The Awareness Angle: Cyber News Weekly

Risky Creative
  • 4.6 (5)
  • TECH NEWS
  • UPDATED WEEKLY

The Awareness Angle makes cybersecurity make sense. Hosted by Anthony and Luke, we break down the biggest cyber stories of the week. From phishing scams and AI fraud to major data breaches and the sneaky ways people get hacked, we explain what’s going on and why it matters. But this isn’t just another tech podcast. We focus on the human side of cybersecurity. How scams actually work, why people fall for them, and what we can all do to stay safer online. You’ll get practical tips, real-world examples, and relatable stories that show how cyber threats affect everyday people, not just big busin

  1. 22/12/2025

    Microsoft Account Hacks, WhatsApp Ghost Pairing, and Extensions Spy On AI

    This week on The Awareness Angle, breaches, extortion, and quietly invasive tech all collide. From real estate firms leaking highly sensitive data to browser extensions secretly harvesting AI conversations, the theme this week is trust, and how easily it gets abused. Luke is back from holiday, and we kick off with Breach Watch, starting with a New York and DC real estate developer exposing nearly 47,000 people after a ransomware attack. We then look at SoundCloud losing control of user data, followed by one of the most personal extortion cases we have seen, PornHub Premium viewing history stolen via a third party analytics provider. We also cover the ongoing UK government hack that ministers are playing down, despite growing concern around state linked espionage. In What the Hack, we dig into malware hidden inside movie subtitle files on fake torrents, a new Microsoft account takeover technique that bypasses passwords, MFA, and passkeys, and a Chrome browser extension that was quietly intercepting millions of users’ AI chats while wearing a trusted Featured badge. We also revisit LG’s smart TV Copilot backlash, and how user pushback forced a rapid U turn. The wider topics take us from WhatsApp account hijacking via Ghost Pairing, to activity tracking risks in messaging apps, the growing problem of deepfakes and trust online, crypto scams draining life savings, and how Amazon detected a North Korean infiltrator based on something as subtle as keystroke lag. If you want cyber news explained with clarity and zero jargon, you are in the right place. Chapters 00:00:00 Welcome, and this week’s storiesBreach Watch00:01:36 NYC and DC real estate developer data breach00:04:27 SoundCloud breach and VPN disruption00:08:15 PornHub extortion and leaked viewing history00:13:27 UK government hack investigationWhat the Hack00:16:49 Malware hidden in movie subtitle files00:21:55 Microsoft account takeover surge and ConsentFix00:28:47 Chrome extensions harvesting AI chats00:34:54 LG backtracks on Copilot for smart TVsTopics00:38:09 WhatsApp Ghost Pairing account hijack00:41:48 WhatsApp and Signal activity tracking risks00:47:50 Deepfakes, content credentials, and trust online00:49:43 Idris Elba waxwork and biometric security limits00:53:32 Do we actually need AI00:54:40 Crypto scam victim loses 1.8 million dollars00:57:32 North Korean infiltrator caught via keystroke lag More Informationhttps://riskycreative.com Listen on the goSpotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196 Follow usLinkedIn: The Awareness Angle NewsletterTikTok: @infosecantInstagram: @riskycreativeYouTube: @riskycreative If you found this useful, hit subscribe and share it with someone who cares about cyber but does not speak cyber. Stay aware, stay secure.

    1h 2m

  2. 20/12/2025

    Vanity Metrics - Cary Johnson on Why Benchmarks Fail and Baselines Matter

    Subscribe on your favourite platforms and visit https://linktr.ee/riskycreative for more of ∠The Awareness Angle. This week on The Awareness Angle Interviews, Ant sits down with Cary Johnson, founder of Phishbusters, for a straight talking conversation about security awareness, human risk, and why so many programmes struggle to prove real impact. This episode strips away dashboards, buzzwords, and vendor narratives to focus on what actually reduces phishing risk. Cary brings a science led perspective to awareness, challenging engagement metrics, benchmarks, and the idea that looking busy means you are becoming more secure. We get into phishing as a measurement tool rather than a content engine, why repeat clickers are not all the same, and how poor measurement can quietly create fatigue, resentment, and false confidence across organisations. If you work in security awareness, human risk, or phishing defence, this conversation will challenge how you think about success. We talk about Why engagement does not equal impact Benchmarks versus baselines, and why the difference really matters Phishing as the number one human risk Repeat clickers, learners, and where risk actually sits Why overtraining creates fatigue and resentment Verification skills and keeping awareness simple Compliance theatre and the danger of vanity metrics Vendors marking their own homework How to test whether your programme is genuinely workingThis is a calm but challenging discussion that says the quiet part out loud. It shows how easily good intentions can turn into noise when measurement is flawed, and how much simpler awareness can be when we focus on proof instead of performance. Let me know what it gets you thinking about. Stay aware, stay secure. Previous Episodehttps://www.youtube.com/watch?v=EntRmhcDOBM&list=PLEsOj51Q0PfA0qX6BRlNnyD7lG8JlijRf LinksYouTube: https://www.youtube.com/@riskycreativeLinkedIn: https://www.linkedin.com/company/riskycreativeSpotify: https://open.spotify.com/user/riskycreativeWebsite: https://www.riskycreative.comContact: hello@riskycreative.com Intro and outro music16! by falling foreverhttps://fallingforever.bandcamp.com/track/16License: CC BY 4.0https://creativecommons.org/licenses/by/4.0

