Cybersecurity Today

Jim Love
  • 5.0 (3)
  • TECH NEWS
  • UPDATED DAILY

Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.

  1. You Might Also Like: Science Will Win

    2 HR AGO · BONUS

    You Might Also Like: Science Will Win

    Introducing Bringing Cancer Into Focus: Biomarkers & Precision Medicine from Science Will Win. Follow the show: Science Will Win What if the key to treating cancer was hiding in plain sight – written into its DNA? In this episode of Science Will Win, host Dr. Raven Baxter explores one of the most exciting breakthroughs in cancer care today: the discovery of biomarkers. These tiny molecular signals are helping doctors understand what’s really driving an individual person’s cancer – and opening the door to treatments that can dramatically change patient outcomes. You’ll hear powerful stories from people whose cancers were traced back to a specific biomarker, alongside experts who break down what biomarker testing is, how it works, and why it’s transforming the way we think about cancer treatment.    Biomarkers are showing us that when we understand cancer at its molecular level, a disease that once felt like an unsolvable mystery starts to come into focus. Featured guests: – Dr. Ross Camidge, Director of Thoracic Oncology, University of Colorado – Kelly Huffman, Lung Cancer Patient and Retail Account Manager, Pfizer – Karin Tollefson, Chief Oncology Medical Officer, Pfizer Dive into the episode here: 00:00 – An oncologist’s diagnosis introduces the world of biomarker 03:10 – Defining biomarkers and its history 06:24 – Discovery of the first lung cancer biomarker 08:39 – The start Kelly’s lung cancer journey 16:00 – Biomarkers: how do you test for them? 19:11– Discovery of ALK biomarker shift’s Kelly’s story 22:34 – Landscape of targeted therapy and lung cancer today 25:24 – Moving forward with targeted treatments and conclusion Check out our YouTube channel (@Pfizer) to watch the full interview with Raven & Kelly Huffman on her lung cancer journey. Season 6 of Science Will Win is created by Pfizer and hosted by Dr. Raven Baxter. It’s produced by Acast Creative Studios. Hosts in this podcast series were compensated for their time. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising. DISCLAIMER: Please note, this is an independent podcast episode not affiliated with, endorsed by, or produced in conjunction with the host podcast feed or any of its media entities. The views and opinions expressed in this episode are solely those of the creators and guests. For any concerns, please reach out to team@podroll.fm.

  2. 1 DAY AGO

    Cisco SD-WAN Bug Actively Exploited

    Cisco SD-WAN Bug Actively Exploited, MCP Azure Takeover Demo, CarGurus Data Leak, and Secret Service Scam Recovery Host Jim Love covers four cybersecurity stories: CSA warns a critical Cisco Catalyst SD-WAN controller vulnerability (CVE-2026-20127) has been exploited since 2023, enabling authentication bypass and rogue peering sessions, and orders U.S. federal agencies to inventory systems, collect logs and forensic artifacts, hunt for compromise, and apply Cisco's fixes by 5:00 PM ET on February 27, 2026, with no workarounds. At RSA, researchers show how flaws in Model Context Protocol (MCP)—a key integration layer for agentic AI—could lead to remote code execution and even Azure tenant takeover, highlighting rising enterprise risk. ShinyHunters reportedly published 12.4 million stolen CarGurus records, raising phishing and fraud concerns tied to vehicle shopping and financing context. Finally, an Ontario tech support scam victim recovers funds through coordinated work by Ontario Provincial Police and the U.S. Secret Service, which traced and froze the money in time. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst LINKS Cisco Advisory Cisco Security Advisory – CVE-2026-20127 Authentication bypass vulnerability in Cisco Catalyst SD-WAN https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk CISA Supplemental Hunt and Hardening Guidance (Cisco SD-WAN Systems) https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems Threat Hunt Guide (Technical PDF) Cisco SD-WAN Threat Hunt Guide (jointly referenced in federal guidance) https://media.defense.gov/2026/Feb/25/2003880299/-1/-1/0/CISCO_SD-WAN_THREAT_HUNT_GUIDE.PDF 00:00 Sponsor Message 00:19 Cisco SD-WAN Under Attack 02:48 MCP Azure Takeover Demo 05:28 CarGurus Data Dump 07:16 Secret Service Scam Recovery 09:24 Closing Sponsor Thanks

