You've Already Been Hacked

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: AI Export Controls, Defender Zero-Day & APT28 Attacks - 2026-06-19Episode Number: 3x53OverviewWeekly roundup of the most critical cybersecurity developments from 2026-06-14 to 2026-06-18. The White House forces Anthropic to restrict AI model access, Microsoft's own Defender gets a zero-day, Russian hackers exploit Office within hours of disclosure, Splunk Enterprise falls to unauthenticated RCE, and Kodak gets hit by ShinyHunters. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.Guest InformationNone this episodeTopics Covered* AI export controls and government intervention in AI safety* Microsoft Defender RoguePlanet zero-day privilege escalation* APT28 rapid weaponization of Office zero-day against Ukraine/EU* Splunk Enterprise unauthenticated RCE zero-day (CVE-2026-20253)* ShinyHunters extortion campaign targeting Oracle PeopleSoft usersTop Stories1. The Korean Telecom Giant at the Center of Anthropic's Mythos Controversy - https://www.wired.com/story/sk-telecom-anthropic-mythos-export-controls/2. Microsoft Defender Zero-Day 'RoguePlanet' - CVE-2026-50656 - https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html3. Russian APT28 Exploits Microsoft Office Zero-Day Hours After Disclosure - CVE-2026-21509 - https://thecyberexpress.com/russian-apt28-exploit-zero-day-cve-2026-21509/4. Splunk Enterprise Zero-Day — CVE-2026-20253 — https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/5. Kodak Confirms Data Breach as ShinyHunters Threatens 2.2M Record Leak - https://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadlineResources & Links* CISA Known Exploited Vulnerabilities Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog* CERT-UA Advisory on CVE-2026-21509: https://cert.gov.ua/* Microsoft Security Response Center: https://msrc.microsoft.com/* Splunk Security Advisory CVE-2026-20253: https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/Call to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: ShinyHunters Just Hit 100+ Companies — And Microsoft Dropped 200 Patches in One DayEpisode Number: 352OverviewWeekly roundup of the most critical cybersecurity developments from 2026-06-07 to 2026-06-11. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.Guest InformationNone this episodeTopics Covered* Oracle PeopleSoft zero-day exploited by ShinyHunters across 100+ organizations* University of Nottingham breach — 40GB of student data leaked* Maine breach portal weaponized for fake disclosure misinformation* CISA KEV listing: actively exploited Magento RCE (CVE-2026-45247)* Microsoft record Patch Tuesday: 200 vulnerabilities, 6 zero-days, BitLocker bypassesTop Stories1. Oracle warns of security bug that hackers abused to breach 100+ companies | TechCrunch - https://techcrunch.com/2026/06/11/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies/Additional Cybersecurity News – Titles and URLs2. Maine breach portal abused to publish fake data breach disclosures - https://www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/3. ShinyHunters Leak 40GB of University of Nottingham Student Data - https://hackread.com/shinyhunters-university-of-nottingham-student-data-leak/4. CISA Lists Actively Exploited Magento RCE — CVE-2026-45247 - https://cipherssecurity.com/cve-2026-45247-magento-mirasvit-rce-cisa-kev/5. Microsoft June Patch Tuesday fixes 6 zero-days and 200 flaws — a record-breaking month - https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-3-zero-day-200-flaws/Resources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk*Cyber CowboyCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam---## EPISODE TITLEFBI FLASH Alert: Ransomware Gang Sending Fake IT Workers Into Law FirmsEpisode Number: 351---## EPISODE DESCRIPTIONThe Silent Ransom Group just crossed from cyber into the physical world — and the FBI's highest-urgency FLASH alert is their warning. Russia-linked extortion operatives are walking into law firm offices disguised as IT support, plugging in USB drives, and stealing data when remote social engineering fails. We break down the full attack chain, the 100+ firms hit so far, and why Jones Day (yes, Trump's lawyers) is on their leak site.Plus this week: A Cisco SD-WAN zero-day with NO PATCH that gives attackers root across your entire network fabric. An AI-discovered "HTTP/2 Bomb" that can take down any major web server in seconds — found by OpenAI's own Codex. Google and YouTube ads silently delivering a macOS backdoor that passed Apple notarization. And how Grafana Labs got hit by the same npm supply chain attack that compromised OpenAI and Mistral.Links to all stories below. Subscribe for weekly threat intelligence breakdowns.----## STORY LINKS**Silent Ransom Group FBI Alert:** https://techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/**Cisco SD-WAN 0-Day (CVE-2026-20245):** https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/**HTTP/2 Bomb (CVE-2026-49975):** https://cybersecuritynews.com/http-2-bomb-remote-dos-exploit/**Operation FlutterBridge:** https://unit42.paloaltonetworks.com/flutterbridge-new-fluttershell-backdoor/**Grafana Labs Supply Chain Breach:** https://thehackernews.com/2026/05/grafana-github-breach-exposes-source.htmlCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRiskCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: AI Is Now the Weapon — GreyVibe, BTMOB, and the New Attack PipelineEpisode Number: 350OverviewThis week: A Russian-linked threat group called GreyVibe is weaponizing ChatGPT, Google Gemini, and Ideogram AI to run sophisticated cyberespionage campaigns against Ukrainian targets across military, government, and civilian sectors. ESET documents BTMOB, an Android RAT sold as malware-as-a-service with a point-and-click builder for generating custom phishing payloads. Perplexity launches Bumblebee, an open-source developer supply chain scanner. And we look at how social engineering on gaming platforms like Roblox is leading to malware infections and extortion attempts targeting younger demographics.Guest InformationNone this episodeTopics Covered* GreyVibe threat group uses AI tools (ChatGPT, Gemini, Ideogram) for cyberespionage against Ukrainian targets* BTMOB Android RAT-as-a-service with graphical APK builder for custom phishing payloads* Perplexity launches Bumblebee open-source developer supply chain scanner* Roblox social engineering campaign leads to malware infection and cookie-logging extortionTop Stories1. GreyVibe hackers use ChatGPT, Gemini to power cyberattacks - https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/Additional Cybersecurity News - Titles and URLs2. BTMOB Android malware service generates custom phishing payloads - https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/3. Perplexity launches Bumblebee: open-source read-only dev supply chain scanner - https://www.zdnet.com/article/perplexity-launches-bumblebee-how-its-new-read-only-dev-scanner-differs-from-chainguard/4. Roblox social engineering leads to malware infection and extortion - https://www.bleepingcomputer.com/forums/t/816420/malware-extortion-and-cookie-logging/Resources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Netherlands Seizes 800 Servers in Pro-Russian Cyber Takedown + Microsoft Defender Zero-DaysEpisode Number: 349OverviewThis week: Dutch authorities dismantle a massive bulletproof hosting operation linked to pro-Russian cyberattacks, seizing 800 servers and arresting two suspects. Microsoft confirms two actively exploited zero-days in Windows Defender and rushes emergency mitigation for a BitLocker bypass vulnerability. A solo researcher's six-week campaign of retaliatory zero-days against Microsoft is now being weaponized by ransomware groups. And Foxconn confirms a Nitrogen ransomware attack stole 8TB of data including network topology maps for Intel, Google, and other major tech firms.Guest InformationNone this episodeTopics Covered* Netherlands seizes 800 servers of hosting firm enabling pro-Russian cyberattacks* Two actively exploited Microsoft Defender zero-days (CVE-2026-41091, CVE-2026-45498)* YellowKey BitLocker bypass zero-day - emergency manual mitigation required* Nightmare-Eclipse: six zero-days targeting Windows core security stack* Foxconn Nitrogen ransomware attack - 8TB stolen, supply chain implicationsTop Stories1. Netherlands Seizes 800 Servers, Arrests Two in Major Takedown of Pro-Russian Cyberattack Hosting Infrastructure - https://www.bleepingcomputer.com/news/security/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/Additional Cybersecurity News - Titles and URLs2. Microsoft Warns of Two Actively Exploited Defender Zero-Days - Patches Rolling Out - https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/3. Microsoft Rushes Emergency Mitigation for YellowKey - BitLocker Bypass Zero-Day - https://cybersecuritynews.com/windows-bitlocker-yellowkey-mitigation/4. Nightmare-Eclipse - Six Zero-Days, Six Weeks, One Big Grudge - https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge5. Foxconn Confirms Nitrogen Ransomware Attack - 8TB Stolen Including Network Topology Maps - https://cybersecuritynews.com/foxconn-confirms-cyberattack/Resources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Breached, Stolen, Encrypted This Week's Cyber Threat TrifectaEpisode Number: 349OverviewWeekly roundup of the most critical cybersecurity developments from 2026-05-10 to 2026-05-14. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.Guest InformationNone this episodeTopics Covered* Main threat analysis and implications* Emerging AI security challenges* Vulnerability disclosures and patches* Threat landscape updatesTop Stories1. Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/Additional Cybersecurity News – Titles and URLs2. TeamPCP hackers advertise Mistral AI code repos for sale - https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/3. Red Hat outlines sovereign AI strategy amid growing regulation and control concerns - https://siliconangle.com/2026/05/14/red-hat-outlines-sovereign-ai-strategy-amid-growing-regulation-control-concerns/4. .VER_TU-[random string] has encrypted my files (Mimic/Pay2Key) - https://www.bleepingcomputer.com/forums/t/816096/ver-tu-random-string-has-encrypted-my-files-mimicpay2key/Resources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: 9,000 Schools Hacked, AI Used as Malware Bait, and the IMF Sounds the AlarmEpisode Number: TBDAir Date: 2026-05-08OverviewIt was a rough week for education, AI trust, and global finance. Join Professor CyberRisk and Cyber Cowboy Live as they break down the biggest cybersecurity stories from 2026-05-03 to 2026-05-07 — including a massive Canvas LMS breach affecting 275 million users, attackers using fake AI sites to spread new malware, and the IMF warning that advanced AI could trigger a systemic shock to global financial markets.Guest InformationNone this episodeTop Stories1. Duke among 9,000 schools affected by Canvas cyberattack - The Duke Chronicle The threat group ShinyHunters breached Instructure's Canvas LMS, defacing login pages and exfiltrating over 3.65 TB of data across nearly 9,000 institutions worldwide — affecting an estimated 275 million users. https://slashdot.org/firehose.pl?op=view&id=1831568902. Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware Attackers built a convincing fake site for a popular AI tool, using SEO poisoning and malvertising to deliver a new backdoor called Beagle via DLL sideloading. https://hackread.com/hackers-fake-claude-ai-site-infect-beagle-malware/3. Akamai shares surge 26% on $1.8B AI infrastructure deal as Q1 results meet estimates Akamai is doubling down on AI-powered security with a major acquisition, signaling where the industry is heading. https://siliconangle.com/2026/05/07/akamai-shares-surge-26-1-8b-ai-infrastructure-deal-q1-results-meet-estimates/4. IMF Warns New AI Models Risk 'Systemic' Shock To Finance The IMF is raising red flags about AI-powered cyberattacks targeting the highly interconnected global financial system — and the potential for cascading consequences. https://news.slashdot.org/story/26/05/07/200212/imf-warns-new-ai-models-risk-systemic-shock-to-financeTopics Covered* Canvas LMS breach: scope, impact, and what schools should do now* How attackers are weaponizing AI brand trust to spread malware* Akamai's AI security acquisition and what it signals for the industry* IMF's warning on AI-driven systemic risk to global financeResources & LinksNone this episodeCall to Action* Subscribe to stay ahead of the latest cybersecurity threats every week* Leave a review and let us know what stories you want covered* Join the conversation in our Discord community — links belowSponsorsNo sponsors this episodeConnect With Us* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence – Spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Kernel Exploits, Compromised Repos, and a Global Fraud BustEpisode Number: 3x47OverviewWeekly roundup of the most critical cybersecurity developments from 2026-04-26 to 2026-04-30. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most for your security operations.Guest InformationNone this episodeTopics Covered* Critical Linux kernel privilege escalation vulnerability "Copy Fail" threatening major distributions* Apple patches iOS flaw that allowed FBI access to deleted Signal messages* cPanel authentication bypass CVE-2026-41940 actively exploited across 1.5M+ exposed instances* PyTorch Lightning PyPI supply chain attack harvesting developer credentials and crypto wallets* FBI-led global operation busts 276 in crypto pig-butchering crackdown across 9 scam centersTop Story1. As the Most Severe Linux Threat in Years Surfaces, the World Scrambles – Ars Technicahttps://slashdot.org/firehose.pl?op=view&id=183083220Additional Cybersecurity News – Titles and URLs2. Apple Plugs Security Hole That Enabled FBI to Access Deleted Signal Messages on iPhonehttps://www.cnet.com/tech/mobile/apple-plugs-iphone-hole-that-enabled-fbi-to-access-deleted-signal-messages/3. Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediatelyhttps://thehackernews.com/2026/04/critical-cpanel-authentication.html4. PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentialshttps://thehackernews.com/2026/04/pytorch-lightning-compromised-in-pypi.html5. Coordinated Takedown of Scam Centers Leads to at Least 276 Arrests – DOJhttps://www.justice.gov/opa/pr/coordinated-takedown-scam-centers-leads-least-276-arrests-alleged-managers-and-recruitersResources & LinksNone this episodeCall to Action* Subscribe: Stay updated on the cybersecurity threats that matter most.* Leave a Review: Let us know what you think of the show.* Join the Conversation: Follow our community and ask questions.SponsorNo sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Quantum Ransomware Is Here. You're Not ReadyEpisode Number: 3x46OverviewWeekly roundup of the most critical cybersecurity developments from 2026-04-19 to 2026-04-23. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most.Guest InformationNone this episodeTopics Covered* Main threat analysis and implications* Emerging AI security challenges* Vulnerability disclosures and patches* Threat landscape updatesTop Stories1. Hackers exploit file upload bug in Breeze Cache WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/Additional Cybersecurity News – Titles and URLs2. Cyera acquires Ryft to give enterprises traceable data access for AI agents - https://siliconangle.com/2026/04/23/cyera-acquires-ryft-give-enterprises-traceable-data-access-ai-agents/3. Bitwarden CLI is the next compromise in supply chain campaign - https://slashdot.org/submission/17346688/bitwarden-cli-is-the-next-compromise-in-supply-chain-campaign4. In a first, a ransomware family is confirmed to be quantum-safe - https://slashdot.org/firehose.pl?op=view&id=1819601885. Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet - https://www.wired.com/story/fast16-malware-stuxnet-precursor-iran-nuclear-attack/Resources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts• Professor CyberRisk• Cyber Cowboy---Live Cyber MapsBitdefender Threat Map — https://threatmap.bitdefender.com/Checkpoint Threat Map — https://threatmap.checkpoint.com/Kaspersky Cyber Threat Map — https://cybermap.kaspersky.com/Talos Intelligence (EBC Spam Map) — https://talosintelligence.com/ebc_spam---Episode InformationTitle: NIST Pulls Back: CVE Enrichment Limits Shake the IndustryEpisode Number: 3x45---OverviewThis week, the cybersecurity world reacted to NIST’s decision to scale back automatic CVE enrichment after a massive surge in vulnerability submissions. We break down what this means for defenders, vendors, and anyone relying on the NVD for prioritization. We also cover major developments in AI infrastructure, government–AI relations, and the rapidly growing AI chip market.---Guest InformationNone this episode---Topics Covered• NIST’s new CVE enrichment limits• AI’s shifting role in government cybersecurity• Enterprise AI infrastructure consolidation• AI chip market expansion and IPO activity---Top Stories1. NIST Limits CVE Enrichment After 263% Surge in SubmissionsNIST is restricting automatic CVE enrichment due to overwhelming volume growth. Only CVEs tied to KEV, federal software, or EO 14028 critical software will be prioritized. Everything else risks being marked “Not Scheduled.”Source: https://it.slashdot.org/story/26/04/17/2127243/nist-limits-cve-enrichment-after-263-surge-in-vulnerability-submissions (it.slashdot.org in Bing)2. Anthropic’s New Cybersecurity Model Reopens Doors in WashingtonAfter months of tension with the administration, Anthropic’s “Claude Mythos Preview” — a defensive cybersecurity model — appears to be improving relations with federal leadership.Source: https://www.theverge.com/ai-artificial-intelligence/914229/tides-turning-anthropic-trump-administration-cybersecurity-mythos-preview (theverge.com in Bing)3. Dell & Nvidia Position AI Infrastructure as the New Enterprise Power CenterA major partnership aims to unify Dell’s server ecosystem with Nvidia’s GPU dominance, creating a turnkey AI infrastructure stack for enterprises.Source: https://siliconangle.com/2026/04/17/dell-nvidia-push-ai-infrastructure-aifactoriesdatacenters/ (siliconangle.com in Bing)4. Cerebras Systems Files for IPO Amid Explosive GrowthAI chipmaker Cerebras is heading toward one of the largest tech IPOs in recent years after reporting massive revenue gains.Source: https://siliconangle.com/2026/04/17/ai-chip-developer-cerebras-systems-files-go-public-amid-rapid-revenue-growth/ (siliconangle.com in Bing)---Additional Cybersecurity News – Titles and URLs• NIST Limits CVE Enrichment After 263% Surge In Vulnerability Submissions — https://it.slashdot.org/story/26/04/17/2127243/nist-limits-cve-enrichment-after-263-surge-in-vulnerability-submissions (it.slashdot.org in Bing)• Anthropic’s Cybersecurity Model May Repair Government Relations — https://www.theverge.com/ai-artificial-intelligence/914229/tides-turning-anthropic-trump-administration-cybersecurity-mythos-preview (theverge.com in Bing)• Dell & Nvidia Turn AI Infrastructure Into Enterprise Power Center — https://siliconangle.com/2026/04/17/dell-nvidia-push-ai-infrastructure-aifactoriesdatacenters/ (siliconangle.com in Bing)• Cerebras Systems Files for IPO Amid Rapid Growth — https://siliconangle.com/2026/04/17/ai-chip-developer-cerebras-systems-files-go-public-amid-rapid-revenue-growth/ (siliconangle.com in Bing)---Resources & LinksNone this episode---Call to Action• Subscribe: Stay updated on cybersecurity threats.• Leave a Review: Let us know what you think.• Join the Conversation: Follow our community and ask questions.---Sponsor (if applicable)No sponsors this episode---Podcast Socials & Website• Website: https://www.youvealreadybeenhacked.com• X: @professorcyberrisk• YouTube: https://www.youtube.com/@YABHPodcast• Discord — The Neural Network: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber CowboyCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: LucidRook, Ransomware, and AI FalloutEpisode Number: 344Guest InformationNone this episodeTopics Covered* Main threat analysis and implications* Emerging AI security challenges* Vulnerability disclosures and patches* Threat landscape updatesTop Stories1. New ‘LucidRook’ malware used in targeted attacks on NGOs, universities - https://www.bleepingcomputer.com/news/security/new-lucidrook-malware-used-in-targeted-attacks-on-ngos-universities/Additional Cybersecurity News – Titles and URLs2. Florida AG announces investigation into OpenAI over shooting that allegedly involved ChatGPT | TechCrunch - https://techcrunch.com/2026/04/09/florida-ag-investigation-openai-chatgpt-shooting/3. Healthcare IT solutions provider ChipSoft hit by ransomware attack - https://www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/4. After data breach, $10B valued startup Mercor is having a month | TechCrunch - https://techcrunch.com/2026/04/09/after-data-breach-10b-valued-startup-mercor-is-having-a-month/5. Barcelona complain to Uefa about VAR in Atletico loss - https://www.bbc.com/sport/football/articles/cr41dq4pywxoResources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Hijacking the Machines: The New AI Attack SurfaceEpisode Number: 3x43Guest InformationNone this episodeTopics Covered* Main threat analysis and implications* Emerging AI security challenges* Vulnerability disclosures and patches* Threat landscape updatesTop Stories1. Google Researchers Reveal Every Way Hackers Can Trap, Hijack AI Agents - https://decrypt.co/363201/google-researchers-reveal-every-way-hackers-can-trap-hijack-ai-agentsAdditional Cybersecurity News – Titles and URLs2. Mercor, a $10 billion AI startup that works with companies including OpenAI and Anthropic, confirms major data breach - https://fortune.com/2026/04/02/mercor-ai-startup-security-incident-10-billion/3. The democratisation of business email compromise fraud - https://blog.talosintelligence.com/the-democratisation-of-business-email-compromise-fraud/4. Critical Cisco IMC auth bypass gives attackers Admin access - https://www.bleepingcomputer.com/news/security/critical-cisco-imc-auth-bypass-gives-attackers-admin-access/5. Maintaining cyber control when AI can act autonomously - https://www.techradar.com/pro/maintaining-cyber-control-when-ai-can-act-autonomouslyResources & LinksNone this episodeCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.SponsorNo sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE---