    1h 10m

  3. 15/12/2025

    LG Copilot Update, Widespread Data Breaches, and Travel Privacy Fears

    This week on The Awareness Angle, data breaches keep piling up, ransomware is still doing damage, and software updates are becoming an attack surface all of their own. Luke is on holiday, so I am flying solo, but there is plenty to dig into. We start with a classic insider risk failure at Coupang, where a former employee kept access after leaving, followed by a credit checking firm exposing millions of people who may never even have heard of them. We also look at a misconfiguration that left vet records publicly accessible, and a pharma company hit by ransomware where data theft came before encryption. In What the Hack, Apple rushes out emergency patches for active zero-day exploits, Notepad++ fixes a flaw that allowed malicious updates to be pushed to users, and LG quietly installs Microsoft Copilot onto smart TVs with no option to remove it, raising uncomfortable questions about control and consent. We then move into the wider topics, from why a breached Pringles account is actually a serious lesson about password reuse, to Roblox horror games rated far too young, smarter captchas designed to beat bots, and a US proposal that could see travellers handing over years of social media history just to cross the border. If you want cyber news explained with clarity and zero jargon, you are in the right place. Chapters 00:00 Welcome and this week’s stories 01:10 Breach Watch begins Breach Watch 01:30 Coupang breach traced to ex-employee access 06:30 Credit check company breach exposes millions 13:40 Petco Vetco website data exposure 19:40 Inotiv ransomware attack and data theft What the Hack 25:30 Apple emergency zero-day updates 30:40 What is a zero day, explained simply 32:30 Notepad++ malicious update flaw 37:40 LG TVs install Microsoft Copilot Ant’s Topics 46:10 Germany accuses Russia of air traffic control cyber attack 49:20 Pringles account breach and password reuse 51:40 Roblox games and content maturity concerns 53:40 US proposal to collect travellers’ social media history Wrap Up 54:50 Final thoughts and sign off Listen on the go Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196 Follow us LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/ TikTok: https://www.tiktok.com/@infosecant Instagram: https://www.instagram.com/riskycreative YouTube: https://www.youtube.com/@riskycreative If you found this useful, hit follow and share it with someone who cares about cyber but does not speak cyber. Stay aware, stay secure.

