Cybersecurity Daily: News & Threats delivers sharp, up-to-the-minute intelligence on the vulnerabilities, ransomware campaigns, and security failures shaping the digital threat landscape. Every episode cuts through the noise to give security professionals, IT administrators, and tech-savvy listeners the critical context they need to stay ahead of attackers. From patch management gaps and zero-day exploits to emerging ransomware groups and evolving cyber insurance requirements, this show covers the full spectrum of modern cybersecurity risk. Each episode is built for busy defenders — concise, authoritative, and packed with actionable insight. Whether you're a CISO weighing insurance controls, a sysadmin racing to close patch windows, or a tech enthusiast tracking the latest nation-state activity, Cybersecurity Daily ensures you never miss a development that matters. Topics include threat actor tracking, vulnerability disclosures, incident response trends, security policy changes, and the business impact of breaches. What makes this show distinctive is its commitment to connecting the technical dots to real-world consequences — explaining not just what happened, but why it matters to you and your organization. Subscribe to Cybersecurity Daily: News & Threats and make informed security decisions every single day.
A working Windows Defender exploit sat exposed for 29 days before Microsoft patched it — and a ransomware crew just deleted 10TB from a university after stealing it. Today's briefing covers the patch lag crisis, the Mount Royal University breach, and why cyber insurers are now demanding proof, not promises.
CISA's 48-hour KEV mandate hits Adobe ColdFusion, Joomla, and Langflow as a 15-year Linux kernel flaw called GhostLock drops with working exploit code. Accenture confirms 35GB stolen from Azure DevOps — source code, SSH keys, and cloud tokens all in play.
Iranian state-linked hackers expose a modular C2 espionage platform, MuddyWater pivots from scanning to credential theft, and supply chain backdoors in Trivy, Bitwarden, and Checkmarx reach OpenAI and Vercel. Plus: a DHS platform breach during World Cup planning and ransomware's shifting economics.
A Chinese spear-phishing campaign impersonates India's tax authority to deploy DcRAT, while the FBI and Google disrupt the NetNut residential proxy botnet. Researchers also expose BioShocking — a prompt-injection attack that turns agentic AI browsers into credential thieves inside live authenticated sessions.
For the first time, ransomware has been confirmed running entirely without human operators — JADEPUFFER exploited Langflow CVE-2025-3248, chained Nacos bypasses, and moved laterally with no one at the controls. Today's briefing also covers Scattered Spider's arrest via Windows telemetry, Oracle EBS active exploitation, SimpleHelp's Djinn Stealer campaign, and critical Roundcube patches.
Google dismantles a 316-cluster residential proxy botnet tied to a public company, while ransomware hits Apple's supply chain partner Tata Electronics and Oracle E-Business Suite faces active exploitation. Today's briefing also covers Linux kernel privilege escalation, a compromised Chrome ad blocker, and FBI warnings about Russian Signal phishing.
The first fully autonomous AI ransomware attack has been confirmed, a DHS information-sharing platform was breached, and median breach costs have doubled since 2019. Today's briefing covers JadePuffer, FatFs IoT flaws, the NetNut botnet takedown, Scattered Spider's latest arrest, and more.
A ransomware attack completed itself without a single human keystroke — meet JADEPUFFER, the LLM-powered threat actor rewriting the economics of cybercrime. Plus: Anubis claims 91 victims via Citrix NetScaler, seven CVSS 10 Adobe ColdFusion patches, Apple's emergency iOS sprint, and a third breach of the DHS intelligence network.
A confirmed intrusion into the Homeland Security Information Network tops today's briefing, alongside ClickFix malware evolving into per-victim polymorphic payloads and patch cycles buckling under AI-compressed exploit timelines. Six stories covering the threats shaping enterprise security right now.
Ransomware gangs are actively exploiting CVE-2026-33825 in Microsoft Defender as CISA confirms live attacks — plus Apple patches 30+ WebKit flaws found by AI, a fake Perplexity Chrome extension steals browsing data, and 7.5 million insurance records are exposed. Today's briefing covers five critical stories every security professional needs right now.
A public exploit for critical libssh2 CVE-2026-55200 has dropped with no patch in sight for millions of embedded deployments, while an anonymous researcher released an unvetted archive targeting 15 products including Gitea and Splunk. Today's briefing also covers the Tata Electronics ransomware breach exposing iPhone 18 Pro IP, Amazon Q Developer credential risk, and two consumer malware campaigns hitting over 200,000 endpoints.
630GB of Apple manufacturing schematics stolen via Tata Electronics, Iranian wiper malware shuts down Stryker across 79 countries, and a live Cisco Unified CM zero-day is dropping webshells in enterprise networks. Today's briefing also covers the Klue-to-LastPass OAuth chain attack, ShinyHunters' $65M Telus demand, and a critical patch wave hitting Nginx, PostgreSQL, and FortiGate.
Klue's OAuth supply chain attack spawned a rare double-extortion scenario as a second threat actor seized the stolen data — while new IBM figures reveal the average US data breach now costs $10.22 million. Today's briefing covers these stories plus a Dialog misconfiguration, AI security savings, and the surge in third-party breaches.
