyber-incident-governance-signal-industry https://www.securityweek.com/ransomware-losses-climb-as-ai-pushes-phishing-to-new-heights https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack https://www.theregister.com/2025/09/12/huntress_attacker_surveillance LunaLock Ransomware threatens victims by feeding stolen data to AI mode...
Sep 22, 2025•53 min
Listen and Watch Defensive Security Episodes a week early by becoming a Patreon donor: https://www.patreon.com/defensivesec Please subscribe to our YouTube channel: Defensive Podcasts – Cyber Security & Infosec. – YouTube Links: https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen/ https://www.bleepingcomputer.com/news/security/ai-powered-malware-hit-2-180-github-accounts-in-s1ngularity-attack/ https://www.cbc.ca/news/canada/hamilton/cybersecurity-breach-1.7597713 https://w...
Sep 15, 2025•58 min
Links to stories: https://securityaffairs.com/181430/security/after-sharepoint-attacks-microsoft-stops-sharing-poc-exploit-code-with-china.html https://www.cybersecuritydive.com/news/software-vulnerabilities-breaches-checkmarx-report/757793/ https://www.securityinfowatch.com/cybersecurity/article/55309774/even-security-leaders-are-breaking-ai-rules-calypsoai-report https://www.darkreading.com/cyber-risk/cyber-insurers-may-limit-payments-breaches-unpatched-cve https://www.darkreading.com/cyberatt...
Sep 08, 2025•47 min
I have no idea why Riverside.fm (the service we use to record the podcast) has such an audio/video sync problem for the first minute or so of the recording. We’re working on it… On to the show. Here are the links for this week’s episode: https://www.bleepingcomputer.com/news/security/new-downgrade-attack-can-bypass-fido-auth-in-microsoft-entra-id https://www.bleepingcomputer.com/news/security/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor https://www.darkreading.com/threat-in...
Aug 26, 2025•1 hr 16 min