Hosts• Professor CyberRisk• Cyber Cowboy---Live Cyber Maps• Bitdefender Threat Map — https://threatmap.bitdefender.com/• Check Point Threat Map — https://threatmap.checkpoint.com/• Kaspersky Cyber Threat Map — https://cybermap.kaspersky.com/• Talos Intelligence Spam Map — https://talosintelligence.com/ebc_spam---Episode InformationTitle: Vibe Coding’s Hidden Cost: AI‑Generated Code Is Creating Real CVEsEpisode Number: March 27, 2026---OverviewSecurity researchers at Georgia Tech have uncovered a disturbing trend: AI coding assistants are now directly responsible for at least 35 newly reported CVEs, each introduced by AI‑generated code. This marks a fundamental shift in software security — vulnerabilities are no longer just human mistakes or malicious injections, but systemic flaws created by the tools meant to accelerate development.This episode explores how AI‑generated vulnerabilities, leaked iPhone exploits, macOS malware using fake CAPTCHAs, human psychology at RSAC 2026, and a cyberattack on medical device manufacturer Stryker all point to the same conclusion: the threat landscape is evolving faster than traditional defenses can keep up.From the document:“At least 35 new Common Vulnerabilities and Exposures entries have been identified where the flaw was introduced specifically by AI-generated code.”---Guest InformationNone this episode.---Topics Covered• AI‑generated vulnerabilities and the rise of “vibe coding”• Leaked nation‑state iPhone exploits targeting older devices• Infiniti Stealer: macOS malware using ClickFix and fake CAPTCHAs• RSAC 2026: Why phishing still works on everyone• Stryker cyberattack and the fragility of healthcare manufacturing---Top Stories1. AI‑Generated Code Is Creating Real CVEsGeorgia Tech researchers identify at least 35 CVEs introduced by AI coding tools.Link: https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/2. Leaked iPhone Exploits Leave Millions ExposedNation‑grade spyware targeting older iOS versions is now in the wild.Link: https://techcrunch.com/2026/03/26/apple-made-strides-with-ios-26-security-but-leaked-hacking-tools-still-leave-millions-exposed-to-spyware-attacks/3. Infiniti Stealer Targets macOS UsersA new infostealer uses fake CAPTCHA pages and ClickFix to trick users into running malicious commands.Link: https://www.malwarebytes.com/blog/threat-intel/2026/03/infiniti-stealer-a-new-macos-infostealer-using-clickfix-and-python-nuitka4. RSAC 2026: Phishing Still Works Because of Human PsychologyResearchers show that cognitive biases—not weak passwords—drive phishing success.Link: https://uk.pcmag.com/security/164040/rsac-2026-the-surprising-reason-phishing-still-works-on-everyone5. Stryker Recovers After Major CyberattackA cyberattack disrupts medical device manufacturing, highlighting cyber‑physical risk.Link: https://www.channelnewsasia.com/business/stryker-says-manufacturing-mostly-restored-after-cyberattack-6019376---Additional Cybersecurity News – Titles and URLsNone beyond the top stories this episode.---Resources & LinksNone this episode.---Call to Action• Subscribe: Stay updated on cybersecurity threats.• Leave a Review: Tell us what you think.• Join the Conversation: Follow our community and ask questions.---Sponsor (if applicable)No sponsors this episode.---Podcast Socials & Website• Website: https://www.youvealreadybeenhacked.com• X: @professorcyberrisk• YouTube: https://www.youtube.com/@YABHPodcast• Discord – The Neural Network: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Iran-Linked Hack Shuts Down Stryker Medical - AI Risks, 1B Record Leak & New Cyber StrategyEpisode Number: XxX (to be filled in)OverviewThis week's episode covers the devastating Iran-linked ransomware attack that shut down Stryker's global medical device infrastructure, China's CERT warning about OpenClaw security risks, a massive 1 billion record identity leak across 26 countries, the White House's new AI-first cyber defense strategy, and Anthropic's new institute for AI risk research.Guest InformationNone this episodeTopics Covered* Destructive ransomware attacks on critical healthcare infrastructure* Security risks of autonomous agentic AI systems* Massive data breaches and cloud security hygiene* U.S. National Cyber Strategy 2026 and AI-driven defense* Industry initiatives for AI safety and risk researchTop Stories1. Stryker Suffers Global Outage After Iran-Linked Hack - https://www.nbcnews.com/world/iran/iran-appears-conducted-significant-cyberattack-us-company-first-war-st-rcna263084Additional Cybersecurity News – Titles and URLs2. China's CERT Warns About OpenClaw's Security Risks - https://www.theregister.com/2026/03/12/china_cert_openclaw_security_warning/3. One-Billion-Record Identity Leak Exposed Across 26 Countries - https://www.breitbart.com/politics/2026/03/11/one-billion-identity-records-26-countries-exposed-data-leak/4. U.S. National Cyber Strategy 2026: AI-First Cyber Defense - https://www.elastic.co/blog/cyber-strategy-for-america5. Anthropic Launches Institute to Study AI Risks - https://siliconangle.com/2026/03/11/anthropic-launches-anthropic-institute-tackle-ai-risks/Resources & Links* Medical device firmware audit: Verify OTA update mechanisms enforce signed binaries* Cloud security review: Ensure all storage containers are private and encrypted* AI governance compliance: Adopt transparent model-audit trails and bias mitigation* Zero-Trust 4.0: Re-architect networks for continuous verificationCall to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts* Professor CyberRisk* Cyber Cowboy LiveCyber Maps (Live Threat Visualization)* Bitdefender Threat Map: https://threatmap.bitdefender.com/* Checkpoint Threat Map: https://threatmap.checkpoint.com/* Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/* Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Zero-Day Apocalypse: Google's WarningEpisode Number: 3x40OverviewThis week brings a perfect storm of zero-day exploits targeting enterprise systems. Professor CyberRisk and Cyber Cowboy Live break down Google Threat Intelligence's alarming report, plus four other stories that demand your attention. From iOS crypto scams to China-linked APTs, we cover what matters most.Guest InformationNone this episode - deep dive analysis from the hostsTopics Covered* Zero-day exploit surge targeting enterprise infrastructure* Nation-state actor activity and supply chain implications* Mobile security threats: iOS crypto scams* Zero Trust architecture implementations* 90 zero-days exploited in a single year - the new normal?Top Stories1. Google Threat Intelligence warns enterprise systems increasingly targeted by zero-day attacks https://siliconangle.com/2026/03/05/google-threat-intelligence-group-warns-enterprise-systems-increasingly-targeted-by-zero-day-exploits/Additional Cybersecurity News – Titles and URLs2. Google says spyware makers and China-linked groups dominated zero-day attacks last year - https://www.theregister.com/2026/03/05/zero_day_attacks_enterprise_tech_record/3. Google says 90 zero-days were exploited in attacks last year - https://www.bleepingcomputer.com/news/security/google-says-90-zero-days-were-exploited-in-attacks-last-year/4. iPhone Users Warned: Crypto Scams Can Trigger 'Coruna' iOS Exploits - https://www.newsbtc.com/news/iphone-users-warned-crypto-scams-can-trigger-coruna-ios-exploits/5. ThreatLocker launches Zero Trust network and cloud access to stop credential-based cyberattacks - https://www.globenewswire.com/news-release/2026/03/05/3250529/0/en/ThreatLocker-launches-Zero-Trust-network-and-cloud-access-to-stop-credential-based-cyberattacks.htmlResources & Links* NIST Zero Trust Architecture: https://csrc.nist.gov/publications/detail/sp/800-207/final* Google Threat Intelligence Report: See top story link above* CVE Database: https://cve.mitre.org/Call to Action* Subscribe: Stay updated on cybersecurity threats.* Leave a Review: Let us know what you think.* Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & Website* Website: https://www.youvealreadybeenhacked.com* X: @professorcyberrisk* YouTube: https://www.youtube.com/@YABHPodcast* Discord/Community Forum: https://discord.gg/cz3xdsrqAE