    10 min

  3. 3 DAYS AGO

    Discord Finds Age Identification May Have Privacy Concerns

    Discord Drops Persona Age Verification, SolarWinds Serv-U Critical RCEs, Splunk Windows Priv Esc, and Smart TV Screenshot Surveillance Lawsuits In this episode of Cybersecurity Today, host Jim Love covers Discord ending its age-verification experiment with Persona after user backlash and researcher findings that Persona's front-end code suggested up to 269 verification checks, including watch list screening and risk scoring, amid already-thin trust following an earlier breach that exposed government ID images. The show also highlights SolarWinds Serv-U 15.5.0.4 patches for four critical (CVSS 9.1) remote code execution vulnerabilities (CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, CVE-2025-40541), noting they require high privileges and that self-hosted Windows/Linux instances must be upgraded, with estimates ranging from under 1,200 to over 12,000 internet-exposed servers. Splunk discloses a high-severity Windows privilege escalation flaw (CVE-2025-2386, CVSS 8.0) caused by incorrect install-directory permissions in versions before 10.0.0.2, 9.4.0.6, 9.3.0.8, and 9.2.10, enabling local users to potentially escalate privileges and tamper with logging. Finally, Texas Attorney General Ken Paxton sues Samsung, Sony, LG, Hisense, and TCL, alleging smart TVs use automated content recognition to capture screen content—potentially up to twice per second—and transmit it without meaningful consent, with implications for both home viewing and confidential business use; the episode emphasizes reviewing and disabling ACR settings and accounting for network-connected screens in security models.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message Meter 00:20 Discord Age Verification Backlash 01:37 Persona Code Raises Alarms 03:08 SolarWinds Serv-U Critical RCEs 04:51 Splunk Windows Priv Esc 06:18 Smart TV Screenshot Surveillance 08:35 Wrap Up and Sponsor Thanks

    9 min

  4. 5 DAYS AGO

    Amazon Kiro Prod Disruption, Claude Code Security, Salt Typhoon Warning, and Youth Radicalization

    AI-Accelerated FortiGate Breaches, Amazon Kiro Prod Disruption, Claude Code Security, Salt Typhoon Warning, and Youth Radicalization Risks Episode of Cybersecurity Today (hosted by David Shipley) covering: a Russian-speaking hacker using AI-written automation tools to breach 600+ Fortinet FortiGate firewalls across 55 countries by exploiting weak passwords and exposed management interfaces without MFA, with advice to lock down edge management access, enforce MFA, and strengthen password policies; an Amazon Kiro AI coding tool incident tied to a misconfigured role that allegedly deleted and recreated a production environment, causing a 13-hour disruption to AWS Cost Explorer services in one of two mainland China regions, prompting warnings about giving AI agents access to production and the need for guardrails and review processes; Anthropic's Claude Code Security launch, an AI-driven code vulnerability analysis feature that maps code interactions and data flows, provides severity and confidence scoring, keeps humans in the loop, and sparked stock drops for CrowdStrike and Cloudflare while noting limits for legacy code; an FBI warning that China-linked Salt Typhoon remains a serious threat in 80+ countries by exploiting basic weaknesses like unpatched systems, old code, reused passwords, and phishing, alongside concern over the FCC loosening US telecom cybersecurity requirements and calls for stronger critical infrastructure regulation and secure-by-default equipment; and a Canada-focused segment on youth online radicalization including a second RCMP terrorism peace bond in New Brunswick linked to the 764 extremist network (designated a terrorist organization in December 2025), plus reporting that the Tumbr Ridge, BC school shooting suspect had a ChatGPT account suspended in June 2025 and that OpenAI employees allegedly sought to notify authorities but were rebuffed, drawing condemnation from BC Premier David Eby and federal AI minister Evan Solomon and renewed calls for stronger cooperation, accountability, and intervention frameworks. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor: Meter + Today's Cybersecurity Headlines 00:48 AI-Automated Hacking: 600+ FortiGate Firewalls Breached 02:25 How to Defend: Lock Down Edge Management, MFA, Strong Passwords 03:28 Amazon's Kiro AI Coding Tool Incident: 'Deleted Prod' and Lessons Learned 06:44 Claude Code Security: AI-Powered AppSec for Developers (and the Hype) 10:20 FBI Warning: Salt Typhoon Still Hitting Telecoms Worldwide 13:32 Youth Radicalization & AI Safety Failures: 764 Network and Tumblr Ridge Aftermath 18:12 Wrap-Up + Sponsor Message: Meter Demo Info

    19 min

  5. 21 FEB

    Agentic AI Security Is Broken and How To Fix It: Ido Shlomo, Co-founder and CTO of Token Security

