# Title * HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! ## Description 🔍 Microsoft’s AI Uncovers 20 Zero-Day Threats | CoffeeLoader Malware Gets Smarter In this episode of Exploit Brokers, Cipherceval dives into how Microsoft Security Copilot, powered by AI, discovered over 20 previously unknown vulnerabilities in popular bootloaders like GRUB2, U-Boot, and Barebox. These flaws could allow attackers to bypass Secure Boot and install stealthy bootkits. We also explore...
Apr 03, 2025•19 min•Season 1Ep. 59
Welcome to Exploit Brokers with your host Cipherceval! In this deep dive, we uncover a sophisticated cyber assault where hackers exploited Microsoft SharePoint to launch the Havoc C2 via a stealthy click fix attack. Learn how a single click can trigger malicious PowerShell commands, turning everyday corporate tools into gateways for cybercrime. In this episode, we explore: • How click fix attacks trick users into executing harmful commands • The role of social engineering in modern cyber warfare...
Mar 06, 2025•24 min•Season 1Ep. 58
In this episode of Exploit Brokers, we dive into the dark world of cybercrime, exploring two alarming topics: a malicious Android loan app masquerading as a financial tool and Xerox printer vulnerabilities that could be leaking your credentials. Learn how loan sharks have moved from traditional methods to sophisticated digital predation, exploiting unsuspecting users via apps like SpyLoan. We break down how these apps bypass Google Play's protections, steal sensitive data, and push predatory len...
Feb 27, 2025•21 min•Season 1Ep. 57
In today’s episode of Exploit Brokers, we dive deep into two major security threats making waves across the digital world. A critical Remote Code Execution (RCE) vulnerability in Microsoft Outlook is putting millions of users at risk, with hackers exploiting it through spear phishing emails and malicious links. Not only that, but we’re also uncovering the stealthy tactics of the notorious North Korean hacking group, Kimsuky. They’re evolving their methods with custom RDP wrappers and proxy tools...
Feb 13, 2025•27 min•Season 1Ep. 56
Welcome back to Exploit Brokers! In today’s video, we dive deep into a critical 7‑Zip vulnerability that’s being exploited by Russian cybercriminals to bypass Windows’ security protections. If you’ve used 7‑Zip at all, you need to know how this flaw can let hackers sneak past the Mark-of-the-Web (MOTW) and deploy dangerous malware like Smoke Loader. We'll also explore a parallel threat in the Go ecosystem—malicious packages exploiting caching mechanisms to gain persistent remote access to your s...
Feb 06, 2025•27 min•Season 1Ep. 55
Lazarus Group’s Secret Admin Layer EXPOSED – Major Cybersecurity Discovery! 🔥💻 Security researchers have uncovered a hidden admin layer used by North Korea’s Lazarus Group to manage their Command and Control (C2) servers. This sophisticated network of VPNs and proxies allows them to execute cyberattacks worldwide—mainly targeting cryptocurrency developers and software supply chains. In today’s episode, we break down: ✅ How Lazarus Group operates and funds North Korea’s cybercrime efforts ✅ The...
Jan 30, 2025•30 min•Season 1Ep. 54
In this episode, we’re uncovering the darker side of Generative AI and the emerging threats lurking behind everyday tools like ChatGPT and Copilot. Learn how sensitive information—ranging from customer data to employee benefits—can be leaked simply by typing it into a Gen AI prompt. We’ll also expose how cybercriminals are escalating their tactics, hiding malware in places you’d never expect—like Google Ads, YouTube comments, and misleading download links for supposedly “free” or pirated softwar...
Jan 23, 2025•25 min•Season 1Ep. 53
🔒🚗 Volkswagen’s Massive 800K EV Data Breach & Mirai Botnet Threats Explained | Exploit Brokers Welcome back to Exploit Brokers! In today’s episode, we dive deep into two major cybersecurity threats shaking the automotive and industrial sectors: Volkswagen’s 800,000 EV Data Breach Discover how a misconfigured Amazon cloud storage led to the exposure of sensitive personal information for Volkswagen, Audi, Seat, and Skoda electric vehicle owners. Learn what data was compromised, the potential...
Jan 09, 2025•22 min•Season 1Ep. 52
In this episode, we dive deep into two explosive cybersecurity stories making headlines right now: a major breach at the U.S. Treasury Department allegedly carried out by Chinese state-sponsored hackers, and the discovery of over 3.1 million fake stars on GitHub used to boost malicious repositories. We’ll explore how third-party vendor BeyondTrust and telecom hacks tie into this growing wave of advanced persistent threats (APTs) and discuss how manipulative tactics on GitHub can sneak malware in...
Jan 02, 2025•23 min•Season 1Ep. 51
In this eye-opening episode, we uncover the disturbing reality of IoT webcam vulnerabilities and explore how hackers are leveraging outdated firmware and previously discovered but unpatched exploits to infiltrate personal devices. From prying eyes in your own home to the colossal health data breach exposing over 900,000 patient records, the digital security landscape has never looked more dire. Learn what you can do to protect your data, secure your devices, and safeguard your personal informati...
