Cleartext

Cleartext – May 05, 2026 Today's briefing covers: • Australia launches cyber review board modeled on version disbanded in US • Everest Group Begins Leaking Alleged Liberty Mutual Data • Trellix discloses data breach after source code repository hack • Five Eyes Sound Alarm on Autonomous AI Security Risks Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-05-05.md

Cleartext – May 04, 2026 Today's briefing covers: • Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M • Why data centers now belong on the critical infrastructure list • Risky Bulletin: DigiCert hacked with a malicious screensaver file • Progress warns of critical MOVEit Automation auth bypass flaw Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-05-04.md

Cleartext Week in Review – May 02, 2026 This week's major themes and key developments: • 76% of All Crypto Stolen in 2026 Is Now in North Korea • BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures • Chinese National Extradited Over Silk Typhoon Cyber Campaign • China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-05-02.md

Cleartext – May 01, 2026 Today's briefing covers: • DHS Shutdown Ends as CISA Faces Long Recovery • Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model. • US ransomware negotiators get 4 years in prison over BlackCat attacks • Two new extortion crews are speedrunning the Scattered Spider playbook Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-05-01.md

Cleartext – April 30, 2026 Today's briefing covers: • Srsly Risky Biz: US Vows to Fight Distillation Attacks • Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities • Everyone’s building AI agents. Almost nobody’s ready for what they do to identity. • SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-30.md

Cleartext – April 29, 2026 Today's briefing covers: • Risky Bulletin: Ukrainians hacked Russian satellite comms platform • Chinese National Extradited Over Silk Typhoon Cyber Campaign • Germany Caught Up in Likely Russian Signal Phishing • Cyber Command, NSA chief warns foreign adversaries likely to target midterms Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-29.md

Cleartext – April 27, 2026 Today's briefing covers: • Risky Bulletin: New fingerprinting technique can track Tor users • Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet • Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side • Most Cybersecurity Professionals Feel Undervalued and Underpaid Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-27.md

Cleartext Week in Review – April 25, 2026 This week's major themes and key developments: • A dozen allied agencies say China is building covert hacker networks out of everyday routers • AI Tools Are Helping Mediocre North Korean Hackers Steal Millions • Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say • Mozilla: Anthropic's Mythos found 271 security vulnerabilities in Firefox 150 Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-25.md

Cleartext – April 24, 2026 Today's briefing covers: • A dozen allied agencies say China is building covert hacker networks out of everyday routers • Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities • In a first, a ransomware family is confirmed to be quantum-safe • Vercel attack fallout expands to more customers and third-party systems Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-24.md

Cleartext – April 23, 2026 Today's briefing covers: • China’s cyber capabilities now equal to the US, warns Dutch intelligence • Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector • Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks • France confirms data breach at government agency that manages citizens’ IDs Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-23.md

Cleartext – April 22, 2026 Today's briefing covers: • UK cyber agency handling four major incidents a week as nation-state attacks surge • Pentagon Cyber Leaders Back $1.5T Budget Request • Mozilla: Anthropic's Mythos found 271 security vulnerabilities in Firefox 150 • Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-22.md

Cleartext – April 21, 2026 Today's briefing covers: • KelpDAO suffers $290 million heist tied to Lazarus hackers • ZionSiphon Malware Targets Water Infrastructure Systems • Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall • Vercel’s security breach started with malware disguised as Roblox cheats Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-21.md

Cleartext – April 20, 2026 Today's briefing covers: • Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems • Finance Chiefs Warn New AI Models May Rattle Global Banking • EU pushes for stronger cloud sovereignty, awards €180 million to four providers • AI platform ATHR makes voice phishing a one-person job Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-20.md

Cleartext Week in Review – April 18, 2026 This week's major themes and key developments: • Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant • ZionSiphon malware designed to sabotage water treatment systems • US nationals sentenced for aiding North Korea’s tech worker scheme • FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-18.md

Cleartext – April 17, 2026 Today's briefing covers: • US nationals sentenced for aiding North Korea’s tech worker scheme • ZionSiphon malware designed to sabotage water treatment systems • Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware • New ATHR vishing platform uses AI voice agents for automated attacks Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-17.md

Cleartext – April 16, 2026 Today's briefing covers: • Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant • Two US nationals jailed over scheme that generated $5 million for the North Korean regime • UK warns businesses to address cyber risks amid Anthropic AI panic • Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway. Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-16.md

Cleartext – April 15, 2026 Today's briefing covers: • CISA Workers Recalled Despite Shutdown • Sweden says pro-Russian hackers attempted to breach thermal power plant • We’re only seeing the tip of the chip-smuggling iceberg • OpenAI Touts Wider Access to Its New Cyber Model Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-15.md

