We're talking zero-days getting hammered left and right, embedded browsers that are more vintage than secure, and some serious exploitation happening in the wild.

We break down the newest frontiers of cyber defense and attack, including how Google is using a new User Alignment Critic to shield Chrome's agentic AI from prompt injection, and why a critical flaw in the Ruby SAML library demands immediate patching,. Plus, a deep dive into the sophisticated vishing campaign that weaponizes Microsoft Teams and QuickAssist to deploy fileless .NET malware,.

Host Mike Housch dives into the chaotic fallout from the maximum-severity React2Shell vulnerability, which caused a massive Cloudflare outage and rapid exploitation by threat actors. We also analyze another critical 10.0-rated flaw in Apache Tika, the surprising scale of global ransomware payouts, and the strategic shift toward phishing-resistant authentication like Passkeys.

This week, we dive deep into the sophisticated China-nexus threat WARP PANDA, which is relentlessly exploiting VMware vCenter environments with the BRICKSTORM malware, alongside urgent warnings about the actively exploited React2Shell vulnerability. We also analyze the destructive Shai-Hulud 2.0 supply chain attack that compromised thousands of repositories and review the latest defensive strategies unveiled at AWS re:Invent 2025.

We break down Google's urgent Android patches, including two actively exploited zero-days, and analyze the appearance of the new ShadowV2 IoT botnet leveraging known flaws. Plus, we look into why an AI-generated recipe card landed Google in hot water over content scraping and monetization.

Host Mike Housch dives into the latest major breaches, including 146,000 records stolen from Delta Dental of Virginia, and dissects critical zero-day exploitation confirmed by CISA. We also explore the emerging risks of Agentic AI, and hear from CISO experts aiming to retire cybers...

Today we dive into Cloudflare's massive outage caused by a database mishap and track the alarming rise of ransomware targeting Amazon S3 misconfigurations. Plus, we uncover a global espionage network hidden inside 50,000 compromised Asus routers.

Threat actors are leveraging AI to run sophisticated phishing campaigns that mimic Fortune-500 marketing departments, making identity the most vulnerable target. We also dive into critical zero-day exploits impacting FortiWeb and the Ray AI framework, and explore the necessary shift toward b...

Today, we dive into a massive internet disruption that wasn't a cyberattack, as Cloudflare confirms a service-crashing bug, and we cover the urgent need to patch the seventh Google Chrome zero-day found this year. We also dissect a pervasive WhatsApp screen-sharing scam resulting in major losses and examine why Generation Z has the worst password security habits.

Today. I dive into how decades-old tech, like the "Finger" protocol, is being weaponized in modern ClickFix attacks, alongside major zero-day exploitation news affecting FortiWeb and Logitech. We also unpack the sophisticated techniques used by threat actors like Dragon Breath to disable security tools and the concerning new ways researchers are bypassing AI guardrails.

We dive into a massive NPM registry attack where a self-replicating worm polluted the software supply chain with over 150,000 packages seeking cryptocurrency rewards. Then, we analyze how state-sponsored threat actors used Anthropic’s Claude AI to automate 90% of a targeted espionage campaign against critical global organizations.

Today we expose the 'Whisper Leak' LLM attack that infers sensitive conversation topics from encrypted metadata. Plus, we break down the start of CMMC enforcement and why supply chain risks are soaring, according to the new OWASP Top 10 list.

Australia steps up sanctions against North Korean cyber operations funding weapons programs, while the Cl0p gang continues to expose victims of the Oracle EBS hack. Plus, we break down the evolving threat landscape from sophisticated ClickFix scams targeting macOS to mobile zero-day spyware aimed at the Middle East.

We dive into how AI is complicating the threat landscape, covering an "AI Slop" ransomware test sneaked onto the VS Code marketplace and novel prompt injection hacks against ChatGPT memories. We also break down critical high-severity browser flaws in Chrome 142 and the escalating geopolitical tension around US hyperscalers and European data sovereignty.

Today we dive into alarming new reports, including how state-sponsored hackers stole firewall backups and how AI is enabling malware to mutate autonomously during execution. We also cover the costly Nevada ransomware recovery, critical Cisco patches, and the perennial problem of weak passwords.

Today, we expose a sophisticated campaign where hackers use Remote Monitoring and Management tools to hijack physical cargo, leading to billions in losses, and analyze the dangerous new trend of malware like SesameOp abusing trusted AI APIs for stealthy command-and-control operations. Plus, we cover the major patches released by both Apple and Google, including a critical Android Remote Code Execution flaw that requires zero user interaction.

Today, we dissect how a suspected Chinese APT used the new 'Airstalk' malware to compromise BPOs in targeted supply chain attacks, and why the Claude AI model was successfully tricked into exfiltrating user data. Plus, we look at the rising threat of cybercriminals exploiting legitimate RMM tools to steal physical cargo from logistics networks.

CISA issued urgent warnings, adding exploited VMware and XWiki flaws to the KEV catalog and requiring federal agencies to patch immediately. We break down the Chinese threat actor exploiting an unpatched Windows shortcut vulnerability targeting European diplomats and examine the active exploitation of the critical Windows WSUS flaw.

We dive into two major software supply chain campaigns, including the "PhantomRaven" operation, which delivered infostealers via 136 malicious NPM packages downloaded 100,000 times. Then, we look at why vetting dependencies is no longer enough and examine the shocking case of a US defense contractor executive who sold $35 million in cyber trade secrets to a Russian exploit broker.

Today we dive into critical industrial cyber threats as CISA warns of active exploitation in DELMIA factory software. We also examine Google's move to make HTTPS the default for all public sites and review the massive lawsuit alleging Microsoft tricked millions of users into pricey Copilot subscriptions.