    Jim Love discusses how rapid adoption of agentic AI is repeating the industry pattern of shipping technology without security, citing issues like vulnerabilities in Anthropic's MCP and insecure open-source agent tools. He interviews Ido Shlomo, co-founder and CTO of Token Security, who argues AI agents are fundamentally hard to secure because they are non-deterministic, have infinite input/output space, and often require broad permissions to be useful.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst Shlomo proposes focusing security on access, identity, attribution, least privilege, and auditability rather than trying to filter prompts and outputs, and describes Token's "intent-based permission management" approach that maps agents and sub-agents as non-human identities tied to their purpose and allowed actions. The conversation covers real-world risks such as developer tools like Claude Code running with extensive access, widespread over-provisioning of admin permissions and API keys, exposure of unencrypted local token files, and misconfigurations that leak data publicly. Shlomo recommends organizations build governance processes for agents—discovery/inventory, boundary setting, continuous monitoring, and secure decommissioning—and says AI is needed to help police AI. He also highlights emerging trends like agent teams and multi-day autonomous tasks, and notes Token Security is a top-10 finalist in the RSA Innovation Sandbox 2026, planning to present an intent-and-access-focused security model for AI agents. 00:00 Sponsor: Meter's integrated networking stack 00:19 Why agentic AI security is breaking (MCP & open-source chaos) 02:53 Meet Token Security: practical guardrails for AI agents 04:57 Why you can't just ban agents at work (shadow AI reality) 06:24 Tel Aviv's cybersecurity pipeline: gaming, military, and startups 08:57 Why AI/agents are fundamentally hard to secure (new OS + 'human spirit') 13:44 Trust, autonomy, and permissions: managing the blast radius 18:17 Real-world exposure: Claude Code and the developer identity attack surface 20:16 A workable approach: treat agents as untrusted processes with identity + least privilege 22:33 Zero Trust for Agents: Access ≠ Permission to Act 23:27 Token's "Intent-Based Permission Management" Explained 25:29 Building the Identity Map: Tracing What Agents Touch 26:52 The Secret Sauce: Using AI to Secure AI in Real Time 28:10 Real-World Case: 1,500 Agents and Wildly Over-Provisioned Access 30:57 CUA 'Computer-Use' Agents: Exciting, Personal… and Terrifying 34:44 Secure-by-Default & Sandboxing: Fixing 'Always Allow' Dark Patterns 35:36 What Security Teams Should Do Now: Inventory, Boundaries, Governance 37:59 What's Next: Agent Teams and Multi-Day Autonomous Work 40:10 Tony Stark Vision: Agents That Improve the Human Experience 41:02 RSA Innovation Sandbox: Token's Big Bet on Intent + Access 43:01 Wrap-Up, Audience Q&A, and Sponsor Message

    45 min

  6. 20 FEB

    CISA Orders Emergency Patch for Actively Exploited Dell Flaw;

    CISA Orders Emergency Patch for Actively Exploited Dell Flaw; Texas Sues TP-Link; Massive ID Verification Data Leak; SSA Database Leak Allegations Host Jim Love covers four cybersecurity stories:  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst CISA ordered federal civilian agencies to patch an actively exploited critical Dell RecoverPoint for Virtual Machines vulnerability (CVE-2026-2769) within three days, citing hard-coded credentials that allow unauthenticated root access and links to a China-aligned threat cluster; Texas Attorney General filed suit against TP-Link alleging deceptive security and origin claims and risks tied to Chinese state-linked threats, while TP-Link denies the allegations and says it operates independently, stores U.S. user data on AWS, and bases core operations in the U.S.; researchers found an unsecured MongoDB database tied to AI-powered identity verification provider ID Merit exposing nearly 1 billion records with sensitive personal data, attributed to misconfiguration rather than compromise of the AI systems; and a MarketWatch report describes whistleblower Chuck Borges alleging SSA master data was copied to a cloud environment without oversight, contrasted by the Social Security Commissioner stating the core Numident database remained secure, with Love noting no confirmed public evidence but expressing concern about the implications if such foundational data were compromised. 00:00 Sponsor Message: Meter's Full-Stack Networking 00:19 Headlines: Dell Exploit, TP-Link Lawsuit, Massive Data Leak, SSA Claims 00:45 Urgent Patch Order: Actively Exploited Dell RecoverPoint CVE 02:19 Texas Sues TP-Link Over Router Security & China-Ties Allegations 03:31 AI Identity Verification Leak: Nearly 1 Billion Records Exposed 05:07 Did SSA Data Leak? Whistleblower vs. Official Denial 06:54 Host Take: What If the "Foundational" Database Was Compromised? 07:37 Wrap-Up + Sponsor Thanks and Where to Book a Demo