**“Your Pre‑Paid Card & Smart Home Are at Risk”**---### Hosts - **Professor CyberRisk** - **Cyber Cowboy**---### Episode Information **Episode Number:** 339**Overview:** In this episode we dive deep into a sudden surge of fraud on Yes Bank’s forex‑card, unpack the looming Australian IoT security law, explore how AI is turning honeypots into high‑yield threat‑intel labs, and look at the U.S. diplomatic push against global data‑sovereignty rules. We’ll give you the practical steps to safeguard your cards, devices, and data in 2026.---### Guest Information *No special guests this episode – the hosts tackle the stories directly.*---### Topics Covered | Topic | Key Take‑aways ||-------|----------------|| **Yes Bank Card Fraud Surge** | 15 Latin‑American merchants flagged; 2‑FA enforcement; bank’s new safeguards. || **Messaging‑Security Market Growth** | $36.82 B by 2033; AI‑driven detection; enterprise messaging as a target. || **Australia’s IoT Security Mandate** | Mandatory secure boot, encryption at rest, OTA updates; “security rating” system. || **AI‑Assisted Honeypots** | Deploy low‑interaction honeypots; use ML for triage; legal/ethical best practices. || **U.S. Diplomats vs. Data‑Sovereignty** | Pushback on global data regulations; implications for AI, national security, and business compliance. |---### Top Story **Yes Bank Ramps Up Security After Sudden Surge in Forex‑Card Fraud** *Source: [Economictimes.indiatimes.com](https://economictimes.indiatimes.com/industry/banking/finance/banking/yes-bank-tightens-safeguards-after-spike-in-forex-card-transaction-declines/articleshow/128801679.cms)* ---### Additional Cybersecurity News – Titles and URLs 1. **“Phishing & Ransomware Drive Messaging Security Market Surge”** – [Globenewswire.com](https://www.globenewswire.com/news-release/2026/02/26/3245179/0/en/Messaging-Security-Market-to-Surpass-USD-36-82-Billion-by-2033-Driven-by-Escalating-Phishing-and-Ransomware-Threats-SNS-Insider.html) 2. **“Australia Mandates Minimum Security Standards for Consumer Smart Devices”** – [Itnews.com.au](https://www.itnews.com.au/feature/security-for-smart-devices-time-to-step-forward-because-theres-nowhere-to-hide-623882) 3. **“Lessons Learned Running a Honeypot with AI Assistance”** – [ISC.SANS.edu](https://isc.sans.edu/diary/32744) 4. **“US Diplomatic Push Against Global Data‑Sovereignty Regulations”** – [Economictimes.indiatimes.com](https://economictimes.indiatimes.com/tech/technology/us-orders-diplomats-to-fight-data-sovereignty-initiatives/articleshow/128800080.cms) ---### Resources & Links | Resource | Link ||----------|------|| Live Cyber Threat Map – Bitdefender | <https://threatmap.bitdefender.com/> || Live Cyber Threat Map – Checkpoint | <https://threatmap.checkpoint.com/> || Live Cyber Threat Map – Kaspersky | <https://cybermap.kaspersky.com/> || Talos Intelligence – ebc_spam Map | <https://talosintelligence.com/ebc_spam> || Podcast Website | <https://www.youvealreadybeenhacked.com> || X (Twitter) | @professorcyberrisk || YouTube | <https://www.youtube.com/@YABHPodcast> || Discord / Community Forum | https://discord.gg/cz3xdsrqAE---### Call to Action - **Subscribe** – Stay updated on the latest cybersecurity threats. - **Leave a Review** – Tell us what you think so we can improve. - **Join the Conversation** – Follow us on X, YouTube, and Discord to ask questions and share insights. ---### Sponsor *None this episode.*

**What’s in this episode?** - **Top Story** – How generative AI is letting attackers spin up polymorphic ransomware in minutes. - **Support Stories** – New funding for AI‑driven vulnerability remediation, agentic chip design, a Def Con attendance shake‑up, and a Smashing Security podcast on internet sovereignty. - **Live Threat Maps** – See the world’s cyber threat landscape in real time. ---## 🌐 Live Cyber Threat Maps - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence ebc_spam Map** – https://talosintelligence.com/ebc_spam ---## 🔥 Top Story – AI‑Accelerated Malware **Title:** *AI‑Accelerated Malware: Hackers are Building More Sophisticated Threats in Half the Time* **Summary:** TechRadar shows that generative AI is slashing malware development time from days to minutes. Attackers can now produce polymorphic ransomware, encrypted payloads, key‑loggers, and fast exfiltration modules that bypass both signature and behavioral detection. The speed‑up gives attackers a 10× advantage over traditional development cycles. **Why it Matters:** - Speed & Scale - Complexity & Evasion - Skill Gap **What to Do:** 1. Adopt AI‑driven threat intel. 2. Implement behavior‑based monitoring. 3. Update incident‑response playbooks. 4. Train analysts on AI‑evolved threats. **Link:** https://www.techradar.com/pro/security/ai-is-helping-hackers-make-new-malware-faster-and-more-complex-than-ever-and-things-may-only-get-tougher ---## 💡 Additional Cybersecurity News | # | Title | Why it Matters | Link ||---|-------|----------------|------|| 1 | *Cogent Security Raises $42M to Scale AI Agents for Enterprise Vulnerability Remediation* | Automation at scale, faster patching, reduced human error | https://siliconangle.com/2026/02/18/cogent-security-raises-42m-scale-ai-agents-enterprise-vulnerability-remediation || 2 | *ChipAgents Secures $50M to Accelerate Agentic Chip Design* | Hardware‑level security, faster time‑to‑market, design automation | https://siliconangle.com/2026/02/18/chipagents-secures-50m-funding-accelerate-agentic-chip-design || 3 | *Def Con Bans Three Attendees Linked to Jeffrey Epstein* | Reputation risk, event security, industry precedent | https://techcrunch.com/2026/02/18/hacking-conference-def-con-bans-three-people-linked-to-epstein/ || 4 | *Smashing Security Podcast #455: Face Off – Meta’s Glasses & America’s Internet Kill Switch* | Policy debate, technical feasibility, cyber‑law implications | https://grahamcluley.com/smashing-security-podcast-455/ |---## 📣 Call to Action - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Tell us what you think – it helps the community grow. - **Join the Conversation**: Follow our community and ask questions. ---## 🎙️ Sponsor **No sponsors this episode** ---## 📲 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (formerly Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

## Episode Information **Episode Number:** XxX **Hosts:** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps:** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Live Cyber threat map (Checkpoint)** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – ebc_spam Map** – https://talosintelligence.com/ebc_spam **Overview** In this episode we unpack Microsoft’s blockbuster patch that closes the one‑click attack vector, dig into CertiK’s fresh transparency play after the Huione fallout, and discuss how geolocation services are becoming an adversarial attack surface. We also explore how CISOs can balance AI innovation with risk and how Red Hat is reshaping vulnerability management with vendor‑centric pipelines. **Guest Information** None this episode. **Topics Covered** 1. Microsoft’s one‑click exploit patch – what it fixes and why it matters. 2. CertiK’s rebuild‑trust strategy post‑Huione backlash. 3. Geofeed manipulation – why it’s a real threat and how to guard against it. 4. AI in security: governance, bias, adversarial attacks, and human‑in‑the‑loop. 5. Red Hat’s collaborative vulnerability‑management blueprint and its impact on MTTR. **Top Stories** - **Microsoft Fixes Bugs Behind One‑Click Attacks** – [PYMNTS](https://www.pymnts.com/cybersecurity/2026/microsoft-fixes-bugs-behind-one-click-attacks/)**Additional Cybersecurity News – Titles and URLs** - **CertiK Rebuilds Trust After Huione‑Related Backlash** – [CoinDesk](https://www.coindesk.com/business/2026/02/11/how-certik-rebuilt-trust-as-it-prepares-itself-for-an-ipo) - **Geofeeds Are Adversarial – A Call for Better IP Geolocation Integrity** – [NANOG Mailing List](https://seclists.org/nanog/2026/Feb/59) - **Balancing AI Innovation and Security Risk – A CISO’s Playbook** – [TechTarget](https://www.techtarget.com/searchsecurity/feature/How-CISOs-can-balance-AI-innovation-and-security-risk) - **Elevate Your Vulnerability Management Strategy – Red Hat’s Blueprint** – [Red Hat Blog](https://www.redhat.com/en/blog/elevate-your-vulnerability-management-strategy-red-hat) **Resources & Links** *(All links listed above)* ---## Call to Action - **Subscribe:** Stay updated on the latest cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. ---## Sponsor (if applicable) No sponsors this episode. ---## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **Twitter/X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum (copyable raw link):** https://discord.gg/cz3xdsrqAE ---

## 📺 Episode Information **Title:** Episode Number: **336** *(to be filled in)* ### Overview Today’s episode dives into a high‑impact, zero‑day campaign that hijacks web traffic by rewriting NGINX configurations with the React2Shell web shell. We break down the technical mechanics, the broader threat landscape, and actionable defense strategies. In addition, we cover the latest high‑profile data breach, economic fallout from online fraud in Malaysia, the NFL’s cyber‑defense playbook for Super Bowl 2026, and a new MSSP partnership in Singapore.---## 🔧 Topics Covered 1. **NGINX Traffic Hijack via React2Shell** – The top story, detailing the attack vector, stealth, and mass‑scale risk. 2. **Canada Computers & Electronics Data Breach** – 1,300 customers impacted; payment data exposure. 3. **Malaysia’s RM8 Billion Online Fraud Losses** – Economic toll and mitigation tactics. 4. **NFL Super Bowl 2026 Cyber‑Defense Playbook** – Edge security, AI monitoring, and event‑level protection. 5. **Acronis & Insightz MSSP Partnership** – Managed security services expansion in Singapore. ---## 🛡️ Top Story – “Hackers Hijack Web Traffic via Compromised NGINX & Baota Panels Using React2Shell” **Summary** Researchers uncovered a campaign that uses the open‑source shell **React2Shell** to compromise NGINX servers and Baota control panels. Attackers rewrite NGINX’s configuration to forward all inbound traffic through malicious proxy servers, enabling eavesdropping, malware injection, or phishing redirection while keeping the original server’s IP intact.**Cited Link** [The Hacker News – Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers](https://thehackernews.com/2026/02/hackers-exploit-react2shell-to-hijack.html) ---## 📢 Additional Cybersecurity News | Title | URL ||-------|-----|| *Canada Computers & Electronics Under Investigation After Data Breach Hits 1,300 Customers* | https://www.cbc.ca/news/business/canada-computers-data-breach-scope-9.7074605 || *Malaysia Records RM8 Billion Losses From Online Fraud Since 2020* | https://www.thestar.com.my/news/nation/2026/02/05/almost-rm8bil-lost-to-online-fraud-since-2020-dewan-rakyat-told || *Super Bowl 2026: NFL Deploys Cybersecurity Squad, Advanced Routers, & Data Centers* | https://www.pymnts.com/cybersecurity/2026/super-bowl-lineup-includes-cybersecurity-squad-wireless-routers-and-data-centers/ || *Acronis Welcomes Insightz Technology as Singapore’s First MSSP Partner* | https://www.globenewswire.com/news-release/2026/02/05/3232606/0/en/Acronis-Welcomes-Insightz-Technology-as-First-MSSP-Partner-in-Singapore.html |----## 📣 Call to Action - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Let us know what you think – it helps the podcast grow. - **Join the Conversation**: Follow our community, ask questions, and share insights. ---## 🏷️ Sponsor No sponsors this episode ---## 🌐 Podcast Socials & Website - **Website**: https://www.youvealreadybeenhacked.com - **X (Twitter)**: @professorcyberrisk - **YouTube**: https://www.youtube.com/@YABHPodcast - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

