You've Already Been Hacked

Professor CyberRisk
  • 5.0 (4)
  • Technology
  • Updated Weekly

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

  1. 6d ago

    AI Export Controls, Defender Zero-Day & APT28 Attacks

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: AI Export Controls, Defender Zero-Day & APT28 Attacks - 2026-06-19 Episode Number: 3x53 Overview Weekly roundup of the most critical cybersecurity developments from 2026-06-14 to 2026-06-18. The White House forces Anthropic to restrict AI model access, Microsoft's own Defender gets a zero-day, Russian hackers exploit Office within hours of disclosure, Splunk Enterprise falls to unauthenticated RCE, and Kodak gets hit by ShinyHunters. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * AI export controls and government intervention in AI safety * Microsoft Defender RoguePlanet zero-day privilege escalation * APT28 rapid weaponization of Office zero-day against Ukraine/EU * Splunk Enterprise unauthenticated RCE zero-day (CVE-2026-20253) * ShinyHunters extortion campaign targeting Oracle PeopleSoft users Top Stories 1. The Korean Telecom Giant at the Center of Anthropic's Mythos Controversy - https://www.wired.com/story/sk-telecom-anthropic-mythos-export-controls/ 2. Microsoft Defender Zero-Day 'RoguePlanet' - CVE-2026-50656 - https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html 3. Russian APT28 Exploits Microsoft Office Zero-Day Hours After Disclosure - CVE-2026-21509 - https://thecyberexpress.com/russian-apt28-exploit-zero-day-cve-2026-21509/ 4. Splunk Enterprise Zero-Day — CVE-2026-20253 — https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/ 5. Kodak Confirms Data Breach as ShinyHunters Threatens 2.2M Record Leak - https://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadline Resources & Links * CISA Known Exploited Vulnerabilities Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog * CERT-UA Advisory on CVE-2026-21509: https://cert.gov.ua/ * Microsoft Security Response Center: https://msrc.microsoft.com/ * Splunk Security Advisory CVE-2026-20253: https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/ Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    31 min

  2. Jun 14

    ShinyHunters Just Hit 100+ Companies — And Microsoft Dropped 200 Patches in One Day

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: ShinyHunters Just Hit 100+ Companies — And Microsoft Dropped 200 Patches in One Day Episode Number: 352 Overview Weekly roundup of the most critical cybersecurity developments from 2026-06-07 to 2026-06-11. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * Oracle PeopleSoft zero-day exploited by ShinyHunters across 100+ organizations * University of Nottingham breach — 40GB of student data leaked * Maine breach portal weaponized for fake disclosure misinformation * CISA KEV listing: actively exploited Magento RCE (CVE-2026-45247) * Microsoft record Patch Tuesday: 200 vulnerabilities, 6 zero-days, BitLocker bypasses Top Stories 1. Oracle warns of security bug that hackers abused to breach 100+ companies | TechCrunch - https://techcrunch.com/2026/06/11/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies/ Additional Cybersecurity News – Titles and URLs 2. Maine breach portal abused to publish fake data breach disclosures - https://www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/ 3. ShinyHunters Leak 40GB of University of Nottingham Student Data - https://hackread.com/shinyhunters-university-of-nottingham-student-data-leak/ 4. CISA Lists Actively Exploited Magento RCE — CVE-2026-45247 - https://cipherssecurity.com/cve-2026-45247-magento-mirasvit-rce-cisa-kev/ 5. Microsoft June Patch Tuesday fixes 6 zero-days and 200 flaws — a record-breaking month - https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-3-zero-day-200-flaws/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    33 min

  3. Jun 7

    FBI FLASH Alert: Ransomware Gang Sending Fake IT Workers Into Law Firms

    Hosts * Professor CyberRisk *Cyber Cowboy Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam --- ## EPISODE TITLE FBI FLASH Alert: Ransomware Gang Sending Fake IT Workers Into Law Firms Episode Number: 351 --- ## EPISODE DESCRIPTION The Silent Ransom Group just crossed from cyber into the physical world — and the FBI's highest-urgency FLASH alert is their warning. Russia-linked extortion operatives are walking into law firm offices disguised as IT support, plugging in USB drives, and stealing data when remote social engineering fails. We break down the full attack chain, the 100+ firms hit so far, and why Jones Day (yes, Trump's lawyers) is on their leak site. Plus this week: A Cisco SD-WAN zero-day with NO PATCH that gives attackers root across your entire network fabric. An AI-discovered "HTTP/2 Bomb" that can take down any major web server in seconds — found by OpenAI's own Codex. Google and YouTube ads silently delivering a macOS backdoor that passed Apple notarization. And how Grafana Labs got hit by the same npm supply chain attack that compromised OpenAI and Mistral. Links to all stories below. Subscribe for weekly threat intelligence breakdowns. ---- ## STORY LINKS **Silent Ransom Group FBI Alert:** https://techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/ **Cisco SD-WAN 0-Day (CVE-2026-20245):** https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/ **HTTP/2 Bomb (CVE-2026-49975):** https://cybersecuritynews.com/http-2-bomb-remote-dos-exploit/ **Operation FlutterBridge:** https://unit42.paloaltonetworks.com/flutterbridge-new-fluttershell-backdoor/ **Grafana Labs Supply Chain Breach:** https://thehackernews.com/2026/05/grafana-github-breach-exposes-source.html Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    38 min

