The DOT Report

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our April edition covers concerns around restricted AI systems being accessed outside intended controls, a confirmed breach at Vercel tied to a third-party integration, an international takedown of a global phishing platform, a social engineering-driven breach affecting Hims & Hers, and rising cyber risk tied to global events like the Olympics and World Cup. Then we’ll get into warnings around large-scale hacktivist attacks in the UK, ongoing security gaps across the entertainment industry, and a groundbreaking federal case involving cybersecurity professionals accused of working with ransomware actors.

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our March edition covers a device code phishing campaign impacting Microsoft 365 organizations, a hacker sentenced for enabling ransomware attacks, CISA warnings on actively exploited Apple and web application flaws, a DOJ disruption of massive IoT botnets, a new U.S. energy cybersecurity strategy, the takedown of the Tycoon 2FA phishing platform, a cyberattack affecting Stryker, and Google’s $32 billion acquisition of Wiz. 

The DOT Report reviews the biggest stories and headlines in the cybersecurityspace each month. Our February edition covers an AI-assisted campaign thatcompromised more than 600 FortiGate firewalls worldwide, CISA’s reorganization of itsCybersecurity Division, a Ukrainian national sentenced in a U.S. identity fraud case, aclaimed Wendy’s franchise data breach, a BeyondTrust flaw used to deploy web shells, anINTERPOL operation resulting in multiple cybercrime arrests, malicious fake IPTV appsspreading Android malware, and new research showing AI agents routinely ignore security

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our January edition covers Europol’s arrest of dozens of Black Axe cybercrime members, a newly disclosed attack technique targeting Microsoft Copilot, malicious AI-powered developer tools and browser extensions stealing source code, emerging methods for hacking vehicles and EV infrastructure, an actively exploited email server authentication bypass, a critical flaw in the AWS console that risked build environment compromise, fake AI Chrome extensions harvesting user data, and ongoing healthcare breaches despite strengthened defenses. 

Podcast description: The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our December edition covers the two vulnerabilities that Google is actively working to patch, four new phishing kits that have hit the market, the information leaks from Spyware firm Intellexa, a bipartisan bill introduced to reinstate cybersecurity grant programs, the Inotiv breach that exposed personal information and research data, Axis Communication’s commitment to the CISA Secure by Design pledge, and the ongoing campaign targeting Zendesk. 

Podcast description: The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our November edition covers the record-breaking 15.72 Tbps DDoS attack mitigated by Microsoft, the guilty pleas of five U.S. citizens in a billion-dollar identity fraud scheme, the SEC’s dismissal of the long-running SolarWinds case, the TamperedChef malware campaign exploiting fake software installers, critical vulnerabilities in railway braking systems, a sophisticated phishing tool bypassing Microsoft 365 defenses, the cyberattack that hit Jaguar Land Rover’s factories and finances, and finally, the surge in operational technology attacks impacting industrial networks globally. 

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our October issue covers the discovered flaw in the FIA driver portal, the new Android trojan malware dubbed Herodotus, a variety of compromised Google Chrome extensions used in a WhatsApp spam campaign, the theft of millions in the form of gift cards, the certificates Microsoft has recently purged for security reasons, a massive credential harvesting campaign, how Europol shut down a massive SIM farm, and lastly, the ‘glassworm’ attack that’s disrupting the supply chain.

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our September report features an examination of the 17,000+ phishing domains that popped up, the arrest of two Scattered Spider hackers, the details of TA558’s most recent campaign, and the ShadowLeak AI flaw leaking Gmail data. Plus, our report this month covers the eruption of synthetic identity fraud, the new file corruption tactic known as FileFix, and how the ransomware HybridPetya bypasses secure boot protocols.

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our August report features a look into QuirkyLoader, the Scattered Spider hacker sentenced to 10 years in prison, the PromptFix exploit that’s tricking AI platforms, and the GodRAT trojan aimed at trading firms. Then, we’ll get into the charges Ethan Foltz is facing for running a DDoS-for-hire service, the dismantling of a fake ID marketplace known as VerifTools, the zero-click exploit patched by WhatsApp, and lastly, discuss the first documented AI ransomware. 

The DOT Report reviews the biggest stories and headlines in the cybersecurity space each month. Our July report features a look into the NASCAR breach, how data stored at Tea was accessed, the 1.5 million customers impacted by the Allianz Life breach, and the phishing campaign targeting the Department of Education. This month’s report also covers the Zero-Day flaw that allowed a breach at the US Nuclear Agency, provides an update to the North Korean employment scam, reviews new findings about printer security, and all wraps up with an overview of the breach at Dell. 

The DOT Report is a monthly cybersecurity news series where we cover all the latest headlines and biggest stories.  In our first episode, covering June 2025, we’ll be looking at the $7.74M the US seized in cryptocurrency related to the ongoing North Korean employment scam. Then we’ll discuss how over 1,500 Minecraft players were unwittingly infected with JavaScript Malware, the data wipe feature added to Anubis ransomware, and the 269,000 websites infected by JSFireTruck. Additionally, we’ll look into the recent ban the US House put on WhatsApp for government devices, the ‘call a lawyer’ feature added to Qilin ransomware products, the echo chamber attack compromising large language models, and Scattered Spiders $592 million cyberattack.