    9 min

  7. 18 FEB

    OpenClaw: Info Stealers Take Your Soul

    Info Stealers Target OpenClaw, a Robot Vacuum API Flaw Exposes Thousands, Best Buy Fraud Shows Zero Trust Context, and Canada Goose Data Leaked via Supplier The episode covers multiple security incidents and lessons. Hudson Rock details how an info stealer malware infection can vacuum OpenClaw data, including authentication tokens, master keys, device private cryptographic keys, and the agent-defining soul.md file that can reveal a "mirror" of a user's life; the attack was not targeted, raising concerns about upcoming dedicated OpenClaw-stealing modules. A hobbyist coder using an AI coding tool to reverse-engineer DJI Romo communications unintentionally accessed roughly 7,000 robot vacuums in 24 countries, enabling live camera and microphone access and floor-plan generation due to missing messaging-level access controls; DJI also shares infrastructure with portable home battery stations and initially claimed the flaw was fixed before a live demonstration showed it was not. Two Best Buy cases illustrate that Zero Trust must consider behavior and context: a Florida employee allegedly used a manager override code 149 times from March–December 2024 to buy discounted electronics, costing about $120,000, while a Georgia case involved over $40,000 in merchandise leaving a store over two weeks amid claims of blackmail. Finally, ShinyHunters leaked about 600,000 Canada Goose customer records, but Canada Goose found no breach in its systems; the data was attributed to a third-party payment processor breach from August 2025, with records largely dating from 2021–2023, underscoring supply-chain risk and ongoing fraud/phishing potential. The episode is sponsored by Meter, which provides an integrated wired, wireless, and cellular networking stack for enterprises. 00:00 Sponsor: Meter + Today's Cybersecurity Headlines 00:44 Info-Stealer Jackpot: OpenClaw Tokens, Keys & 'soul.md' Exposed 03:17 DIY App, Real-World Disaster: 7,000 Robot Vacuums Exposed via DJI Servers 05:34 Best Buy Insider Fraud: Why Zero Trust Needs Behavior Monitoring 07:36 Canada Goose Leak: When a Third-Party Payment Processor Gets Breached 09:28 Wrap-Up + Sponsor Message (Meter)

    11 min

  8. 16 FEB

    BeyondTrust Zero-Day Exploited,

    This episode covers multiple active threats and security changes. It warns of an actively exploited critical BeyondTrust remote access vulnerability (CVE-2026-1731, CVSS 9.9) enabling pre-authentication remote code execution in Remote Support and Privileged Remote Access, noting SaaS was patched while on-prem deployments require urgent manual updates and may already be compromised. Microsoft details an evolution of the ClickFix social engineering technique where victims are tricked into running NSLookup commands that use attacker-controlled DNS responses as a malware staging channel, leading to payload delivery (including a Python-based RAT) and persistence via startup shortcuts, alongside increased Lumma Stealer activity.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst Researchers also report Mac-focused campaigns abusing AI-generated content and malicious search ads to push copy-paste terminal commands that install an info stealer (MaxSync) targeting Keychain, browsers, and crypto wallets. T The show describes fake recruiter campaigns targeting developers with coding tests containing malicious dependencies on repositories like NPM and PyPI, linked to the "Gala" operation and nearly 200 packages. Finally, it reviews NPM's authentication overhaul after a supply-chain worm incident—revoking classic long-lived tokens, moving to short-lived session credentials, encouraging MFA and OIDC trusted publishing—while noting remaining risks such as MFA phishing, non-mandatory MFA for unpublish, and the continued ability to create long-lived tokens. 00:00 Sponsor: Meter + Today's Cybersecurity Headlines 00:48 Urgent Patch: BeyondTrust Remote Access RCE (CVE-2026-1731) Actively Exploited 02:45 ClickFix Evolves: DNS Lookups (nslookup) Used as Malware Staging 04:34 Mac Malware via AI Search Results: Fake Terminal Commands Deliver Info-Stealer 06:08 Fake Recruiters, Real Malware: Coding Tests Poison Dev Environments 07:19 NPM Security Overhaul After Supply-Chain Worm—What's Better, What Still Risks 09:11 Wrap-Up, Thanks, and Sponsor Message

    11 min
See All (105)

Hosts & Guests

Ratings & Reviews

5
out of 5
3 Ratings

About

Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.

Information

You Might Also Like