**Hosts** - Professor CyberRisk - Cyber Cowboy - Live Cyber Maps Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Live Cyber threat map (Checkpoint): https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information** - **Title:** *Zero‑Day Chaos & Firmware Secrets: Cisco RCE Alert + UEFI Parser* - **Episode Number:** 3x35 - **Overview:** In today’s episode we dive deep into a critically‑exploited Cisco zero‑day that’s been wreaking havoc across Unified Communications and Webex environments. We then turn our attention to a groundbreaking open‑source UEFI parser that’s exposing hidden firmware vulnerabilities, followed by a real‑world watering‑hole attack targeting EmEditor users and an EU telecom supply‑chain purge that could reshape vendor relationships. - **Guest Information:** *None – this is an all‑host episode.* - **Topics Covered:** 1. Cisco Zero‑Day CVE‑2026‑20045 (UC & Webex RCE) 2. UEFI Parser – Open‑Source Firmware Vulnerability Discovery 3. EmEditor Watering‑Hole Malware Campaign 4. EU Telecom Supplier Ban Proposal 5. Luxshare Precision Ransomware Incident & Supply‑Chain Implications - **Top Stories:** - **Cisco Zero‑Day CVE‑2026‑20045** – *Cisco Releases Emergency Patch for Actively Exploited RCE*: https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html - **Breaking UEFI Secrets – New Open‑Source Parser** – *CERT/CC Launches UEFI Parser Tool*: https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/ - **Watering Hole Targets EmEditor** – *TrendMicro Uncovers Multi‑Stage Malware*: https://www.trendmicro.com/en_us/research/26/a/watering-hole-attack-targets-emeditor-users.html - **EU Targets High‑Risk Foreign Telecom Suppliers** – *Proposal to Ban Third‑Country Companies from EU Mobile Networks*: https://www.spacewar.com/reports/Eyeing_China_EU_moves_to_ban_high-risk_foreign_suppliers_from_telecoms_networks_999.html - **Luxshare Under Attack – Ransomware Claims Apple & Nvidia Data** – *China‑Based Manufacturer Breach*: https://www.digitimes.com/news/a20260122PD226/luxshare-security-electronics-manufacturing-nvidia-apple.html - **Additional Cybersecurity News – Titles and URLs:** (All links above) - **Resources & Links:** *None this episode* **Call to Action** - **Subscribe:** Stay updated on the latest cybersecurity threats – hit that subscribe button! - **Leave a Review:** Tell us what you think – reviews help us improve and grow the community. - **Join the Conversation:** Follow our community and ask questions on Discord. **Sponsor** - No sponsors this episode **Podcast Socials & Website** - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title** 🚨 Copilot Leak Exposed: Reprompt Attack & 4 More AI‑Driven Threats 🚨 **Episode Number** 3x34 ---### Episode Information **Overview** In this episode, Professor CyberRisk and Cyber Cowboy dive into the latest “Reprompt” back‑door that lets attackers steal data from Microsoft Copilot. We unpack how the exploit works, why it matters for every business using AI, and the broader implications for AI security. Plus, we spotlight four critical vulnerabilities—from FortiSIEM RCE to AI‑voice cloning—and explore how to protect your organization. **Guest Information** None (all insights delivered by our hosts). **Topics Covered** - The “Reprompt” attack on Microsoft Copilot - Immediate mitigations and patch status - FortiSIEM CVE‑2025‑64155 RCE proof‑of‑concept - AI‑voice cloning, Wi‑Fi kill‑switch, PLC vulnerabilities (ThreatsDay bulletin) - Nozomi Networks Vantage IQ: private AI assistant for OT & IoT - CISO Global & TeleDental’s CyberSimple for dental clinics ---### Top Stories - **“Reprompt” Attack Lets Microsoft Copilot Leak Sensitive Data** – <https://www.malwarebytes.com/blog/news/2026/01/reprompt-attack-lets-attackers- steal-data-from-microsoft-copilot> ### Additional Cybersecurity News | Title | URL ||-------|-----|| PoC Exploit Released for Critical FortiSIEM Vulnerability (CVE‑2025‑64155) | <https://www.helpnetsecurity.com/2026/01/15/fortisiem-vulnerability-cve-2025-64155-poc-exploit/> || ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi‑Fi Kill Switch, PLC Vulnerabilities & More | <https://thehackernews.com/2026/01/threatsday-bulletin-ai-voice-cloning.html> || Nozomi Networks Unveils Vantage IQ—A Private AI Assistant for OT & IoT Security | <https://siliconangle.com/2026/01/15/nozomi-networks-launches-new-vantage-iq-private-ai-assistant-ot-iot-security-teams/> || CISO Global Partners with TeleDental to Protect Dental Clinics Using CyberSimple Powered by CHECKLIGHT | <https://www.globenewswire.com/news-release/2026/01/15/3219545/0/en/CISO-Global-Partners-with-TeleDental-to-Launch-CyberSimple-Powered-by-CHECKLIGHT-to-Protect-Dental-Clinics-From-Cyber-Threats.html> |---### Resources & Links - **Live Cyber Maps** - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Live Cyber Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spam ---### Call to Action - **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. ---### Sponsor No sponsors this episode. ---### Podcast Socials & Website - Website: https://www.youvealreadybeenhacked.com - X (Twitter): @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE ---

**🎙️ Episode Information****Title:** **Office Glitches to Capitol Spies: Threats + AI Health Warning****Episode Number:**3x33****Overview:** Professor CyberRisk and Cyber Cowboy dive into today’s headline‑shattering **Top Story**: CISA’s newly‑KEVed Microsoft Office and HPE OneView flaws that are already being weaponised in the wild. He then walks listeners through four high‑impact support stories that showcase the breadth of today’s threat landscape—from political espionage to credential‑stuffing in online casinos, to the new risks introduced by OpenAI’s medical‑AI feature, and Red Hat’s secure‑AI deployment blueprint.---**Guest Information** *No guest this episode.*---**Topics Covered**| # | Topic ||---|-------|| 1 | CISA Flags Microsoft Office CVE‑2026‑xxxx & HPE OneView CVE‑2026‑yyyy as “Actively Exploited” || 2 | China Hacks U.S. Congressional Committee Email – Salt Typhoon Espionage || 3 | Credential‑Stuffing Surge Hits Online Casino Platforms || 4 | OpenAI Announces ChatGPT Health – AI Meets Medical Advice, but With New Security Risks || 5 | Red Hat Unveils Secure AI Deployment Architecture – Blueprint for Protecting AI‑Driven Systems |---**Top Story****CISA Flags Microsoft Office & HPE OneView Flaws as “Actively Exploited” – Your Systems Are on the Hook***Summary & Why It Matters* – see show notes above. *What You Can/Should Be Doing* – 1) Patch immediately, 2) Verify integrity, 3) Enable MFA & least‑privilege, 4) Deploy advanced threat protection, 5) Update incident playbooks.---**Additional Cybersecurity News – Titles & URLs**| # | Title | URL ||---|-------|-----|| 1 | China Hacks U.S. Congressional Committee Email – Salt Typhoon Espionage | https://cryptobriefing.com/china-hacks-us-congressional-email-systems-salt-typhoon-espionage-ft/ || 2 | Credential‑Stuffing Surge Hits Online Casino Platforms – The Jackpot of Data Breach | https://www.hoover.org/research/cybersecurity-experts-report-surge-credential-stuffing-attacks-targeting-online-casino || 3 | OpenAI Announces ChatGPT Health – AI Meets Medical Advice, but With New Security Risks | https://siliconangle.com/2026/01/07/openai-introduces-chatgpt-health-answer-users-medical-questions/ || 4 | Red Hat Unveils Secure AI Deployment Architecture – A Blueprint for Protecting AI‑Driven Systems | https://www.redhat.com/en/blog/navigating-secure-ai-deployment-architecture-enhancing-ai-system-security-and-safety |---**Resources & Links**| Resource | URL ||----------|-----|| Bitdefender Live Cyber Threat Map | https://threatmap.bitdefender.com/ || Check Point Live Cyber Threat Map | https://threatmap.checkpoint.com/ || Kaspersky Cyber Threat Map | https://cybermap.kaspersky.com/ || Talos Intelligence – ebc_spam Map | https://talosintelligence.com/ebc_spam || CISA KEV Catalog (Office & HPE OneView) | https://www.cisa.gov/keV || Microsoft Office Security Updates | https://support.microsoft.com/en-us/topic/office-security-update || HPE OneView Security Patch (2026‑02) | https://support.hpe.com/hpsc/doc/public/display?docId=0000000000060197 |---**Call to Action**- **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions.---**Sponsor (if applicable)** *No sponsors this episode.*---**Podcast Socials & Website**- **Website**: https://www.youvealreadybeenhacked.com - **X**: @professorcyberrisk - **YouTube**: https://www.youtube.com/@YABHPodcast - **Discord / Community Forum**: https://discord.gg/cz3xdsrqAE *(copy‑and‑paste link)*---

**Title:** 🔥 AI’s Dark Side Exposed: OpenAI Warns of “High‑Risk” Models & New Cyber‑Attack Tactics! 🔥 --- ## Episode Information **Episode Number:**3x32 **Overview:** In this episode we break down OpenAI’s chilling warning that its next‑gen models are entering a “high” cybersecurity risk zone, and explore how the same AI tech is being weaponized in real‑world attacks—from insider‑facilitated Russian cyberops to ad‑driven macOS infostealers and deceptive cloud services. We’ll also look at Genetec’s latest report on AI‑driven physical security and what that means for the convergence of cyber & physical defenses. **Guest Information:** None this episode – it’s a deep‑dive into current headlines. **Topics Covered:** - OpenAI’s “high‑risk” model alert and defensive AI initiatives - Insider‑facilitated Russian cyberattacks (Ukrainian woman indictment) - Ad‑based phishing via ChatGPT & Grok leading to macOS infostealer - False claims of cloud compliance by former Accenture employee - Genetec’s 2026 State of Physical Security report & AI adoption surge - Practical steps for incident response, AI detection, vendor vetting & training **Top Stories:** | # | Title | Source URL ||---|-------|------------|| 1 | OpenAI Signals “High” Cybersecurity Risk with Next‑Gen Models | || 2 | Ukrainian Woman Charged for Facilitating Russian‑Backed Cyberattacks | || 3 | Google Ads Drive macOS Infostealer Malware via ChatGPT & Grok Guides | || 4 | Former Accenture Employee Charged with Misleading the Government on Cloud Security | || 5 | Genetec Releases 2026 State of Physical Security Report – AI Adoption Doubles | |**Additional Cybersecurity News – Titles & URLs**- **Bitdefender Threat Map** – - **Checkpoint Live Cyber Threat Map** – - **Kaspersky Cyber Threat Map** – - **Talos Intelligence – EBC Spam Map** – **Resources & Links** (See “Additional Cybersecurity News” above for threat‑map links; no other resources listed.)**Sponsor** None this episode **Call to Action** - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Tell us what you think about the episode. - **Join the Conversation**: Follow our community and ask questions.**Podcast Socials & Website** - **Website**: - **Twitter**: @professorcyberrisk - **YouTube**: - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

### 🔢 Episode Information |-------|-------|| **Title** | Supply‑Chain Siege: Fake NPM Packages + the New AI Threat Landscape || **Episode Number** | 3x31 || **Hosts** | Professor CyberRisk & Cyber Cowboy || **Guests** | None this episode |---### 👀 Overview Attackers keep evolving their tactics, and defenders can stay one step ahead by tightening supply‑chain hygiene. In this episode we dive into:1️⃣ The latest npm registry breach – 46,000 counterfeit packages flooding the ecosystem. 2️⃣ Four support stories that show how policy, data protection, visibility, and AI infrastructure are all part of the same threat matrix. ---### 🗣️ Topics Covered - **npm Supply‑Chain Attack** – How a worm‑like spam operation can compromise millions of projects. - **Policy & Vendor Risk** – EU’s ban on Huawei/ZTE as a real‑world example of hardware risk management. - **Data Resilience** – IBM Safeguarded Copy and immutable snapshots for ransomware protection. - **Visibility & Detection** – ThreatBook NDR’s top marks in Gartner Peer Insights™ 2025. - **AI Infrastructure Hardening** – Microsoft’s Atlanta AI “Super Factory” and what it means for zero‑trust architecture. ---| Title | URL ||-------|-----|| **Bitdefender Threat Map** | https://threatmap.bitdefender.com/ || **Checkpoint Live Cyber Threat Map** | https://threatmap.checkpoint.com/ || **Kaspersky Cyber Threat Map** | https://cybermap.kaspersky.com/ || **Talos Intelligence – ebc_spam Map** | https://talosintelligence.com/ebc_spam |---### 📚 Resources & Links - **npm audit guide:** https://docs.npmjs.com/cli/npm-audit - **Snyk dependency‑monitoring:** https://snyk.io/ - **IBM Safeguarded Copy whitepaper** – (link provided in episode) - **ThreatBook NDR product page** – https://threatbook.ai/nrd ---### 🚀 Call to Action 1. **Subscribe**: Stay updated on the latest cybersecurity threats. 2. **Leave a Review**: Let us know what you think. 3. **Join the Conversation**: Follow our community and ask questions.---### 🎙 Sponsor (if applicable) > No sponsors this episode---### 📲 Podcast Socials & Website | Platform | Link ||----------|------|| **Website** | https://www.youvealreadybeenhacked.com || **X** | @professorcyberrisk || **YouTube** | https://www.youtube.com/@YABHPodcast || **Discord/Community Forum** | https://discord.gg/cz3xdsrqAE

## 🎙 Episode Information | Item | Details || **Episode Number** | 3x30 || **Overview** | In today’s episode we dive into the newest AI‑powered defenses from industry giants Fortinet, SentinelOne and CrowdStrike – a game‑changer for any organization running machine‑learning workloads. We’ll unpack why protecting the *intelligence* itself is now mandatory, walk through practical steps you can take right away, and bring in four supporting stories that broaden the conversation to honeypots, password hygiene, IoT hardening and critical infrastructure security. || Host | Professor CyberRisk – a veteran researcher in AI security and cyber‑threat intelligence || **Topics Covered** | • AI‑driven security features from Fortinet, SentinelOne & CrowdStrike <br>• Correlating malware with honeypot logs via PowerShell<br>• Password hygiene lessons from the Louvre breach<br>• The TP‑Link router debate and hardening steps<br>• Norway’s new safeguards for electric buses (critical infra) |## 🎙 Wrap‑Up These stories collectively underscore that defending AI workloads is no longer an optional enhancement—it’s a necessity. Combine this with robust password hygiene, hardened IoT devices, and secured critical infrastructure to create a resilient security posture.Feel free to weave in your own anecdotes or audience questions—these notes are just the skeleton for an engaging episode!--- ## 🎧 Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions.---## 📣 Sponsor **No sponsors this episode**---## 🖥 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title** 🚨 Spy Drones & AI Wars: 2025’s Cyber Battleground – Why Your Company Needs to Listen --- ### Episode Information - **Episode Number:** 329 ---#### Overview In this episode we break down the most alarming cyber‑espionage trends of 2025: from North Korean Lazarus drones to AI‑firewalls and legal battles over data scraping. We’ll explain why these stories matter for you—and give you concrete steps you can take today.#### Hosts - Professor CyberRisk - Cyber Cowboy---### Topics Covered| # | Topic ||---|-------|| 1 | Lazarus drone campaign (Operation DreamJob) – what it means for European UAV makers || 2 | Taiwan’s hardware & semiconductor sector under siege – supply‑chain hardening tips || 3 | Maxis AI‑powered firewall rollout in Malaysia – lessons on communication‑layer security || 4 | Reddit suing data‑scrapers – implications for AI training and privacy || 5 | Gartner 2026 tech forecast – AI, connectivity & emerging risks |---## Additional Cybersecurity News – Titles and URLs | Title | URL ||-------|-----|| “North Korean Lazarus Group Targets UAV Sector in Europe” | https://www.globenewswire.com/news-release/2025/10/23/3171642/0/en/North-Korean-Lazarus-group-targets-the-drone-sector-in-Europe-likely-for-espionage-ESET-Research-discovers.html || “Taiwan’s Hardware & Semiconductor Sectors Remain Top Cyber‑Attack Targets” | https://www.digitimes.com/news/a20251023PD206/check-point-cybersecurity-data-hardware-taiwan.html || “Maxis Deploys AI‑Powered Firewall to Block Malicious SMS & Voice Calls in Malaysia” | https://soyacincau.com/2025/10/23/maxis-globe-teleservices-ai-firewall-message-voice-security/ || “Reddit Suing Data‑Scraping Firms Over Unauthorized Use of Its Content for AI Training” | https://siliconangle.com/2025/10/22/reddit-suing-perplexity-ai-data-scraping-firms-using-data-without-permission/ || “Gartner Forecasts 2026 Tech Trends – AI, Connectivity, and Emerging Risks” | https://www.helpnetsecurity.com/2025/10/23/gartner-2026-technology-trends |---## Resources & Links *None this episode.*--- ## Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor No sponsors this episode.--- #### Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title:** 🚨 “Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked” --- ### **Hosts** - **Professor CyberRisk** ### **Live Cyber Maps** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – EBC Spam Map** – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** *Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked* **Episode Number:** 3x28 ### Overview In this episode we unpack a nation‑state supply‑chain attack that exposed the source code of F5’s BIG‑IP platform, explore the weaponization of public infrastructure at Canadian and U.S. airports, and dive into the new AI security best‑practices IBM presented at TechXchange 2025. We also cover alarming firmware flaws in popular motherboards and Meta’s new partnership with Arm for energy‑efficient AI GPUs. ### Guest Information - **Professor CyberRisk** – Security strategist and researcher. - **Cyber Cowboy** – Field operations expert in incident response. ### Topics Covered 1. Nation‑state breach of F5 BIG‑IP source code 2. IoT exploitation in airport public‑announcement systems 3. Secure AI pipelines: IBM’s takeaways from TechXchange 2025 4. Firmware vulnerabilities in mainstream motherboards 5. Meta + Arm partnership and the security implications of next‑gen AI GPUs 6. Practical steps: patching, zero‑trust, and incident‑response readiness ---## Top Stories ### 1. Nation‑State Threat Cracks F5’s BIG‑IP Source Code - **Summary:** F5 disclosed that a sophisticated nation‑state actor accessed its internal systems, exfiltrated portions of BIG‑IP source code, and is now forcing emergency patches for all customers. - **Why it Matters:** The BIG‑IP platform sits in millions of data‑center, cloud, and edge deployments, meaning a single code compromise threatens countless enterprises, government agencies, and critical infrastructure. - **What to Do:** Verify inventory, apply patches, enforce MFA, isolate admin access, audit supply chain, and update incident‑response playbooks. - **Link:** [SiliconANGLE – F5 says nation‑state actor breached internal systems, stole BIG‑IP development files](https://siliconangle.com/2025/10/15/f5-says-nation-state-actor-breached-internal-systems-stole-big-ip-development-files/) ---## Additional Cybersecurity News | Title | URL ||-------|-----|| **Airport Hijack: Pro‑Hamas Messages Blare Across Canadian & US Terminals** | https://www.israelnationalnews.com/news/416318 || **IBM’s TechXchange 2025: AI Revolution & Security Takeaways** | https://siliconangle.com/2025/10/15/ibm-techxchange-2025-navigating-ai-revolution/ || **Firmware Flaws: Motherboard Manufacturers Show Little Security Care** | https://www.xda-developers.com/firmware-security-failures-show-motherboard-manufacturers-dont-care/ || **Meta Partners with Arm for Energy‑Efficient AI GPUs** | https://siliconangle.com/2025/10/15/meta-platforms-use-arms-energy-efficient-neoverse-gpus-ai-workloads/ |---## Resources & Links _None this episode_---## Call to Action - **Subscribe**: Stay updated on the latest cyber threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. ---## Sponsor (if applicable) _No sponsors this episode_ ---## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum:** https://discord.gg/cz3xdsrqAE *(copyable raw link)*

**Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Hosts:** Professor CyberRisk • Cyber Cowboy Live **Live Cyber Maps:** - Bitdefender Threat Map – https://threatmap.bitdefender.com/ - Checkpoint Live Cyber threat map – https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map – https://talosintelligence.com/ebc_spam ---## Episode Information **Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Episode Number:** 3x27 **Overview:** In this episode we dissect a high‑profile Discord breach that exposed government ID photos for ~70,000 users, dive into Okta’s new “Identity‑Security Fabric” and its AI governance capabilities, explore NetApp’s next‑gen storage platform for AI resilience, uncover how attackers are hijacking the Velociraptor DFIR tool in ransomware campaigns, and discuss the U.S. Labor Department’s pilot for a national unemployment claims database—an initiative that could create a single point of failure. **Guest Information:** None **Topics Covered:** - Discord security breach and third‑party vendor risk - Okta’s AI‑governed Identity‑Security Fabric at Oktane 2025 - NetApp INSIGHT: disaggregated storage for AI workloads and ransomware resilience - Threat actor reuse of Velociraptor DFIR tool in LockBit/Babuk ransomware - Labor Department’s national unemployment claims intake pilot and privacy implications ---## Top Stories - **Discord Security Breach Exposed Government ID Photos of 70,000 Users** – https://www.cnet.com/tech/services-and-software/discord-security-breach-exposed-government-id-photos-of-70000-users/---## Additional Cybersecurity News – Titles and URLs 1. **Three insights you might have missed from theCUBE’s coverage of Okta’s Oktane event** – https://siliconangle.com/2025/10/09/okta-identity-security-fabric-oktaoktane/ 2. **What to expect during NetApp INSIGHT: Join theCUBE Oct. 14** – https://siliconangle.com/2025/10/09/next-generation-enterprise-storage-netappinsight/ 3. **Hackers now use Velociraptor DFIR tool in ransomware attacks** – https://www.bleepingcomputer.com/news/security/hackers-now-use-velociraptor-dfir-tool-in-ransomware-attacks/ 4. **Labor Department looks to pilot intaking unemployment claims for states** – https://www.nextgov.com/digital-government/2025/10/labor-department-looks-pilot-intaking-unemployment-claims-states/408734/ ---## Resources & Links None this episode --- ### Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor (if applicable) No sponsors this episode --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title:** 🔥 *“Oracle’s Data is Leaking… And AI Agents Are the New Attack Vectors”* — Clop, Pentagon, and the Cybersecurity Apocalypse You Can’t Ignore---**Episode Number:** 3x26 **Overview:** In this explosive episode of *You’ve Already Been Hacked*, Professor CyberRisk and Cyber Cowboy dive into a perfect storm of cyber chaos: Clop-linked hackers are weaponizing Oracle E-Business Suite to extort Fortune 500s, the Pentagon is gutting cyber training like it’s a body fat test, Google confirms executives are being targeted with fake data theft threats—and underneath it all, AI agents are quietly becoming the most dangerous insider threats you didn’t know you had. Mary Ann Davidson (ex-Oracle CSO) drops the bombshell: *“You’re never going to have enough cybersecurity people to defend what was never built to be defensible.”* We break down why traditional defenses are dead, how AI is rewriting the rules of attack and defense, and what you MUST do before your company becomes next week’s headline. **Topics Covered:** - 🚨 Clop ransomware group’s Oracle E-Business Suite data theft extortion campaign (unconfirmed breach, real-world panic) - ⚔️ Pentagon’s dangerous de-prioritization of cybersecurity training — equating it to beard length? - 🤖 Agentic Security: How AI agents are becoming autonomous attack vectors (behavioral monitoring, zero-trust for bots) - 💬 Google’s confirmation: Executives targeted with fake Oracle data theft emails — sophisticated social engineering at scale - 🧠 The “security-by-design” revolution: Why humans can’t keep up, and AI-powered detection is now non-negotiable **Top Stories:** 1. **Clop-linked hackers claim Oracle E-Business Suite data theft** — Extortion emails flooding corporations. → https://siliconangle.com/2025/10/02/clop-linked-hackers-claim-oracle-e-business-suite-data-theft-high-stakes-extortion-push/ 2. **Pentagon says warfighters don’t need “frequent” cybersecurity training** — Policy downgrade raises alarms. → https://www.theregister.com/2025/10/02/pentagon_relaxes_military_cybersecurity_training/ 3. **Google confirms extortion emails targeting executives via fake Oracle breaches** — Supply chain fearmongering in action. → https://www.yahoo.com/news/articles/google-says-hackers-sending-extortion-215459772.html 4. **Agentic Security: AI agents as new attack surfaces** — Defending autonomous systems before they go rogue. → https://siliconangle.com/2025/10/02/ai-agents-need-agentic-security-keep-safe-cyberdefense/ 5. **Mary Ann Davidson’s warning: “You’re never going to have enough people to defend what was never built to be defensible.”** → https://securityweeklytv.libsyn.com/ai-the-new-trigger-word-or-is-it-robots-psw-894 **Additional Cybersecurity News – Titles and URLs:** - **Bitdefender Threat Map (Live):** https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map:** https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map:** https://cybermap.kaspersky.com/ - **Talos Intelligence Spam Map (ebc_spam):** https://talosintelligence.com/ebc_spam **Call to Action:** ✅ **Subscribe** — Stay ahead of the next cyber apocalypse. ⭐ **Leave a Review** — Help others find us before their company gets hacked. 💬 **Join the Conversation** — Ask questions, share war stories, and debate AI threats in our community: https://discord.gg/cz3xdsrqAE **Sponsor:** None this episode — because *you* are the sponsor of your own security. **Podcast Socials & Website:** 🌐 **Website:** https://www.youvealreadybeenhacked.com 🐦 **X (Twitter):** @professorcyberrisk 📺 **YouTube:** https://www.youtube.com/@YABHPodcast 💬 **Discord/Community Forum :** https://discord.gg/cz3xdsrqAE ---*Hosts:* Professor CyberRisk | Cyber Cowboy *Live Threat Maps Featured:* Bitdefender • Checkpoint • Kaspersky • Talos Intelligence

HostsProfessor CyberRisk Cyber CowboyLive Cyber Maps – Bitdefender Threat Map: https://threatmap.bitdefender.com/Live Cyber threat map – Checkpoint: https://threatmap.checkpoint.com/Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: $115M Ransom Raid: Teen Gang, SIM‑Swaps & AI Breach – What’s Next?Episode Number: 3x25 Overview:In today’s episode we dissect the explosive case of Scattered Spider, a multi‑nation, multi‑tech gang that has pulled in over $115 million in ransomware payouts from UK retailers, London transit and US healthcare systems. We’ll explore how teenage operatives can be prosecuted under U.S./U.K. law, why SIM‑swap attacks remain a critical vulnerability, and what a recent AI chatbot breach means for your cloud tokens. Finally we’ll look at the rise of self‑replicating open‑source worms and how online gambling scams create new channels for credential theft. Guest Information: None – this is an in‑house deep dive. Topics CoveredScattered Spider ransomware & teen gang enforcement SIM‑swap attacks & mobile security AI chatbot breach and token exfiltration Self‑replicating open‑source worm (Shai‑Hulud) Online gambling scam ecosystemsTop StoryFeds Tie “Scattered Spider” Duo to $115 M in RansomsAdditional Cybersecurity News – Titles and URLsSIM‑Swapper, Scattered Spider Hacker Gets 10 Years – The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Self‑Replicating Worm Hits 180+ Software Packages – Affiliates Flock to ‘Soulless’ Scam Gambling Machine –Resources & LinksNone this episode. Call to ActionSubscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Jo​in the Conversation: Follow our community and ask questions. SponsorNo sponsors this episode. Podcast Socials & WebsiteWebsite: https://www.youvealreadybeenhacked.comX (Twitter): @professorcyberriskYoutube: https://www.youtube.com/@YABHPodcastDiscord/Community Forum: https://discord.gg/cz3xdsrqAE (copy‑and‑paste it as plain text)

**Hosts**- Professor CyberRisk- Cyber Cowboy**Live Cyber Maps** Bitdefender Threat Map – https://threatmap.bitdefender.com/ Live Cyber Threat Map – https://threatmap.checkpoint.com/ Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ Talos Intelligence – ebc_spam Map – https://talosintelligence.com/ebc_spam---## **Episode Information****Title:** _Agents, Exploits, and NanoCoder: Building Modular AI with Will Lamerton_ **Episode Number:** 3x24**Overview:** In this special interview episode, we step away from the headlines and dive deep into the mind of Will Lamerton — creator of [NanoCoder](https://github.com/Mote-Software/nanocoder), a modular agentic framework that’s reshaping how developers build AI workflows. From the architecture of autonomous agents to the cybersecurity implications of automation, we explore how tools like NanoCoder can empower defenders… and potentially arm adversaries.**Guest Information:** **Will Lamerton**- Creator of NanoCoder- Developer at Mote Software- LinkedIn: https://www.linkedin.com/in/will-lamerton-b16ab915b/- GitHub: https://github.com/Mote-Software/nanocoder---## **Topics Covered**- The origin story of NanoCoder and Will’s journey into agentic automation- How NanoCoder differs from LangChain, CrewAI, and other frameworks- Modular agents, memory, and orchestration philosophy- Real-world use cases: devops, creative workflows, and beyond- Cybersecurity implications — how defenders and attackers might use agentic tools- Threat modeling for autonomous systems- Human interest: Will’s coding rituals, rabbit holes, and creative inspirations- The future of agentic ecosystems and modular AI stacks---## **Call to Action**- **Subscribe:** Stay updated on cybersecurity threats.- **Leave a Review:** Let us know what you think.- **Join the Conversation:** Follow our community and ask questions.---## **Sponsor (if applicable)**No sponsors this episode---## **Podcast Socials & Website**- Website: https://www.youvealreadybeenhacked.com- X: @professorcyberrisk- YouTube: https://www.youtube.com/@YABHPodcast- Discord/Community Forum: https://discord.gg/cz3xdsrqAE