    55 min

  4. 08/12/2025

    Scientology Breach, Windows Chaos and a Live ChatGPT Scam

    This week on The Awareness Angle, things get lively. We break down the Scientology ransomware attack, the ongoing chaos at Westminster Council, the five hundred million Windows 10 devices now left unsupported, and the ClickFix scam impersonating ChatGPT that we discovered live during the recording. We dig into what the Qilin gang claims to have taken from Scientology, why Westminster is still struggling to deliver basic services, and how Microsoft has created a global security problem by forcing users onto hardware they cannot afford. We also look at the Windows LNK zero day, Microsoft’s new activity tracking in Teams, and India’s decision to drop its mandatory cyber safety app. The big moment this week is the fake ChatGPT Atlas installer. A live ClickFix scam pushed through a compromised Google Ads account, designed to steal passwords simply by tricking people into pasting a command into their terminal. It is a clear example of how modern attacks borrow trust from real brands. We finish with AI fakery, deepfake claims and a Japanese game studio that now asks applicants to draw live to prove their portfolios are human made. If you want cyber news explained with clarity and zero jargon, you are in the right place. Chapters00:00:00 Welcome back and Luke returns00:00:29 Overview of this week’s stories00:01:19 Breach Watch begins Breach Watch00:01:19 Scientology hit by Qilin ransomware00:03:28 Westminster Council attack update00:07:03 Freedom Mobile breach in Canada00:09:08 Brsk breach in the UK00:11:38 Marquis breach impacts seventy four US banks00:13:24 Wrap up of this week’s Breach Watch What the Hack00:14:25 Windows 10 crisis and unsupported devices00:16:07 Windows LNK zero day explained00:20:30 Teams location and activity reporting backlash00:22:20 India scraps mandatory cyber safety app ClickFix Discovery00:25:50 Fake ChatGPT Atlas browser and ClickFix attack00:31:10 Live discovery of active scam through Google Ads00:33:54 Reporting the malicious ad and account takeover Ant’s Topics00:41:20 Reddit story: employee clicks phishing link00:43:03 Why reporting quickly matters more than the click00:45:33 AI used to fake street footage and misinformation Luke’s Topics00:48:03 AI generated behind the scenes Home Alone footage00:53:52 Debunking viral AI content and misinformation00:55:14 Japanese studio now testing applicants live to stop AI cheating Wrap Up00:58:03 Final thoughts and sign off00:58:51 Outro Listen on the goSpotify: https://open.spotify.com/show/7rwzcRs...Apple Podcasts: https://podcasts.apple.com/us/podcast... Follow usLinkedIn: https://www.linkedin.com/newsletters/the-awareness-angleTikTok: https://www.tiktok.com/@infosecantInstagram: https://www.instagram.com/riskycreativeYouTube: https://www.youtube.com/@riskycreative If you found this useful, hit subscribe and share it with someone who cares about cyber but does not speak cyber. Stay aware, stay secure.

    59 min

  5. 01/12/2025

    Cartels, Fake Updates and One Big Budget Oops

    📢 Subscribe on your favourite platforms and visit https://linktr.ee/riskycreative for more of ∠The Awareness Angle. 📢 This Week on The Awareness Angle A council incident affecting thousands of residents, emergency alerts taken offline, a vishing breach at Harvard, fake Windows updates, AI voice scam stories, and an industrial scale Black Friday campaign tricking shoppers everywhere. Luke is off sick, so Ant takes you through a busy week in cyber on his own. We dive into AI generated shopping scams, a password trick that had Reddit arguing for hours, and a correction to a widely shared Gmail story that shows why verifying details still matters. In this episode: London councils hit by a cyber incident that slowed services Emergency alert systems in the United States disrupted after a cyber attack Harvard alumni data exposed after a vishing breach A SIM swap case that led to financial loss and emotional pressure The UK budget leak caused by a predictable URL Fake Windows update screens used to deliver malware through ClickFix Black Friday and Cyber Monday scams using hundreds of fake brand sites AI voice scams and how criminals can copy a voice with seconds of audio AI generated shopping scams and fake Etsy style listings A password trick involving colons that confused stealer logs The Gmail smart features correction and what really happened A preview of Ant’s session with Layer Eight on Champions programmesIf you work in cyber, tech, IT, risk or you simply want to stay ahead of common scams, this episode gives you clear context that helps you protect yourself and the people around you. 👋 About us Ant Davis helps people make sense of the human side of cybersecurity through Kindred Cyber, a people centred security service that focuses on behaviour, culture and clear communication. Luke Pettigrew is an experienced security professional with a strong background in user education for one of the UK’s largest online retailers. Together they turn complex cyber news into simple stories and practical advice. 👍 Support the show If you enjoy the episode, follow the podcast, rate it, and share it with someone who would find it useful. Timestamps00:00 Intro and Luke is off sick01:02 London Councils cyber incident03:15 OnSolve Code Red emergency alert breach06:55 Harvard vishing breach10:25 What the Hack SIM swap case from Joe Tidy16:33 OBR Budget leak caused by a predictable URL21:18 ClickFix fake Windows update malware27:55 Black Friday fake brand giveaways35:40 CIISec Live event recap42:38 TikTok default password coffee machine44:18 TikTok AI kidnap scam voice cloning48:35 Corridor Crew AI shopping scams52:00 Password tip using a colon53:02 Gmail smart features correction55:10 Layer 8 champions report preview56:30 Closing 🔗 Links YouTube: https://www.youtube.com/@riskycreative LinkedIn: https://www.linkedin.com/company/riskycreative Spotify: https://open.spotify.com/user/riskycreative Website: https://www.riskycreative.com 🎵 Music Intro and outro song: https://fallingforever.bandcamp.com/track/16