Cleartext – April 14, 2026 Today's briefing covers: • APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials • FBI takedown of W3LL phishing service leads to developer arrest • CSA: CISOs Should Prepare for Post-Mythos Exploit Storm • OpenAI’s Mac apps need updates thanks to the Axios hack Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-14.md

Cleartext Week in Review – April 11, 2026 This week's major themes and key developments: • Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn • Feds quash widespread Russia-backed espionage network spanning 18,000 devices • Do Ceasefires Slow Cyberattacks? History Suggests Not • Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-11.md

Cleartext – April 10, 2026 Today's briefing covers: • Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs • Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’ • Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook • To counter cookie theft, Chrome ships device-bound session credentials Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-10.md

Cleartext – April 09, 2026 Today's briefing covers: • Iran-linked hackers disrupt operations at US critical infrastructure sites • US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure • APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies • Breach exposes sensitive LAPD files stored in city attorney system Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-09.md

Cleartext – April 08, 2026 Today's briefing covers: • US Critical Infrastructure Facing Iranian-Linked OT Threats • Feds quash widespread Russia-backed espionage network spanning 18,000 devices • Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems • Cybercrime losses jumped 26% to $20.9 billion in 2025 Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-08.md

Cleartext – April 07, 2026 Today's briefing covers: • China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware • German police unmask two suspects linked to REvil ransomware gang • Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations • Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-07.md

Cleartext Week in Review – April 04, 2026 This week's major themes and key developments: • Risky Bulletin: Iranian password sprays came first, then came the missiles • Medtech giant Stryker says it’s back up after Iranian cyberattack • China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing • CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-04.md

Cleartext – April 03, 2026 Today's briefing covers: • Medtech giant Stryker says it’s back up after Iranian cyberattack • House Dems decry confirmed ICE usage of Paragon spyware • Software supply chain hacks trigger wave of intrusions, data theft • Akira ransomware group can achieve initial access to data encryption in less than an hour Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-03.md

Cleartext – April 02, 2026 Today's briefing covers: • European-Chinese geopolitical issues drive renewed cyberespionage campaign • Iran-linked actors target Middle Eastern city governments to undermine missile-strike responses • Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected • In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-02.md

Cleartext – April 01, 2026 Today's briefing covers: • Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069 • Risky Bulletin: Iranian password sprays came first, then came the missiles • Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations • ‘Missed opportunity’: US government’s absence from RSAC Conference leaves stark void Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-04-01.md

Cleartext – March 31, 2026 Today's briefing covers: • Iranian Cyberthreats Test US Infrastructure Defenses • ‘Missed opportunity’: US government’s absence from RSAC Conference leaves stark void • Axios npm packages backdoored in supply chain attack • Stryker restores most manufacturing after cyberattack Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-31.md

Cleartext – March 30, 2026 Today's briefing covers: • FBI confirms hack of Director Patel's personal email inbox • Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign • European Commission confirms data breach after Europa.eu hack • Healthcare software firm CareCloud informs SEC of potential patient data leak Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-30.md

Cleartext Week in Review – March 28, 2026 This week's major themes and key developments: • DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses • Coruna, DarkSword & Democratizing Nation-State Exploit Kits • FBI confirms theft of director’s personal emails by Iran-linked hacking group • China Upgrades the Backdoor It Uses to Spy on Telcos Globally Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-28.md

Cleartext – March 26, 2026 Today's briefing covers: • CISA Forced Into 'Reactive' Cyber Posture Amid Shutdown • US: FCC Bans Foreign-Made Routers Over National Security Concerns • Srsly Risky Biz: Why get a warrant when you have Kash? • Google moves post-quantum encryption timeline up to 2029 Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-26.md

Cleartext – March 25, 2026 Today's briefing covers: • US: FCC Bans Foreign-Made Routers Over National Security Concerns • DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses • UK cyber chief urges ‘full court press’ to counter rising cyber threats • Stryker says malware was involved in recent cyberattack as production lines reopen Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-25.md

Cleartext – March 24, 2026 Today's briefing covers: • Self-propagating malware poisons open source software and wipes Iran-based machines • DOE Sets 5-Year Plan to Harden US Grid Against Cyberattacks • FBI warns of Russian, Iranian cyber activity involving messaging platforms • Trivy supply-chain attack spreads to Docker, GitHub repos Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-24.md