**Hosts:** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps & Resources** - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Live Cyber Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam ---## Episode Information **Title:** Bulletproof Hosting Lives On: Stark’s Rebrand & 4 Cyber Flashpoints**Episode Number:** 3x23---### Overview In this episode we unpack the latest headline: European sanctions hit Stark Industries Solutions Ltd., yet the firm slipped into a new shell, keeping its “bullet‑proof” hosting services running. We dive into why that matters for defenders, and we explore four additional headlines: a supply‑chain attack on npm libraries, the fallout from Salesloft’s token breach, Microsoft’s critical Patch Tuesday, and a new Russian gambling‑scam network. Get the details on how to spot, block, and remediate each threat.---### Guest Information *None for this episode (solid 5‑story deep dive).*---### Topics Covered- How “bullet‑proof” hosting evades EU sanctions - 18 npm packages hijacked to steal crypto funds - Salesloft token breach exposes corporate data across Slack, Google Workspace & AWS - Microsoft Patch Tuesday – 80+ fixes (incl. remote code exec, SMB flaws) - Russian “Soulless” gambling‑scam affiliate network---## Top Stories **1. Bulletproof Host Stark Industries Evades EU Sanctions** *Summary:* The EU slapped sanctions on Stark Industries Solutions Ltd. in May 2025 for fueling Kremlin‑linked DDoS, malware, and disinformation campaigns. New research shows Stark swiftly rebranded to “thehosting”, moved assets to a Dutch shell (WorkTitans BV), and shifted IP space to a new Moldovan entity, PQ Hosting Plus SRL. The core infrastructure—IP ranges, servers and the notorious MIRhosting partner—remained operational, allowing Russian‑backed attacks to continue almost unchanged. *Why it Matters:* This is a textbook example of how “bullet‑proof” hosting providers dodge regulation by shifting names and ownership while keeping the same malicious traffic lanes open. It shows that sanctions alone are insufficient; attackers simply reorganize and keep the same services running, continuing to supply state‑level cyberwarfare. *What you should do:* Monitor the domain and IP space associated with Stark and its partners (thehosting.com, PQ Hosting Plus SRL, MIRhosting). Use threat‑intel feeds to detect changes in ownership or DNS records. Block traffic from these IP ranges at your perimeter firewalls, especially if you run a web‑services or cloud platform. Keep an eye on EU sanctions lists and immediately flag any new entities that appear in your infrastructure logs. ---## Additional Cybersecurity News – Titles & URLs | # | Title | URL ||---|-------|-----|| 2 | *18 Popular Code Packages Hacked, Rigged to Steal Crypto* | 3 | *The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft* | 4 | *Microsoft Patch Tuesday, September 2025 Edition* | | 5 | *Affiliates Flock to ‘Soulless’ Scam Gambling Machine* |---### Resources & Links *None this episode.*---## Call to Action- **Subscribe** – Stay updated on the latest cybersecurity threats. - **Leave a Review** – Let us know what you think. - **Join the Conversation** – Follow our community and ask questions.---### Sponsor *No sponsors this episode.*---## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

## 🎙️ Episode Information**Title:** _Citrix Cracked, WhatsApp Whacked, and Linux Under Attack: This Week in Cyber Mayhem_  **Episode Number:**3x22## 🧠 OverviewThis week, Professor CyberRisk and Cyber Cowboy break down the latest cybersecurity chaos—from a Citrix zero-day that’s been exploited for months, to a stealthy Linux dropper campaign targeting desktop shortcuts. Whether you're defending enterprise infrastructure or just trying to keep your devices clean, this episode delivers actionable insights and threat intelligence you can’t afford to miss.## 👤 Guest InformationNone this episode## 🧵 Topics Covered- Citrix NetScaler zero-day exploited since May - WhatsApp vulnerability chaining with Apple zero-days - Farmers Insurance breach affecting 1M+ customers - Sindoor Dropper malware targeting Linux users - U.S. government crackdown on fake ID marketplaces ## 🔥 Top Stories**Critical Citrix 0-Day Vulnerability Exploited Since May, Leaving Global Entities Exposed**  **Summary:** CVE-2025-6543 in Citrix NetScaler has been exploited for months, allowing remote code execution and authentication bypass. **Why it Matters:** Long dwell time means attackers may already have persistent access to sensitive systems. **What can / should you be doing because of it:**- Patch immediately - Audit logs back to May - Monitor for lateral movement **Cited link:** Cybersecurity News coverage ## 🧷 Additional Cybersecurity News – Titles and URLs**WhatsApp Zero-Day Exploit Targets iOS and macOS Users**  The Hacker News report**Farmers Insurance Breach Impacts Over 1 Million Customers**  Cybernews coverage**Sindoor Dropper Malware Targets Linux via Weaponized .desktop Files**  Cybersecurity News report**U.S. Government Seizes Domains Selling Fake Identity Documents**  Cybersecurity News coverage## 🗺️ Live Cyber Maps- Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam ## 📚 Resources & LinksNone this episode## 📣 Call to Action- **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. ## 💼 Sponsor (if applicable)No sponsors this episode## 🌐 Podcast Socials & Website- **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Hosts**- Professor CyberRisk - Cyber Cowboy **Live Cyber Maps**- Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information**  **Title:** _Hijacked by Design: OAuth Breach, AI Agents, and the Global Cybercrime Crackdown_**Episode Number:** 3x21**Overview:** This week, Professor CyberRisk and Cyber Cowboy dissect the latest cybersecurity chaos—from a stealthy OAuth breach that compromised Salesforce data to the vulnerabilities lurking in autonomous AI agents. Plus, we spotlight Interpol’s massive takedown of global cybercrime infrastructure and the budget-driven pivot toward AI-powered defense. If you think your workflows are safe, think again.**Guest Information** None this episode**Topics Covered**- OAuth token abuse and AI chat agent exploitation - NIST’s new AI cybersecurity control overlays - Prompt injection and hijacking risks in autonomous agents - Operation Serengeti’s global infrastructure takedown - Shrinking cybersecurity budgets and the rise of AI defense **Top Stories**1. **OAuth Breach via Drift AI Chat Agent Exposes Salesforce Data**  The Hacker News coverage **Additional Cybersecurity News – Titles and URLs**2. **NIST Releases AI Cybersecurity Control Overlays**  Google News summary 3. **AI Agents Vulnerable to Hijacking Attacks**  Google News summary 4. **Operation Serengeti Dismantles 11,500 Malicious Infrastructures**  CyberScoop coverage 5. **Cybersecurity Budgets Shrinking, AI Defense Rising**  Google News summary **Resources & Links** None this episode**Call to Action**- **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. **Sponsor (if applicable)** No sponsors this episode**Podcast Socials & Website**- Website: https://www.youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE

## 🎙️ Hosts- Professor CyberRisk- Cyber Cowboy---## 🌐 Live Cyber Maps- Bitdefender Threat Map: https://threatmap.bitdefender.com/- Check Point Threat Map: https://threatmap.checkpoint.com/- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/- Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam---## 📢 Episode Information**Title:** _Legacy Exploits, Poisoned Packages, and Password Hijacks**Episode Number:** 3x20---## 🧠 OverviewThis week, Professor CyberRisk and Cyber Cowboy dissect the latest wave of cyber threats—from Russian espionage campaigns targeting unpatched Cisco gear to stealthy clickjacking attacks on password managers. Whether you're an enterprise defender or a solo dev, these stories will make you rethink your patching strategy, supply chain hygiene, and user awareness training.---## 🎤 Guest InformationNone this episode---## 🧵 Topics Covered- Russian state-sponsored exploitation of legacy Cisco vulnerabilities- DOM-based clickjacking targeting browser password managers- Apple’s emergency patch for zero-day CVE-2025-43300- Malicious PyPI packages infiltrating developer environments- AsyncRAT delivered via fake verification prompts---## 🚨 Top Stories**FBI Warns of Russian Espionage via Unpatched Cisco Devices** Summary: Russian group Static Tundra exploits CVE-2018-0171 in Cisco IOS/IOS XE. Why it Matters: Legacy vulnerabilities still pose major risks. What You Should Be Doing: Audit Cisco gear, patch or disable Smart Install, monitor traffic. Cited link: [The Hacker News](https://thehackernews.com/)---## 🧩 Additional Cybersecurity News – Titles and URLs**DOM-Based Clickjacking Targets Password Managers** https://thehackernews.com/**Apple Patches Zero-Day CVE-2025-43300** https://thehackernews.com/**Weaponized PyPI Packages Target Developers** https://cybersecuritynews.com/weekly-cybersecurity-news-recap/**AsyncRAT Delivered via Fake Verification Prompts** https://cybersecuritynews.com/weekly-cybersecurity-news-recap/---## 📚 Resources & LinksNone this episode---## 📣 Call to Action- **Subscribe:** Stay updated on cybersecurity threats.- **Leave a Review:** Let us know what you think.- **Join the Conversation:** Follow our community and ask questions.---## 💼 Sponsor (if applicable)No sponsors this episode---## 🌐 Podcast Socials & Website- Website: https://www.youvealreadybeenhacked.com- X: [@professorcyberrisk](https://twitter.com/professorcyberrisk)- YouTube: https://www.youtube.com/@YABHPodcast- Discord/Community: https://discord.gg/cz3xdsrqAE

### Hosts- Professor CyberRisk - Cyber Cowboy ### 🔥 Live Cyber Maps- Bitdefender Threat Map - Checkpoint Threat Map - Kaspersky Cyber Threat Map - Talos Intelligence Spam Map ### 🎧 Episode Information**Title:** _DEF CON 33: Agents, Extensions, and Ghosts in the Machine_  **Episode Number:** 3x19### 🗒️ OverviewThis episode dives deep into DEF CON 33’s most provocative cybersecurity talks—from AI-powered SOC assistants to browser-based identity theft, counter-surveillance tactics, and prompt injection warfare. Professor CyberRisk and Cyber Cowboy break down what defenders need to know, what attackers are already doing, and how the future of cybersecurity is being shaped by autonomous agents and invisible threats.### 🎙️ Guest InformationNone this episode### 🧠 Topics Covered- Microsoft Security Copilot and AI-augmented SOC workflows - Autonomous AI evaluation in cyber ranges - Ghost Mode counter-surveillance tactics - COPYCAT browser extension identity attacks - MPIT prompt injection tool and ShinoLLMApps testbed - General Paul Nakasone’s DEF CON insights on AI and national security - DEF CON 33 meta-trends and community tooling ### 🧨 Top Stories- **Microsoft Security Copilot Fireside Chat** – AI-driven incident response, plugin customization, and SOC acceleration - **AI Security Institute Evaluation Framework** – Realistic cyber ranges for autonomous agent testing - **Ghost Mode** – OSINT-powered counter-surveillance for everyday users - **COPYCAT Extension** – Ten browser-based identity attacks that bypass traditional defenses - **MPIT Prompt Injection Tool** – Genetic algorithm–optimized payloads for LLM exploitation - **General Nakasone’s Talk** – NSA’s evolving role in AI defense and collaboration - **DEF CON 33 Themes** – Agent-based red teaming, invisible threats, and open-source community power ### 📣 Call to Action- **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. ### 💼 Sponsor (if applicable)No sponsors this episode### 🌐 Podcast Socials & Website- Website: youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: @YABHPodcast - Discord – The Neural Network: - https://discord.gg/cz3xdsrqAE

## 🎙️ Hosts- **Professor CyberRisk**- **Cyber Cowboy**---## 🌐 Live Cyber Maps- [Bitdefender Threat Map](https://threatmap.bitdefender.com/)- [Checkpoint Threat Map](https://threatmap.checkpoint.com/)- [Kaspersky Cyber Threat Map](https://cybermap.kaspersky.com/)- [Talos Intelligence – EBC Spam Map](https://talosintelligence.com/ebc_spam)---## 📣 Episode Information**Title:** _Ransomware, Romance, and Recon: The Week Cybersecurity Got Personal_ **Episode Number:** 3x18**Overview:** This week, Professor CyberRisk and Cyber Cowboy break down the latest cybersecurity headlines—from a ransomware strike on Mailchimp to a dating app exposing private messages. We also dive into a billion-dollar acquisition that could reshape identity security, and a mysterious breach involving U.S. spy satellite contractors. If you thought your inbox, your dating life, or your government were safe… think again.---## 🎤 Guest InformationNone this episode---## 🧠 Topics Covered- Ransomware targeting SaaS platforms- Identity security consolidation- Data privacy in consumer apps- Third-party risk in government systems- Regulatory pressure on social platforms---## 🔥 Top Stories**Mailchimp Targeted in Ransomware Attack—Data Exposure Downplayed** Mailchimp was hit by ransomware this week, with potential exposure of customer data. The company claims minimal impact, but experts warn of phishing and impersonation risks. 🔗 [Read more](https://cybernews.com/news/)---## 🧩 Additional Cybersecurity News – Titles and URLs**Palo Alto Networks to Acquire CyberArk** A $20B merger that could redefine identity and access management. 🔗 [Read more](https://cybernews.com/news/)**Dating App Tea Suffers Second Major Data Leak** Over 1M messages and 72K images exposed—again. 🔗 [Read more](https://cybernews.com/news/)**US Spy Satellite Agency Investigates Contracting Site Incident** NRO confirms breach of contractor portal, law enforcement involved. 🔗 [Read more](https://cybernews.com/news/)**UK's Age Verification Law Puts X (formerly Twitter) Under Scrutiny** Regulators call out weak enforcement of age checks. 🔗 [Read more](https://cybernews.com/news/)---## 📚 Resources & LinksNone this episode---## 📢 Call to Action- **Subscribe:** Stay updated on cybersecurity threats.- **Leave a Review:** Let us know what you think.- **Join the Conversation:** Follow our community and ask questions.---## 💼 Sponsor (if applicable)No sponsors this episode---## 🌐 Podcast Socials & Website- **Website:** [https://www.youvealreadybeenhacked.com](https://www.youvealreadybeenhacked.com/)- **X:** [@professorcyberrisk](https://twitter.com/professorcyberrisk)- **YouTube:** [https://www.youtube.com/@YABHPodcast](https://www.youtube.com/@YABHPodcast)- **Discord/Community Forum:** coming soon

### Hosts- Professor CyberRisk- Cyber Cowboy---### Live Cyber Maps- Bitdefender Threat Map: https://threatmap.bitdefender.com/- Checkpoint Threat Map: https://threatmap.checkpoint.com/- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/- Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam---### Episode Information**Title:** _Zero-Days, VPN Leaks & Listener Qs: Cyber Threats That Just Got Real_ **Episode Number:** 3x17---### OverviewProfessor CyberRisk and Cyber Cowboy break down a wave of fresh exploits targeting enterprise systems, open-source platforms, and consumer devices — all backed by active threat intel. They kick things off with powerful questions from a listener in military/law enforcement, cover recent zero-days and VPN bugs, and dissect the cybercriminal playbook now exploiting accessibility APIs and fashion brands alike.---### Guest InformationNone this episode---### Topics Covered- Essential cyber hygiene for defense and law enforcement professionals- Real-world deterrence: what it takes to punish threat actors- SharePoint zero-day hits public sector- Arch Linux packages laced with Chaos RAT- Dior breach via third-party vendor- ExpressVPN leak and RDP exposure- Banking trojan weaponizes Windows UI Automation---### Top Stories**🧨 Widespread SharePoint Zero-Day Exploitation Hits U.S. Agencies** Hackers exploit CVEs 2025-49704/49706 to deploy Warlock ransomware via malicious web shells. 📎 [Daily Security Review coverage](https://dailysecurityreview.com/)---### Additional Cybersecurity News – Titles and URLs**🧪 Arch Linux AUR Packages Deliver Chaos RAT** 📎 [DSR Report](https://dailysecurityreview.com/)**🕵️‍♂️ Dior Confirms Customer Data Breach via Vendor Compromise** 📎 [DSR Article](https://dailysecurityreview.com/)**🧱 ExpressVPN Bug Exposed Real IPs During RDP Use** 📎 [DSR Coverage](https://dailysecurityreview.com/)**🐍 Coyote Malware Variant Exploits Windows UI Automation for Credential Theft** 📎 [The Hacker News report](https://thehackernews.com/)---### Resources & LinksNone this episode---### Call to Action- Subscribe: Stay updated on cybersecurity threats.- Leave a Review: Let us know what you think.- Join the Conversation: Follow our community and ask questions.---### Sponsor No sponsors this episode---### Podcast Socials & Website- Website: https://www.youvealreadybeenhacked.com- X: @professorcyberrisk- YouTube: https://www.youtube.com/@YABHPodcast- Discord/Community Forum: coming soon

Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps Bitdefender Threat Map: https://threatmap.bitdefender.com/ Live Cyber threat map: https://threatmap.checkpoint.com/ Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: 🔐 “Zero Trust, Zero Sleep: Threats You Didn't Patch in Time” Episode Number: 3x16 Overview This week, Professor CyberRisk and Cyber Cowboy ride through the blazing terrain of unpatched APIs, firmware-level betrayals, and malware hiding in plain sight. From Cisco’s critical ISE flaw to Europol’s real-life takedown of pro-Russian DDoS mercenaries — we break down what’s urgent, what’s systemic, and what’s just plain terrifying. No guests, just gas.Guest Information No Guest this week Top Stories 1. Cisco ISE Vulnerability — CVE-2025-20337 (CVSS 10) 2. Chinese APTs Target Taiwan’s Semiconductor Supply Chain 3. Europol Disrupts NoName057(16) Hacktivist DDoS Crew 4. GitHub Used as Malware Delivery Infrastructure 5. BADBOX 2.0 Preinstalled on Android IoT Devices Worldwide Additional Cybersecurity News – Titles and URLs * Cisco Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 * The Hacker News – Taiwan Espionage: https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html * Europol Press Release: https://www.europol.europa.eu/media-press/newsroom/news/global-operation-targets-noname05716-pro-russian-cybercrime-network * Cisco Talos – GitHub Malware Campaign: https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/ * Android Authority – BADBOX 2.0: https://www.androidauthority.com/google-sues-badbox-2-0-android-botnet-3579060/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: The Neural Network "coming soon"

**Hosts**- Professor CyberRisk - Cyber Cowboy **Live Cyber Maps**- Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Check Point Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information**  _Title:_ Patch Fatigue & Laptop Farms  _Episode Number:_ 315 (3x15)**Overview** This week, we explore the weakening foundation of global vulnerability databases, Microsoft’s massive patch release, a North Korean infiltration campaign, Rust-based malware targeting gamers, and a silent threat to developer ecosystems. From CI pipelines to “laptop farms,” threat actors are getting creative — and we’re unpacking what it means for the future of cybersecurity.**Guest Information** None this episode **Top Stories** 🔸 _Global Vulnerability Databases Are Cracking_ NVD’s 25K+ vulnerability backlog and CVE’s near-collapse signal deep trouble. CISA’s “Vulnrichment” aims to decentralize enrichment, but public trust is deteriorating. → Why It Matters:- C 🔗 https://www.iwebbs.com/newsletter/july-2025-cybersecurity-newsletter/ 🔸 _Microsoft Patches 130 Flaws — No Zero-Days_ July’s Patch Tuesday resolved 130 vulnerabilities including a wormable SPNEGO flaw (CVSS 9.8). Zero-day drought continues, with RCE and escalation attacks surging. → Why It Matters:-” 🔗 https://www.cybersecurity-review.com/news-july-2025/ 🔸 _North Korean IT Worker Scheme Dismantled_ DOJ busted a sprawling DPRK operation using fake identities to infiltrate 100+ U.S. companies. 21 “laptop farms” across 14 states fueled $900K in crypto funding. → Why It Matters:-” 🔗 https://www.iwebbs.com/newsletter/july-2025-cybersecurity-newsletter/ 🔸 _Myth Stealer Targets Gamers & Browsers_ Rust-based malware spreads via fake cheat tools, collecting credentials and autofill data. A free Telegram drop evolved into a full MaaS operation. → Why It Matters:- 🔗 https://www.secmentis.com/news/ 🔸 _CI Flaw in Open VSX Threatens Millions of Devs_ A flaw in Open VSX Registry’s CI pipeline exposed millions of VS Code users to silent compromise. Platforms like Gitpod and Google Cloud Shell were at risk. → Why It Matters:- https://www.iwebbs.com/newsletter/july-2025-cybersecurity-newsletter/ **Additional Cybersecurity News – Titles and URLs** None this episode**Resources & Links** None this episode**Call to Action**- Subscribe: Stay updated on cybersecurity threats. - Leave a Review: Let us know what you think. - Join the Conversation: Follow our community and ask questions. **Sponsor (if applicable)** No sponsors this episode**Podcast Socials & Website**- Website: https://www.youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: coming soon

**Hosts**- Professor CyberRisk - Cyber Cowboy **Live Cyber Maps** Bitdefender Threat Map: https://threatmap.bitdefender.com/  Live Cyber Threat Map: https://threatmap.checkpoint.com/  Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/  Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam**Episode Information**  **Title**: Inside Job or Global Takedown? Cyber Attacks, AI Frontlines & Educational Standoffs **Episode Number**: 314**Overview** A global ransomware strike knocks out a supply giant. A ransomware negotiator faces a DOJ probe. Students launch a cyber nonprofit. AI takes command of the SOC. And a legal battle ignites over virtual student visibility. This episode explores the thin line between resilience and vulnerability in modern cybersecurity.**Guest Information** No guests this episode.**Topics Covered**- Ingram Micro ransomware incident and global supply chain impacts - Ethics breach in ransomware negotiations - AI integration in threat detection and incident response - Student-led cybersecurity initiatives for SMBs - Legal conflict over virtual learning surveillance policies **Top Stories**  **Ingram Micro Hit by Ransomware: Global Supply Chain Disrupted**- Global IT distributor paralyzed by ransomware, halting orders on July 4th weekend - Systems impacted: Xvantage, licensing, backend logistics - Group "Safepay" suspected behind the breach - Highlights fragility in vendor ecosystems and need for clearer crisis comms **Additional Cybersecurity News – Titles and URLs**  **The Negotiator Turned Double Agent? DOJ Investigates Ransomware Middleman**  _US DoJ Probes Ex-Ransomware Negotiator Over Alleged Extortion Kickbacks_**LLMs Take Over the SOC: Hype, Hope, and Hallucinations**  _Why Large Language Models Are The Future Of Cybersecurity_**Students Launch Free Pen Testing Nonprofit to Help SMBs Fight Back**  _BGSU Students Create Nonprofit to Provide Free Cybersecurity Testing_**Cyber School’s Surveillance Debate Goes Legal**  _Central Pa. Cyber School Facing Suit Says It’s ‘Unreasonable’ for Teachers to See Students Weekly – PennLive.com_**Resources & Links** None this episode**Call to Action**- Subscribe: Stay updated on cybersecurity threats. - Leave a Review: Let us know what you think. - Join the Conversation: Follow our community and ask questions. **Sponsor (if applicable)** No sponsors this episode**Podcast Socials & Website**- Website: https://www.youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: coming soon

HostsProfessor CyberRiskLive Cyber MapsBitdefender Threat Map: https://threatmap.bitdefender.com/Check Point Threat Map: https://threatmap.checkpoint.com/Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spamEpisode InformationTitle: Cyber Frontlines: From DevOps to Digital BattlefieldsEpisode Number: 313Overview This week, we’re cutting through the noise to bring you five critical cybersecurity stories. From DevOps compliance challenges and AI-powered hospital defenses to international cybercrime crackdowns and military cyber readiness, this episode is packed with insights that matter. No sports. Just signal.Guest Information None this episodeTopics CoveredDevOps and global compliance pressureK–12 cyber education policy shiftsAI applications in healthcare securityNigeria’s cybercrime response evolutionMilitary CEMA strategy and leadership transitionTop StoriesCybersecurity Laws Reshaping DevOpsCybersecurity in Education—Funding Gaps & Policy ShiftsAI vs. Ransomware in HealthcareNigeria’s Crackdown on Cybercrime11th Cyber Battalion Change of CommandAdditional Cybersecurity News – Titles and URLs None this episodeResources & Links None this episodeCall to ActionSubscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Join the Conversation: Follow our community and ask questions.Sponsor (if applicable) No sponsors this episodePodcast Socials & WebsiteWebsite: https://www.youvealreadybeenhacked.comX: @professorcyberriskYouTube: https://www.youtube.com/@YABHPodcastDiscord/Community Forum: Coming soon

**Host**  * Professor CyberRisk  **Live Cyber Maps**  * Bitdefender: https://threatmap.bitdefender.com/  * Checkpoint: https://threatmap.checkpoint.com/  * Kaspersky: https://cybermap.kaspersky.com/  * Talos: https://talosintelligence.com/ebc_spam  ---**Episode Information**  **Title:** Throwbacks, Threats & Low-Code Chaos: BSIDES San Antonio 2025 Recap  **Episode Number:*3x12* ---**Overview**  Professor CyberRisk recaps key takeaways from BSIDES San Antonio 2025—from the old-school vulnerabilities still driving breaches, to the emerging risks of citizen automation and low-code tools. Featuring stories of real-world failures, practical patching tips, and AI agents flirting with operational use.---**Guest Information**  No guest this episode  ---**Topics Covered**  * Legacy exploits and why attackers love “throwbacks”  * Baltimore’s ransomware event, Equifax’s missed patch, Oracle Health’s oversight  * Gift card scams: why they still cost us hundreds of millions  * Business insurance denials due to known unpatched vulnerabilities  * The rise of low-code/no-code: convenience vs. control  * Risks in tools like N8N, Power Automate, and shared automation templates  * OWASP’s Low-Code/No-Code Top 10 and why it matters  * CVE analysis using AI agents and the limits of large language models  * Retrieval-Augmented Generation (RAG), LangChain, Model Content Protocol (MCP)  ---**Top Stories**  * FBI & CISA joint advisory on Ghost Ransomware  * Phishing remains the #1 vector—32% of ransomware linked to old, unpatched flaws  * Humans are still the weakest link: poor training, fear of downtime, no patch policies  ---**Additional Cybersecurity News – Titles and URLs**  None this episode  ---**Resources & Links**  None this episode  ---**Call to Action**  * **Subscribe:** Stay informed on cybersecurity threats  * **Leave a Review:** Share your feedback  * **Join the Conversation:** Connect with our growing community  ---**Sponsor**  No sponsors this episode  ---**Podcast Socials & Website**  * Website: https://www.youvealreadybeenhacked.com  * X: @professorcyberrisk  * YouTube: https://www.youtube.com/@YABHPodcast  * Discord/Community Forum: coming soon  

### Hosts- Professor CyberRisk - Cyber Cowboy ### Live Cyber Maps- Bitdefender Threat Map - Live Cyber Threat Map - Kaspersky Cyber Threat Map - Talos Intelligence - ebc_spam Map ### Episode Information**Title:** Securing Our Future: A Deep Dive into Cybersecurity Challenges and Solutions  **Episode Number:** 311### OverviewThis episode explores critical cybersecurity challenges, from human error to emerging threats. We highlight industry efforts, user experience in security tools, key figures driving innovation, and strategies for engaging CISOs in an AI-driven world.### Guest InformationNone this episode### Topics Covered- The human element in cybersecurity - AI-driven security solutions - FBI warnings about BADBOX 2.0 malware - Cyberattacks disrupting grocery supply chains - National cybersecurity competitions fostering new talent ### Top Stories**The Human Element in Cybersecurity** Despite being a major vulnerability, human involvement can also be a security asset. Awareness campaigns, training, and fostering a strong security culture are essential to mitigating risks.### Additional Cybersecurity News – Titles and URLs- **FBI Warns of BADBOX 2.0 Hijacking Android IoT Devices**  _Millions of Android-based IoT devices have been compromised, turning them into nodes in a global botnet._ - **Cyberattack Hits UNFI, Disrupting Grocery Supply Chains**  _UNFI, a major grocery distributor, faces IT outages, leading to empty store shelves and stock declines._ - **Cybersecurity Industry’s Response to Foreign Threat Actors**  _National security concerns rise as cyber threats target critical infrastructure and financial systems._ - **US Banks ‘Deeply Concerned’ About Cybersecurity Risks After Regulator Attack**  _Financial institutions reassess security following a breach of a top regulatory agency._ - **DSTA BrainHack 2025 Cybersecurity Competition**  _Over 4,300 students join a national event, highlighting the next generation of cybersecurity professionals._ ### Resources & LinksNone this episode### Call to Action- **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. ### Sponsor (if applicable)No sponsors this episode### Podcast Socials & Website- Website - X (@professorcyberrisk) - YouTube - Discord/Community Forum: Coming soon

HostsProfessor CyberRiskCyber CowboyLive Cyber MapsBitdefender Threat MapLive Cyber Threat MapKaspersky Cyber Threat MapTalos Intelligence - ebc_spam MapEpisode InformationTitle: Cybersecurity Crossroads: Why Action Can’t Wait  Episode Number: 310OverviewThis episode dives into the evolving cybersecurity landscape, exploring pressing global challenges and the proactive strategies leaders must adopt. From government policies to groundbreaking technologies, we’ll break down what’s shaping digital security today.Guest InformationNone this episodeTopics CoveredGlobal cybersecurity leadership & responsibilitiesAI-driven security advancementsWorkforce challenges in government agenciesCybersecurity education for future generationsState-level cybersecurity initiativesTop StoriesCybersecurity’s Next Chapter: Why Global Leaders Need To Act Before The Threats Do Threats are more frequent and sophisticated, with ransomware damages reaching $10.9B in 2023. Expert David Jones urges leaders to implement stronger defenses, invest in AI, and foster global collaboration.Additional Cybersecurity News – Titles and URLsFortinet Aims to Educate Aussie Kids on Cybersecurity  Fortinet launches a cybersecurity awareness program for students in Australia, reinforcing digital safety education.CISA Faces Workforce Challenges Amid Staff Cuts  With a significant talent exodus, CISA faces obstacles in fulfilling its mission and maintaining critical partnerships.Texas Expands Its Cybersecurity Efforts  Texas establishes the largest state cybersecurity department, setting a precedent for coordinated cyber defense initiatives.Resources & LinksNone this episodeCall to ActionSubscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & WebsiteWebsiteX (@professorcyberrisk)YouTube • • Discord/Community Forum: Coming soon