    44 min

  6. 24/11/2025

    WhatsApp Leak, Rail Hack and CCTV Horror Stories | Weekly Cyber News, But Human

    📢 Subscribe on your favourite platforms and visit https://linktr.ee/riskycreative for more of ∠The Awareness Angle 📢 This Week on The Awareness Angle Rail hacks, WhatsApp risks, CCTV horror stories, teenage cyber gangs, and a staffing breach that leaked over a hundred thousand CVs. It has been a busy week. Luke and I break down the biggest cyber stories in a way that actually makes sense for real people at work, not just security pros. We talk human risk, scams, what to watch out for, and why the simplest mistakes keep causing the biggest damage. In this episode: • The Italian rail supplier breach with 2.3 TB of stolen data • Salesforce customer data stolen through a Gainsight integration • Cornerstone Staffing and the leak of more than one hundred thousand CVs • A WhatsApp flaw exposing 3.5 billion phone numbers • A nationwide CCTV hack in India involving maternity wards and schools • Australia’s new under sixteen ban and what it means for social platforms • TfL’s 2024 cyber attack and the trial ahead • Plus our own stories, scams we spotted, and awareness topics making the rounds this week 👋 About us Ant Davis helps people make sense of the human side of cybersecurity. He runs Kindred Cyber, a people centred security service that gives organisations real world guidance, support and better engagement. Luke Pettigrew is an experienced security professional with years of hands on work educating people across one of the largest online food retailers in the UK. Together they take the complex parts of cyber and turn them into simple stories, clear guidance and content that helps people understand what is happening and why it matters. 👍 Support the show Subscribe, drop a like, and leave a comment. It helps more than you think. If you prefer short form content, follow us on TikTok, YouTube Shorts, and Instagram for daily clips. 📨 Stay updated Join the weekly newsletter for extra context, stories we did not cover, and links to everything we discuss. #cybersecurity #securityawareness #phishing #podcast #cloudsecurity #passwords #AIsecurity #infosec 🕒 Timestamps 00:00 Intro and welcome 00:19 Quick catch up 00:32 Ant starting Kindred Cyber 01:24 Moving into the breach report 02:03 Italian rail group breach 03:15 Salesforce and Gainsight breach 05:18 Cornerstone Staffing ransomware attack 08:32 WhatsApp flaw exposes 3.5 billion numbers 12:28 UK, US and Australia sanction Russian cyber firms 14:45 Australia adds Twitch to teen social media ban 19:52 CCTV hack in Indian maternity wards 27:43 TfL cyber attack court update 30:59 CIISEC Live and Ant’s appearance 32:17 Launch of Kindred Cyber 34:30 Lost Phone Passcode Social Engineering Scam 37:19 The AI data paste incident from Reddit 41:34 Flight scam and Google ads abuse 49:11 Bob's Business - Scams and AI made scam sites 51:33 Wrap up and closing thoughts 🍿 Previous Episode https://youtu.be/qsS5wWZTLrg 🟥 YouTube 🟦 LinkedIn 🟩 Spotify 📧 hello@riskycreative.com 🔗 https://www.riskycreative.com 🎵 Our Intro and Outro Song (© 16 by falling forever) https://fallingforever.bandcamp.com/track/16 License: CC BY 4.0 https://creativecommons.org/licenses/by/4.0/

    52 min

  7. 17/11/2025

    Can Attackers really turn safety tools into weapons?