  4. May 31

    AI Is Now the Weapon — GreyVibe, BTMOB, and the New Attack Pipeline

    Hosts * Professor CyberRisk Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: AI Is Now the Weapon — GreyVibe, BTMOB, and the New Attack Pipeline Episode Number: 350 Overview This week: A Russian-linked threat group called GreyVibe is weaponizing ChatGPT, Google Gemini, and Ideogram AI to run sophisticated cyberespionage campaigns against Ukrainian targets across military, government, and civilian sectors. ESET documents BTMOB, an Android RAT sold as malware-as-a-service with a point-and-click builder for generating custom phishing payloads. Perplexity launches Bumblebee, an open-source developer supply chain scanner. And we look at how social engineering on gaming platforms like Roblox is leading to malware infections and extortion attempts targeting younger demographics. Guest Information None this episode Topics Covered * GreyVibe threat group uses AI tools (ChatGPT, Gemini, Ideogram) for cyberespionage against Ukrainian targets * BTMOB Android RAT-as-a-service with graphical APK builder for custom phishing payloads * Perplexity launches Bumblebee open-source developer supply chain scanner * Roblox social engineering campaign leads to malware infection and cookie-logging extortion Top Stories 1. GreyVibe hackers use ChatGPT, Gemini to power cyberattacks - https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/ Additional Cybersecurity News - Titles and URLs 2. BTMOB Android malware service generates custom phishing payloads - https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/ 3. Perplexity launches Bumblebee: open-source read-only dev supply chain scanner - https://www.zdnet.com/article/perplexity-launches-bumblebee-how-its-new-read-only-dev-scanner-differs-from-chainguard/ 4. Roblox social engineering leads to malware infection and extortion - https://www.bleepingcomputer.com/forums/t/816420/malware-extortion-and-cookie-logging/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    14 min

  5. May 25

    Netherlands Seizes 800 Servers in Pro-Russian Cyber Takedown + Microsoft Defender Zero-Days

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Netherlands Seizes 800 Servers in Pro-Russian Cyber Takedown + Microsoft Defender Zero-Days Episode Number: 349 Overview This week: Dutch authorities dismantle a massive bulletproof hosting operation linked to pro-Russian cyberattacks, seizing 800 servers and arresting two suspects. Microsoft confirms two actively exploited zero-days in Windows Defender and rushes emergency mitigation for a BitLocker bypass vulnerability. A solo researcher's six-week campaign of retaliatory zero-days against Microsoft is now being weaponized by ransomware groups. And Foxconn confirms a Nitrogen ransomware attack stole 8TB of data including network topology maps for Intel, Google, and other major tech firms. Guest Information None this episode Topics Covered * Netherlands seizes 800 servers of hosting firm enabling pro-Russian cyberattacks * Two actively exploited Microsoft Defender zero-days (CVE-2026-41091, CVE-2026-45498) * YellowKey BitLocker bypass zero-day - emergency manual mitigation required * Nightmare-Eclipse: six zero-days targeting Windows core security stack * Foxconn Nitrogen ransomware attack - 8TB stolen, supply chain implications Top Stories 1. Netherlands Seizes 800 Servers, Arrests Two in Major Takedown of Pro-Russian Cyberattack Hosting Infrastructure - https://www.bleepingcomputer.com/news/security/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/ Additional Cybersecurity News - Titles and URLs 2. Microsoft Warns of Two Actively Exploited Defender Zero-Days - Patches Rolling Out - https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/ 3. Microsoft Rushes Emergency Mitigation for YellowKey - BitLocker Bypass Zero-Day - https://cybersecuritynews.com/windows-bitlocker-yellowkey-mitigation/ 4. Nightmare-Eclipse - Six Zero-Days, Six Weeks, One Big Grudge - https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge 5. Foxconn Confirms Nitrogen Ransomware Attack - 8TB Stolen Including Network Topology Maps - https://cybersecuritynews.com/foxconn-confirms-cyberattack/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    36 min

  6. May 17

    Breached, Stolen, Encrypted This Week's Cyber Threat Trifecta

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Breached, Stolen, Encrypted This Week's Cyber Threat Trifecta Episode Number: 349 Overview Weekly roundup of the most critical cybersecurity developments from 2026-05-10 to 2026-05-14. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * Main threat analysis and implications * Emerging AI security challenges * Vulnerability disclosures and patches * Threat landscape updates Top Stories 1. Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/ Additional Cybersecurity News – Titles and URLs 2. TeamPCP hackers advertise Mistral AI code repos for sale - https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/ 3. Red Hat outlines sovereign AI strategy amid growing regulation and control concerns - https://siliconangle.com/2026/05/14/red-hat-outlines-sovereign-ai-strategy-amid-growing-regulation-control-concerns/ 4. .VER_TU-[random string] has encrypted my files (Mimic/Pay2Key) - https://www.bleepingcomputer.com/forums/t/816096/ver-tu-random-string-has-encrypted-my-files-mimicpay2key/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    32 min