HostsProfessor CyberRiskCyber CowboyLIVE Threat MapsBitdefender Threat MapLive Cyber Threat MapKaspersky Cyber Threat MapTalos Intelligence - EBC Spam MapTitle: Deepfakes, Hacks & Zero-Trust: The Future of Cybersecurity  Episode Number: 309In this episode, we discuss the latest cybersecurity challenges of 2025, covering major breaches, evolving government policies, and cutting-edge security solutions. With cyber threats becoming more sophisticated, organizations and individuals must stay vigilant to safeguard their digital assets.Rising deepfake scams and AI-driven cyber threatsThe urgency of renewing the Cybersecurity Information Sharing Act (CISA)The Zero-Trust security model and its role in preventing breachesBlockchain’s transformative impact on healthcare cybersecurityThe risks of free public Wi-Fi and how to stay safeU.S. House Committee on Homeland Security Calls for Cybersecurity ActionLawmakers discuss escalating cyber threats and the expiration of CISA.Victoria’s Secret Suffers Major Cybersecurity BreachThe company temporarily takes down its website following an attack.UChicago Medicine Patient Data ExposedA third-party vendor breach exposes personal and financial data for 38,000 patients.The Cybersecurity Catch That Comes With Free Public Wi-Fi – GovTechZero-Trust is Redefining Cybersecurity in 2025 – Computer WeeklyHow Blockchain Technology Can Revolutionize Healthcare Data Cybersecurity – ForbesAI Cybersecurity Risks and Deepfake Scams on the Rise – MSNNavigating The Cybersecurity Job Market As A Certified Professional – ForbesSubscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Join the Conversation: Follow our community and ask questions.No sponsors this episodeWebsite: You’ve Already Been HackedX: @professorcyberriskYouTube: YABH PodcastDiscord/Community Forum: Coming soon

### Hosts * Professor CyberRisk * Cyber Cowboy ### Live Cyber Maps * [Bitdefender Threat Map](https://threatmap.bitdefender.com/) * [Live Cyber Threat Map](https://threatmap.checkpoint.com/) * [Kaspersky Cyber Threat Map](https://cybermap.kaspersky.com/) * [Talos Intelligence - ebc_spam Map](https://talosintelligence.com/ebc_spam) ---### Episode Information **Title:** Cybersecurity at the Crossroads: AI, Quantum, and the Boardroom’s Role **Episode Number:** [Insert Episode Number] ---### Overview Cyber threats continue to evolve, requiring proactive strategies from leadership, industries, and security professionals. This episode explores the intersection of AI, quantum computing, and regulatory shifts, diving into cybersecurity trends across sectors. ---### Guest Information No guest this episode. ---### Topics Covered * Boardroom involvement in cybersecurity * AI-driven threats and adversarial AI * Maritime cybersecurity challenges * Quantum computing’s impact on security * Cybersecurity job growth in emerging hubs * NSA guidance on securing AI systems * Healthcare industry vulnerabilities ---### Top Stories **The Boardroom’s Role in Cybersecurity** * Only 40% of companies involve boards in cybersecurity despite 60% experiencing attacks. * Proactive boards see 30% fewer breaches—organizations must prioritize security strategy alignment. **Maritime Cybersecurity: A Call for Collaboration** * 80% of shipowners experienced cyberattacks in the past three years. * SmartSea advocates for cross-industry collaboration to mitigate risks. **Cybersecurity Job Growth in Emerging Hubs** * Cities like Austin & Raleigh offer lucrative opportunities amid rising demand. * Austin sees a 22% annual growth in cybersecurity roles. **The Hidden Threat of Adversarial AI** * AI-driven cyber threats manipulate security models, evading detection. * Organizations must invest in adversarial training and model validation. **NSA’s AI Security Recommendations** * Joint guidelines released by the U.S., Australia, New Zealand & UK. * Focus on data integrity, provenance tracking, and secure infrastructure. **The Cyber Resilience Act’s Industry Impact** * EU regulations tighten security demands for industrial manufacturers. * Increased costs require firms to innovate while ensuring compliance. **Quantum Computing Threats** * Experts warn encryption vulnerabilities could emerge in the next decade. * NIST leads efforts to develop quantum-resistant algorithms. **Healthcare Cybersecurity Challenges** * Kettering Health cyberattack highlights industry vulnerabilities. * Healthcare must adopt robust security measures to protect patient data. ---### Additional Cybersecurity News – Titles and URLs * **Boards Need a More Active Approach to Cybersecurity** * **SmartSea Calls for Collaboration to Strengthen Maritime Cybersecurity** * **Top 12 US Cities for Cybersecurity Job Growth | CSO Online** * **The Rise of Adversarial AI in Cybersecurity | Security Info Watch** NSA Publishes Joint Guidance on AI System Data Security** Industrial Firms Struggle to Meet Cyber Resilience Act’s Security Demands** Using Input to Prepare for the Quantum Computing Revolution** Kettering Health Cybersecurity Attack Highlights Vulnerabilities** ---# Resources & Links None this episode ---# Call to Action Subscribe** – Stay updated on cybersecurity threats. Leave a Review** – Let us know what you think. Join the Conversation** – Follow our community and ask questions. ---# Sponsor (if applicable) No sponsors this episode ---# Podcast Socials & Website Website:** [https://www.youvealreadybeenhacked.com](https://www.youvealreadybeenhacked.com) X (Twitter):** [@professorcyberrisk](https://twitter.com/professorcyberrisk) YouTube:** [YABH Podcast](https://www.youtube.com/@YABHPodcast) Discord/Community Forum:** Coming soon

HostsProfessor CyberRiskCyber CowboyLive Cyber MapsBitdefender Threat Map https://threatmap.bitdefender.com/Live Cyber threat map - https://threatmap.checkpoint.com/Kaspersky Cyber Threat Map - https://cybermap.kaspersky.com/Talos Intelligence - ebc_spam Map - https://talosintelligence.com/ebc_spamEpisode InformationTitle: **The Cyber Heist: Lessons from Coinbase & Dior’s Data Breaches**Episode Number: 3x07Overview: In this episode, we delve into the growing threats of cyberattacks and the importance of safeguarding personal and financial data. We discuss high-profile breaches like the $400 million cyberattack on Coinbase and Dior's customer data scandal, while exploring strategies to mitigate risks for everyday users. This episode is essential listening for anyone concerned about online security.## Top Story:  **Title**: A $400M Cyberattack on Coinbase: Lessons for Investors  **Article Title**: Coinbase faces $400 million cyberattack blow ahead of S&P 500 debut  ### Summary:  Coinbase, a major player in the cryptocurrency market, revealed that it fell victim to a significant cyberattack. The breach exposed account data for a "small subset" of customers, potentially affecting up to 400 million dollars. This attack comes at a pivotal moment for Coinbase, as it prepares to join the S&P 500 index—a move that would significantly boost its visibility and market cap.  - **Key Details**:    - The cyberattack exposed sensitive information such as names, email addresses, and phone numbers of impacted users.    - Coinbase has not specified whether the attackers gained access to financial data or transaction records.    - The incident led to a nearly 3% drop in Coinbase's stock price on Thursday.  ---## Additional Stories:  ### 1. Title: Anne Arundel Cyber Incident Revealed as Ransomware Attack  #### Summary:  In February, Anne Arundel County experienced a significant ransomware attack that disrupted local businesses and government services. The cyberattack forced county employees to work from home and impacted essential operations like trash collection and permitting.  - **Key Details**:    - Local businesses reported losing access to financial records and communication systems due to the ransomware.    - The county government paid a significant ransom to regain access to its data, though the exact amount was not disclosed.    - The attack highlighted vulnerabilities in small and medium-sized organizations that lack robust cybersecurity infrastructure.  ###2. Title: Luxury Brand Dior Confirms Customer Data Breach Nightmare  #### Summary:  Luxury fashion brand Dior has confirmed that a cyberattack exposed the personal information of its customers. The breach affected thousands of individuals, with sensitive data including names, email addresses, and phone numbers potentially being leaked online.  - **Key Details**:    - Dior has stated that it is working with cybersecurity experts to investigate the extent of the breach and mitigate further damage.    - Affected customers have been advised to change their passwords and monitor their accounts for suspicious activity.    - The incident underscores the risks faced by high-profile brands with extensive customer bases.      - Customers should be wary of sharing personal information on unsecured platforms, especially when dealing with well-known brands.  ---Resources & LinksNone this episodeCall to ActionSubscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & WebsiteWebsite: https://www.youvealreadybeenhacked.comX: @professorcyberriskYouTube: https://www.youtube.com/@YABHPodcastDiscord/Community Forum: coming soon

**Episode 3x06: Cybersecurity Chaos – Layoffs, Lawsuits, & Ransomware Rampage** **Hosts:** Professor CyberRisk & Cyber Cowboy ## **Overview:** This episode dives into major cybersecurity news, from corporate layoffs and ransomware extortion to legal battles that could reshape the industry. ## **Top Story: NVIDIA RTX 5090 – The Password Cracking Powerhouse** The NVIDIA RTX 5090 can **crack an 8-digit numerical passcode in just 3 hours**. - Testing by Hive Systems shows **simple passwords** are extremely vulnerable. - Adding uppercase letters, numbers, and symbols extends cracking time to **164 years**. - Compared to RTX 4090, **RTX 5090 is twice as fast** at cracking complex passwords. 🔗 [Tom’s Hardware](https://www.tomshardware.com/pc-components/gpus/nvidia-rtx-5090-can-crack-an-8-digit-passcode-in-just-3-hours) ### **Implications:** - Stronger passwords are a must. - GPU-powered hacking is an increasing threat. - Multi-factor authentication is more important than ever. ## **Additional Stories:** ### **CrowdStrike’s $10 Billion Ambition = 500 Layoffs** CrowdStrike cut **500 jobs**, citing AI-driven efficiencies in its push for $10 billion revenue. 🔗 [CyberNews](https://cybernews.com/news/crowdstrike-cuts-jobs-automation-revenue/) ### **PowerSchool Ransomware – Schools Under Siege** PowerSchool suffered a **major ransomware attack**, paying millions in ransom, yet hackers continue extorting school districts. 🔗 [CyberNews](https://cybernews.com/news/powerschool-ransomware-attack-extorting-school-districts/) ### **Meta vs. NSO – A $168M Cyberespionage Battle** Meta won a **$168M lawsuit** against spyware firm NSO Group, setting a precedent for cyberespionage accountability. 🔗 [TechStory](https://techstory.in/meta-wins-168mn-lawsuit-against-nso-group-a-blow-to-the-spyware-industry/) ### **Co-op Cyber Attack – Supply Chain Nightmare** A cyberattack disrupted UK supermarket chain **Co-op**, leading to emergency supply diversions for rural areas. 🔗 [Daily Mail](https://www.dailymail.co.uk/news/article-xyz.html) ---### **Final Thoughts:** This week highlights **AI's growing role in cybersecurity**, the **persistent ransomware threat**, and **legal battles shaping the industry**. Staying informed is the best defense. ### **Resources & Links** 🔗 Live Cyber Threat Maps: - [Bitdefender](https://threatmap.bitdefender.com/) - [Check Point](https://threatmap.checkpoint.com/) - [Kaspersky](https://cybermap.kaspersky.com/) - [Talos Intelligence](https://talosintelligence.com/ebc_spam) ### **Call to Action:** ✅ Subscribe for cybersecurity updates. ✅ Leave a review & share your thoughts. ✅ Follow us for ongoing discussions! ### **Podcast Socials & Website:** 🌐 Website: [youvealreadybeenhacked.com](https://www.youvealreadybeenhacked.com) 📍 X (Twitter): @professorcyberrisk 📺 YouTube: [YABH Podcast](https://www.youtube.com/@YABHPodcast) 🔗 Discord/Community Forum: **Coming Soon**

HostsProfessor CyberRisk & Cyber CowboyLive Cyber Maps in the Digital SOCBitdefender Threat MapCheckpoint Cyber Threat MapKaspersky Cyber Threat MapTalos Intelligence - ebc_spamEpisode Number: 3x05  Title: "Cyber Chaos: Major Retailers Under Siege"This episode covers major cyber attacks on retailers like M&S and Harrods, examining the impact on businesses, consumers, and cybersecurity trends.M&S Cyber Attack: 11 Days of Disruption M&S has been struggling with a crippling cyber attack for over 10 days, affecting website operations and services. CEO Stuart Machin apologized, while recovery efforts continue. Experts say full restoration could take weeks, raising concerns over data security.Co-op Cyber Attack: Millions of customers affected as hackers steal sensitive financial data.High Street Cyber Attacks: Experts warn that breaches at M&S and Harrods signal a growing trend of cybercrime targeting major retailers.India’s Digital Siege: Over one million cyber attacks following the Pahalgam terror incident, hitting government and banking systems.Cyber-Sexual Attack Lawsuit: Former Cal State athlete sues over alleged hacking and privacy breach by a university coach.Harrods Cyber Attack: In the wake of the M&S breach, Harrods has also fallen victim, highlighting the cascading impact of cyber threats.Cybersecurity is vital for businesses and consumers alike.Companies must strengthen defenses to protect customer data.Consumers should monitor accounts for suspicious activity.Businesses: Upgrade cybersecurity, train employees, and conduct regular security audits.Consumers: Use strong passwords, enable two-factor authentication, and be wary of phishing attempts.Stay Informed: Keep up with cybersecurity news and best practices.Subscribe for updates, leave a review, and join the cybersecurity conversation!Website: You’ve Already Been HackedX: @professorcyberriskYouTube: YABH PodcastDiscord/Community Forum:Live Cyber MapsEpisode InformationOverviewTop StoryAdditional StoriesKey TakeawaysActionable StepsCall to ActionPodcast Socials & Website