Link to episode page This week’s Department of Know is hosted by Rich Stroffolino with guests Dennis Pickett, vp, CISO, RTI International, and Jacob Combs, CISO, Tandem Diabetes Care Thanks to our show sponsor, ThreatLocker Many security strategies still assume everything…
Category: EN
Hybrid Vishing Campaigns Abuse Online Services to Evade Anti-Spam Filters
Fortra finds hybrid vishing now abuses trusted platforms to bypass filters and trick victims into calling attacker-controlled numbers. The post Hybrid Vishing Campaigns Abuse Online Services to Evade Anti-Spam Filters appeared first on eSecurity Planet. This article has been indexed…
Announcing Red Hat Advanced Cluster Security for Kubernetes 4.10
Security is an important aspect of any digital undertaking, and Kubernetes is no different. We’ve built Red Hat Advanced Cluster Security for Kubernetes to form a foundational layer of security across fleets, estates, and platforms, be it public, private, or…
OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens
OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: OpenAI Codex…
BSidesSLC 2025 – Risk Management Explained Through Star Wars
Author, Creator & Presenter: Kenny Scott – Founder & CEO Of Paramify Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink The post BSidesSLC 2025 – Risk Management…
While TSA Made Headlines, CISA Went Dark
The Department of Homeland Security has been partially shut down for over 45 days. In that time, 460 TSA officers have quit, absences at major airports have exceeded 30%, and the TSA acting head publicly warned the agency may need…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3055 Citrix NetScaler Out-of-Bounds Read Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses…
12 Best AWS Monitoring Tools in 2026
Amazon Web Services (AWS) is a cloud computing platform for businesses of all sizes and types. AWS’s architecture is robust and scalable, but dependability, performance, and security must be monitored. These aims guide AWS’s monitoring tools and services, which help…
OpenAI patches ChatGPT flaw that smuggled data over DNS
Check Point says outbound controls blocked web traffic but overlooked DNS OpenAI talks up data security for its AI services, yet Check Point says that ChatGPT allowed data to leak through a DNS side channel before the flaw was fixed.……
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point. “A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration…
China-Linked groups target Southeast Asian government with advanced malware in 2025
China-linked groups hit a Southeast Asian government in 2025, deploying multiple malware families in a sophisticated cyber campaign. In 2025, three China-linked threat clusters targeted a Southeast Asian government in a complex, well-funded cyber operation. Threat actors deployed numerous malware…
Europol Takes Down Large Dark Web Scam Network
European law enforcement has dismantled an extensive Dark Web operation that was built to deceive users seeking illegal content and cybercrime services. According to Europol, a 35-year-old man based in China is suspected of creating a network of 373,000 Dark…
Breach Readiness in the Age of Mythos: When Your AI Thinks, Learns, and Defends
Anthropic left details of an unreleased model, an invite-only CEO retreat, sitting in an unsecured data trove in a significant security lapse. Leaked reports suggest this next-generation model from Anthropic is a major advancement in reasoning, coding, and cyber offense.…
Wave Browser Brings Gaming Tools and Ocean Cleanup into the Same Tab
Wave Browser for gaming: built for multitasking, streaming, and tabs, with tools for gamers plus ocean cleanup support tied to everyday browsing activity. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
RSAC 2026: Fraud Becomes a CISO-Level Security Threat
I sat down with the CEO of Bolster AI at RSAC 2026 to talk about the changing fraud landscape. The post RSAC 2026: Fraud Becomes a CISO-Level Security Threat appeared first on eSecurity Planet. This article has been indexed from…
North Korean IT Worker Allegedly Used Stolen Identity and AI Resume in Job Application Scam
A suspected North Korean operative tried to sneak into a remote job at a cybersecurity firm by using a stolen identity, a fake AI-generated resume, and a VoIP phone number. The case, uncovered in June 2025, shows how North Korea’s…
Exposed Server Reveals TheGentlemen Ransomware Toolkit, Victim Credentials, and Ngrok Tokens
A misconfigured server hosted on a Russian bulletproof hosting provider has exposed the complete operational toolkit of a TheGentlemen ransomware affiliate, including harvested victim credentials and plaintext authentication tokens used to establish hidden remote access tunnels. TheGentlemen ransomware group operates…
Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
Also, EU probes Snapchat, RedLine suspect extradited, AstraZeneca leak claim surfaces, and more infosec in brief The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort…
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow
15-year-old strongSwan flaw allows attackers to crash VPNs via integer underflow bug, affecting EAP-TTLS plugin and multiple versions worldwide. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: 15-Year-Old strongSwan…
TA446 Hackers Deploying DarkSword Exploit Kit to Attack iOS Users
A known threat group called TA446 has been caught using a newly discovered exploit kit called DarkSword to target iOS users. This development marks a significant shift in the group’s tactics, as previous activity from TA446 showed no signs of…