Dec 19, 2024•26 min•Season 1Ep. 50
We’re diving into two major stories shaking up the gaming and cybersecurity worlds! First, we discuss the Fortnite Refund Update, where the FTC has forced Epic Games to refund millions due to their use of dark patterns. Find out if you’re eligible for a refund and how to claim it. Then, we shift gears to the Lazarus Group, North Korea’s infamous hacking collective, and their latest exploit targeting cryptocurrency investors using AI-generated content and Chrome vulnerabilities. Stay informed, pr...
Dec 12, 2024•23 min•Season 1Ep. 49
Uncover the fascinating yet chilling story of Hydra Market, the dark web’s largest illicit empire. Learn how this $1.35 billion platform operated, from smuggling narcotics and laundering money to offering hacking services. We’ll explore how its leader was sentenced to life in prison, the innovative (and illegal) technologies they used, and the global effort to bring it down. Plus, we’ll dive into how cryptocurrencies, Bitcoin mixers, and secret marketplaces fuel the shadowy world of digital crim...
Dec 05, 2024•21 min•Season 1Ep. 48
Andrew Tate's platform, formerly known as Hustler’s University, has been hacked, exposing the data of over 800,000 users. Meanwhile, Russian hackers have exploited critical zero-day vulnerabilities in Firefox and Windows, demonstrating the growing sophistication of cyberattacks. In this video, we’ll break down the Andrew Tate hack, the implications of leaked user data, and how Russian threat actors are chaining vulnerabilities for remote code execution. Stay informed on the latest in cybersecuri...
Nov 28, 2024•18 min•Season 1Ep. 47
In this episode, we dive deep into the world of ransomware with two of 2024's most talked-about threats: Phobos and Helldown. Learn how the Phobos ransomware operation managed to dominate 11% of the market, generating $16 million in ransom payments, and the shocking details of its admin’s extradition to the U.S. We also explore the rise of Helldown ransomware, its exploitation of VPN vulnerabilities, and how these attacks are reshaping cybersecurity globally. If you’re curious about how ransomwa...
Nov 21, 2024•28 min•Season 1Ep. 46
In today's episode, we dive deep into the fascinating yet troubling world of cybersecurity, exploring how even the most advanced antivirus software, firewalls, and endpoint security measures can fall short due to a single factor: human error. Despite the latest tech solutions, hackers continue to exploit one consistent vulnerability—users clicking on suspicious links and files. We'll discuss how phishing emails, malware, and outdated software create an entryway for cybercriminals, even in some o...
Nov 14, 2024•33 min•Season 1Ep. 45
In today's episode, we’re diving into the hidden dangers of malicious installers, software cracks, and deceptive ads on Google. We'll explore recent stories, including the SteelFox malware that's hijacking Windows PCs, stealing credit card data, and mining cryptocurrency using vulnerable drivers. Plus, we’ll uncover a new wave of malvertising attack scams targeting eBay users and how scammers are leveraging Google Ads to lure unsuspecting victims into calling fake support numbers. With digital c...
Nov 07, 2024•23 min•Season 1Ep. 44
In a significant international operation, Dutch police and global law enforcement partners have taken down two major information stealers: Redline and Meta Stealer. These dangerous malware operations targeted thousands of victims worldwide, stealing passwords, sensitive data, and more. This video explores how law enforcement agencies worked together to dismantle their infrastructure, taking down over 1,200 servers with malware in dozens of countries. We'll also discuss how information stealers o...
Oct 31, 2024•11 min•Season 1Ep. 43
The Internet Archive has been breached… AGAIN! 🛑 This time, hackers managed to compromise sensitive user data not once, but twice, exploiting stolen GitLab and Zendesk tokens. In this episode of Exploit Brokers, we break down what went wrong, why access tokens are crucial for cybersecurity, and how this breach could have been prevented. 🚨 We’ll dive deep into: How the hackers gained access through exposed tokens 🔓 What “access tokens” really are and why they’re often targeted 🔑 The role of G...
Oct 24, 2024•16 min•Season 1Ep. 42
In this eye-opening episode of Exploit Brokers, your host Lauro dives deep into the recent cyberattacks that have compromised major U.S. telecommunications networks. Chinese state-sponsored hackers, known as Salt Typhoon, have exploited a 30-year-old backdoor mandated by U.S. law, targeting giants like AT&T, Lumen (formerly CenturyLink), and Verizon. Drawing inspiration from Friedrich Nietzsche's quote: "He who fights with monsters should look to it that he himself does not become a monster....
Oct 10, 2024•16 min•Season 1Ep. 41
Imagine waking up to find that your trusted antivirus software has uninstalled itself and replaced itself with a completely different program—without your consent! 😱 In today's video, we dive deep into the shocking move by Kaspersky as it uninstalls itself and installs Ultra AV on users' computers. We'll explore why this happened, how users are reacting, and what it means for your cybersecurity. Is this a breach of trust or a necessary step due to geopolitical tensions? Join us as we unravel th...