Cleartext – March 23, 2026 Today's briefing covers: • FBI Seizes Iranian Online Leak Sites After Stryker Hack • Russian hackers go after high-value targets through Signal • Texas Gov. Orders State Review of Chinese-Made Medtech • Operation Alice Takes Down 370,000+ Dark Web Sites Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-23.md

Cleartext Week in Review – March 21, 2026 This week's major themes and key developments: • FBI seizes Handala data leak site after Stryker cyberattack • CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices • DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover • Srsly Risky Biz: Successful war leaves Iran with one option, its cyber forces Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-21.md

Cleartext – March 20, 2026 Today's briefing covers: • Feds Disrupt IoT Botnets Behind Huge DDoS Attacks • The Danger Behind Meta Killing End-to-End Encryption for Instagram DMs • FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker • Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-20.md

Cleartext – March 19, 2026 Today's briefing covers: • Srsly Risky Biz: Successful war leaves Iran with one option, its cyber forces • Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild • EU Sanctions Companies in China, Iran for Cyberattacks • EDR killers are now standard equipment in ransomware attacks Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-19.md

Cleartext – March 18, 2026 Today's briefing covers: • CISA official says agency has not seen uptick in cyber threats amid Iran war • EU Belatedly Sanctions Chinese and Iranian Hackers • Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices • GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-18.md

Cleartext – March 17, 2026 Today's briefing covers: • EU sanctions Chinese company behind 65,000-device hack • China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years • OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert • Stryker attack wiped tens of thousands of devices, no malware needed Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-17.md

Cleartext – March 16, 2026 Today's briefing covers: • ISMG Editors: Iran Conflict Expands Into Cyber Warfare • Washington is right: Cybercrime is organized crime. Now we need to shut down the business model • The ransomware economy is shifting toward straight-up data extortion • Telus Digital confirms hack as ShinyHunters claims credit for massive data theft Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-16.md

Cleartext Week in Review – March 14, 2026 This week's major themes and key developments: • Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker • US entities face heightened cyber risk related to Iran war • Iran MOIS Colludes With Criminals to Boost Cyberattacks • Risky Bulletin: Gen. Joshua Rudd confirmed as next CyberCom and NSA head Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-14.md

Cleartext – March 13, 2026 Today's briefing covers: • Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict • Officials worry Salt Typhoon apathy is killing momentum for tougher telecom security rules • AI-generated Slopoly malware used in Interlock ransomware attack • Stryker tells SEC that timeline for recovery from cyberattack unknown Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-13.md

Cleartext – March 12, 2026 Today's briefing covers: • Medical device giant Stryker confirms cyberattack as employees say devices were wiped • Srsly Risky Biz: President Trump's best ever cyber strategy • ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites • Modernizing HIPAA: Are You Ready? Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-12.md

Cleartext – March 11, 2026 Today's briefing covers: • Rudd confirmed to head NSA, Cyber Command after near year-long vacancy • US entities face heightened cyber risk related to Iran war • US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine • DOGE employee stole Social Security data and put it on a thumb drive, report says Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-11.md

Cleartext – March 10, 2026 Today's briefing covers: • White House Cyber Strategy Prioritizes Offense • US entities face heightened cyber risk related to Iran war • Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials • An iPhone-hacking toolkit used by Russian spies likely came from U.S military contractor Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-10.md

Cleartext – March 09, 2026 Today's briefing covers: • China-Linked Hackers Use Malware Trio for Telecom Espionage • Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime • How AI Assistants are Moving the Security Goalposts • Why Claude Code Security Has Shaken the Cybersecurity Market Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-09.md

Cleartext Week in Review – March 07, 2026 A look back at the week's most important cybersecurity stories for CISOs and security leaders. Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-07.md

Cleartext – March 06, 2026 Today's briefing covers: • Tech Giants, Washington Rally for Anthropic in Pentagon Feud • Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor • Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform • From Ukraine to Iran, Hacking Security Cameras Is Now Part of War’s ‘Playbook’ Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-06.md

Cleartext – March 05, 2026 Today's briefing covers: • Srsly Risky Biz: The four hour cyber war on Iran • 149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict • Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance • Google says 90 zero-days exploited in 2025 as commercial vendor activity grows Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-05.md

Cleartext – March 04, 2026 Today's briefing covers: • Risky Bulletin: Cyber Command conducted cyberattacks ahead of Iran strikes • Pro-Russia actors team with Iran-linked hackers in attacks • Possible U.S.-developed exploits linked to first known ‘mass’ iOS attack • Sprawling FBI, European operation takes down Leakbase cybercriminal forum Show notes & sources: https://storage.googleapis.com/cleartext-podcast/show_notes/episode_2026-03-04.md