    📢 Subscribe on your favourite platforms and visit https://linktr.ee/riskycreative for more of ∠The Awareness Angle This week on The Awareness Angle, Ant Davis and Luke Pettigrew break down a wild mix of stories that show how everyday tools are becoming attack surfaces. This episode digs into the human habits, design gaps and risky shortcuts that make these attacks possible. 🔓 Google Find Hub Used for Remote Wipe A North Korean group found a way to hijack Google accounts, track victims and remotely wipe Android devices. Ant and Luke talk through how cloud accounts have quietly become the true kill switch for modern phones. 🤖 The First AI Orchestrated Cyber Attack A Chinese state linked group jailbroke Claude Code and used it to run eighty to ninety percent of a full intrusion chain. No big team. No complex tooling. Just structured tasks and an AI agent that never gets tired. 💸 Checkout dot com Turns Extortion Into Something Positive Instead of paying, they donated the ransom amount to cybercrime research at Oxford and Carnegie Mellon. A rare example of turning an attack into something that helps the whole community. 📡 Two Billion Credential Dump HIBP indexes a massive set of recycled passwords and emails. The boys explain why password reuse is still at the root of so many real world breaches. 🔍 Ofcom Monitoring VPN Usage A UK regulator tracking VPN use with an unnamed vendor. Ant and Luke get into the privacy implications and why transparency matters. 🚌 Chinese Built Buses That Can Be Stopped Remotely A strange but worrying discovery in Norway. Even legitimate remote access can become a serious operational risk. 🧠 PlusCIISec Live, clever awareness ideas on LinkedIn, why timeless videos still work, and a worrying text scam that shows how vulnerable people are still the biggest targets for social engineering. #cybersecurity #securityawareness #phishing #podcast #cloudsecurity #passwords #AIsecurity #infosec 🕒 Timestamps: ​00:00 Intro and catch up​01:52 Breach Watch begins​02:27 Doctor Alliance healthcare breach​04:02 Synnovis NHS ransomware investigation​07:06 DoorDash social engineering breach​08:56 Checkout dot com extortion attempt​10:10 Synthient credential stuffing dump​13:25 Ofcom monitoring VPN usage​16:20 Chinese built buses can be remotely stopped​21:59 Google Find Hub remote wipe attack​25:55 AI orchestrated espionage using Claude Code​29:55 Scotland launches cyber observatory​31:00 UK Cyber Security and Resilience Bill​35:06 Quantum Route Redirect phishing kit​38:11 Awareness Awareness​40:59 Think and Share challenge​44:34 Right Hand Cyber Halloween posters​47:07 Jimmy Kimmel password clip​50:16 Leanne Potter on language shaping cyber and AI​52:48 Luke’s topic, Lloyds Bank text scam​54:40 Ant’s topic, suspicious car finance email example​58:20 Wrap up https://www.youtube.com/@riskycreative 🟦 https://www.linkedin.com/company/riskycreative 🟩 https://open.spotify.com/user/riskycreative 📧 hello@riskycreative.com 🔗 https://www.riskycreative.com 🎵 Our Intro and Outro Song (© 16 by falling forever) https://fallingforever.bandcamp.com/track/16 License: CC BY 4.0https://creativecommons.org/licenses/by/4.0

    59 min
  8. Human Risk, Real Talk - Dan Thornton on Keeping Security Simple

    14/11/2025

    Human Risk, Real Talk - Dan Thornton on Keeping Security Simple

    We are back with another interview and this one is a proper conversation about what security awareness should feel like. Honest, simple and human. This week I sat down with Dan Thornton, founder and CEO of Goldphish. Dan’s path into cyber started in the Royal Marine Commandos and moved through physical security and crisis management before one attack changed everything. NotPetya wiped out a global organisation he was supporting and it became clear that digital risk now hits harder and faster than anything physical. That moment pushed him into cyber and eventually into building Goldphish. What I love about Dan is how grounded he is. No jargon. No overcomplication. No feature overload. Just a belief that people deserve better than long training, shame based phishing tests and compliance for the sake of compliance. In this episode we get into: Why phishing is smarter, faster and more convincing How attackers use AI to personalise at scale Why shame stops people reporting Why SMEs struggle to run awareness properly Why simple, entertaining content is still the thing most companies get wrongDan is a big believer in incentives. If someone reports quickly, celebrate it. If a team does the right thing, make it visible. Culture grows when people feel supported, not judged. We also talk about voice scams, deep fakes, business email compromise and how criminals are already using AI to build long form, relationship driven fraud. This space is moving and moving quickly. There are some fun moments too. Pizza flavoured passwords, the danger of what our ChatGPT histories reveal and a few curveball questions that took us both by surprise. If you care about human risk, culture and stripping cyber back to what works, this is a great episode to dive into. Dan brings a refreshingly practical view of awareness and why the basics still matter more than anything. Listen now and imagine what your programme could be if you kept things simple, human and actually enjoyable. You can find Dan at goldphish.com or on LinkedIn.

    1h 1m
See All (67)

Ratings & Reviews

4.6
out of 5
5 Ratings

About

The Awareness Angle makes cybersecurity make sense. Hosted by Anthony and Luke, we break down the biggest cyber stories of the week. From phishing scams and AI fraud to major data breaches and the sneaky ways people get hacked, we explain what’s going on and why it matters. But this isn’t just another tech podcast. We focus on the human side of cybersecurity. How scams actually work, why people fall for them, and what we can all do to stay safer online. You’ll get practical tips, real-world examples, and relatable stories that show how cyber threats affect everyday people, not just big busin

Information