Sep 26, 2024•13 min•Season 1Ep. 40
In an unexpected turn of events, Apple has decided to drop its three-year-old lawsuit against the notorious spyware maker, NSO Group. What led to this shocking decision, and what does it mean for the future of cybersecurity and your personal data? 🤔 In today's video, we dive deep into the reasons behind Apple's surprising move. We'll explore how the rise of commercial spyware vendors is reshaping the cybersecurity landscape and why Apple believes that continuing the lawsuit might actually do mo...
Sep 19, 2024•14 min•Season 1Ep. 36
Is Your Tap-to-Pay Secure? The Latest Android Malware Warning 🔒 In this episode of Exploit Brokers, we dive deep into a new Android malware that targets NFC technology to steal your banking information. 📱💳 If you use tap-to-pay or any NFC-based service, this is something you NEED to know. We’ll break down how this malware works, why it's so dangerous, and what you can do to protect yourself. Learn about the latest threats in the world of digital crime and stay one step ahead! 💻 📢 Don't forg...
Aug 29, 2024•14 min•Season 1Ep. 38
🚨 AI Propaganda Exposed: How It’s Influencing Elections Right Now! 🚨 In this episode of Exploit Brokers, we dive deep into the unsettling world of AI-driven misinformation campaigns. From targeting voters on both sides to spreading chaos across social media, AI is being weaponized in ways that sound like science fiction but are shockingly real. We’ll explore how threat actors are using advanced AI to manipulate public opinion, the efforts to combat these operations, and what this means for the...
Aug 22, 2024•17 min•Season 1Ep. 37
In this episode of Exploit Brokers, we dive into a significant new threat spreading across the web—Trojan malware hidden in malicious browser extensions. These sneaky extensions are distributed through fake download sites mimicking popular software like Roblox FPS Unlocker, YouTube, VLC, or KeePass. We’ll discuss how these Trojans operate, how they’ve compromised over 300,000 users, and what steps you can take to protect yourself. Stay informed about the rising tide of digital crime and malware ...
Aug 15, 2024•15 min•Season 1Ep. 36
In this episode of Exploit Brokers, we're diving into a new and alarming trend in cybersecurity: Remote Access Trojans (RATs) targeting IT professionals. Discover how malware disguised as legitimate tools is being installed by unsuspecting IT teams, leading to severe breaches and ransomware attacks. We'll explore the tactics used by Hunter's International, a rising threat group, and their deployment of Sharp Rhino RAT. Learn about the evolution of ransomware, the mechanisms behind these attacks,...
Aug 08, 2024•17 min•Season 1Ep. 35
Hey everyone, welcome back to another episode of Exploit Brokers! In today's video, we're diving deep into some dangerous Android apps you should avoid installing. We'll also explore how AI is being used to detect wildfires and identify AI-generated videos, proving that technology can indeed fight back against digital threats. With the rise of data breaches, hacking attempts, and digital crimes, it's crucial to stay informed and vigilant. Learn about the threats posed by malware, dark sites, bru...
Aug 01, 2024•22 min•Season 1Ep. 34
In this episode of Exploit Brokers, we delve into two major cyber stories making headlines. First, we uncover the details behind the recent breach of water facilities by Russian hacktivists and the subsequent U.S. sanctions. Discover the risks posed by SCADA system vulnerabilities and the potential for catastrophic damage to critical infrastructure. Next, we explore the chaos caused by a CrowdStrike update glitch, leading to blue screens of death and widespread disruption. Learn how cybercrimina...
Jul 25, 2024•18 min•Season 1Ep. 33
🚨 Welcome to Exploit Brokers! 🚨 In this episode, we're diving deep into the hidden world of fake cell towers and the alarming rise of cyber scam slavery. 📡💔 Did you know that your cell phone might be connecting to a fake tower, putting your personal information at risk? We explore a recent case in London where criminals set up a fake cell tower to blast malicious texts, and discuss the shocking methods they use to bypass network security. 📱🔒 But that's not all! 🌍💻 We're also uncovering t...
Jun 13, 2024•26 min•Season 1Ep. 32
Welcome back to another episode of Exploit Brokers with your host, Lauro! Today, we're diving deep into the darker uses of AI by criminals. From high-tech identity theft using AI-generated voices and images to unprecedented surges in digital crimes such as hacking and data breaches, we explore how these technologies are shaping modern criminal tactics. In this episode: We discuss a recent incident reported by The Guardian involving AI mimicking BBC presenter Liz Bonnin's voice. Analyze the rise ...
May 02, 2024•27 min•Season 1Ep. 31
In this thrilling episode of our cybersecurity series, we dive deep into the shadowy world of cyber espionage waged by two Chinese Advanced Persistent Threat (APT) groups against the nations of the Association of Southeast Asian Nations (ASEAN). Discover the tactics employed by infamous threat actors like Mustang Panda in their sophisticated digital attacks, leveraging malware, phishing emails, and zero-day vulnerabilities to infiltrate and spy on Southeast Asian countries. We unravel the comple...
Mar 28, 2024•25 min•Season 1Ep. 30