Malicious config files are silently executing code with your AWS credentials — and the flaw spans Amazon Q, Claude Code, Cursor, and Windsurf. Plus: European ransomware up 55%, dark web AI hacking tools up 4,000%, and SIP telephony under industrial-scale attack.
ShinyHunters breach the National Association of Insurance Commissioners via an Oracle PeopleSoft zero-day, while the White House signs the first binding post-quantum cryptography mandate for federal agencies. Plus: record US breach costs, Mexico's cybersecurity plan, and two critical CISA-flagged device exploits.
Three critical infrastructure zero-days — Lantronix, Ubiquiti, and Cisco — moved from disclosed to actively exploited within 48 hours, while a stealthy npm supply chain attack deployed a Windows RAT against Chrome credentials. Today's briefing also covers OpenAI's GPT-5.5-Cyber defender tool, a federal post-quantum cryptography deadline, and two major Texas data breaches affecting millions.
Cyberattacks on space infrastructure have surged 400% amid escalating geopolitical conflict, while an Icarus OAuth breach hits top security vendors and a Chrome V8 zero-day is actively exploited. Today's briefing also covers Bajaj Auto ransomware, FortiBleed's AI-automated domain takeovers, and a Five Eyes warning on frontier AI weaponization.
Nine security firms breached via stolen OAuth tokens, ShinyHunters publishes 297GB of Council of Europe data after a missed ransom deadline, and the AryStinger botnet silently maps infrastructure through thousands of unpatched D-Link routers. Today's briefing connects all three to one structural blind spot defenders can't afford to ignore.
Microsoft's 208-CVE Patch Tuesday introduced a Recycle Bin regression hitting millions of Windows systems, while Qilin ransomware claimed Q Link Wireless and the GentleKiller EDR bypass toolkit went public. Today's briefing also covers Teams-based C2 attacks and tightening regulations under DORA and CIRCIA.
A 24-billion-password dump cross-referenced with CVE data is redefining credential threats, while 74,000 Fortinet firewall admin credentials leak in FortiBleed and the SocGholish botnet falls after seven years of ransomware delivery. Today's briefing covers the most consequential cybersecurity developments of the past 24 hours.
A critical Splunk Enterprise RCE (CVE-2026-20253, CVSS 9.8) is under active attack with a federal patch deadline of June 21, while threat actor Icarus stole OAuth tokens from SaaS vendor Klue to silently extract CRM data from Huntress, Jamf, Recorded Future, and Tanium. Two stories, one pattern: attackers reaching infrastructure that was never designed to stop them.
INC ransomware's Rust rewrite powers a surge to 830+ victims as FortiBleed compromises 30,000 firewalls across 194 countries. Plus: a fourth Defender zero-day from the same researcher and Oracle's 245-vulnerability Critical Patch Update.
ShinyHunters gives Kodak until June 18 to respond or face exposure of 2.2 million records, while researchers uncover a 24-billion-credential Elasticsearch dump fuelled by live infostealer logs. Plus: the Vertex AI race-condition patch and unverified ICAI exam-portal breach claims.
A critical PeopleSoft zero-day with no patch has hit over 100 organizations including the University of Nottingham, while ransomware now accounts for 44% of all data breaches. Today's briefing covers the ShinyHunters campaign, record healthcare breach costs, a North Korean supply chain attack on developers, and Samsung's 45-vulnerability patch.
Four zero-days are under active exploitation simultaneously — Chrome V8, Microsoft Defender RoguePlanet, a UniFi OS root-access chain, and Splunk Enterprise RCE. Plus: 400+ AUR packages hijacked, US breach costs hit $10.2M, and AI phishing now drives 37% of attacks.
Microsoft's record-breaking Patch Tuesday lands with five actively exploited zero-days — including a wormable RDP flaw and AI-feature kernel vulnerabilities — while a supply-chain attack compromises 400+ Arch Linux packages. Everything you need to act on, in under ten minutes.
Microsoft drops a single-day record 206 security patches with 39 critical flaws, while The Gentlemen ransomware group confirms 478 victims and a new MaaS tool called OnyxC2 evades detection across major scanning platforms. Today's briefing covers the biggest cybersecurity stories shaping enterprise defenses right now.
A five-month OceanLotus supply chain attack hit Vietnamese stock investors, a Windows Defender zero-day is already being exploited in the wild, and Ivanti Sentry's CVSS 10 flaws were backdoored within 24 hours of PoC release. Today's briefing also covers a 206-CVE Patch Tuesday, CISA's new 3-day patching directive, and a disputed VRChat breach filing.
Microsoft's largest-ever Patch Tuesday lands with three actively exploited zero-days targeting Windows servers, workstations, and encrypted drives — while ServiceNow confirms a silent pre-patch breach affecting 8,000+ enterprises. If you run internet-facing Windows infrastructure or ServiceNow, today's briefing is required listening.
CISA has issued an emergency directive forcing federal agencies to patch a Check Point VPN authentication bypass exploited by Qilin ransomware — or go offline by June 11. Also: Chrome's fifth zero-day of 2026, Microsoft's record 200+ CVE Patch Tuesday, and a 48% ransomware surge.
Showing latest 30 of 62 episodes.