  7. May 10

    9,000 Schools Hacked, AI Used as Malware Bait, and the IMF Sounds the Alarm

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: 9,000 Schools Hacked, AI Used as Malware Bait, and the IMF Sounds the Alarm Episode Number: TBD Air Date: 2026-05-08 Overview It was a rough week for education, AI trust, and global finance. Join Professor CyberRisk and Cyber Cowboy Live as they break down the biggest cybersecurity stories from 2026-05-03 to 2026-05-07 — including a massive Canvas LMS breach affecting 275 million users, attackers using fake AI sites to spread new malware, and the IMF warning that advanced AI could trigger a systemic shock to global financial markets. Guest Information None this episode Top Stories 1. Duke among 9,000 schools affected by Canvas cyberattack - The Duke Chronicle The threat group ShinyHunters breached Instructure's Canvas LMS, defacing login pages and exfiltrating over 3.65 TB of data across nearly 9,000 institutions worldwide — affecting an estimated 275 million users. https://slashdot.org/firehose.pl?op=view&id=183156890 2. Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware Attackers built a convincing fake site for a popular AI tool, using SEO poisoning and malvertising to deliver a new backdoor called Beagle via DLL sideloading. https://hackread.com/hackers-fake-claude-ai-site-infect-beagle-malware/ 3. Akamai shares surge 26% on $1.8B AI infrastructure deal as Q1 results meet estimates Akamai is doubling down on AI-powered security with a major acquisition, signaling where the industry is heading. https://siliconangle.com/2026/05/07/akamai-shares-surge-26-1-8b-ai-infrastructure-deal-q1-results-meet-estimates/ 4. IMF Warns New AI Models Risk 'Systemic' Shock To Finance The IMF is raising red flags about AI-powered cyberattacks targeting the highly interconnected global financial system — and the potential for cascading consequences. https://news.slashdot.org/story/26/05/07/200212/imf-warns-new-ai-models-risk-systemic-shock-to-finance Topics Covered * Canvas LMS breach: scope, impact, and what schools should do now * How attackers are weaponizing AI brand trust to spread malware * Akamai's AI security acquisition and what it signals for the industry * IMF's warning on AI-driven systemic risk to global finance Resources & Links None this episode Call to Action * Subscribe to stay ahead of the latest cybersecurity threats every week * Leave a review and let us know what stories you want covered * Join the conversation in our Discord community — links below Sponsors No sponsors this episode Connect With Us * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord: https://discord.gg/cz3xdsrqAE

    25 min
  8. Kernel Exploits, Compromised Repos, and a Global Fraud Bust

    May 4

    Kernel Exploits, Compromised Repos, and a Global Fraud Bust

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence – Spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Kernel Exploits, Compromised Repos, and a Global Fraud Bust Episode Number: 3x47 Overview Weekly roundup of the most critical cybersecurity developments from 2026-04-26 to 2026-04-30. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most for your security operations. Guest Information None this episode Topics Covered * Critical Linux kernel privilege escalation vulnerability "Copy Fail" threatening major distributions * Apple patches iOS flaw that allowed FBI access to deleted Signal messages * cPanel authentication bypass CVE-2026-41940 actively exploited across 1.5M+ exposed instances * PyTorch Lightning PyPI supply chain attack harvesting developer credentials and crypto wallets * FBI-led global operation busts 276 in crypto pig-butchering crackdown across 9 scam centers Top Story 1. As the Most Severe Linux Threat in Years Surfaces, the World Scrambles – Ars Technica https://slashdot.org/firehose.pl?op=view&id=183083220 Additional Cybersecurity News – Titles and URLs 2. Apple Plugs Security Hole That Enabled FBI to Access Deleted Signal Messages on iPhone https://www.cnet.com/tech/mobile/apple-plugs-iphone-hole-that-enabled-fbi-to-access-deleted-signal-messages/ 3. Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately https://thehackernews.com/2026/04/critical-cpanel-authentication.html 4. PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials https://thehackernews.com/2026/04/pytorch-lightning-compromised-in-pypi.html 5. Coordinated Takedown of Scam Centers Leads to at Least 276 Arrests – DOJ https://www.justice.gov/opa/pr/coordinated-takedown-scam-centers-leads-least-276-arrests-alleged-managers-and-recruiters Resources & Links None this episode Call to Action * Subscribe: Stay updated on the cybersecurity threats that matter most. * Leave a Review: Let us know what you think of the show. * Join the Conversation: Follow our community and ask questions. Sponsor No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord: https://discord.gg/cz3xdsrqAE

    26 min
See All (124)

Ratings & Reviews

5
out of 5
4 Ratings

About

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

Information

  • Creator
    Professor CyberRisk
  • Years Active
    2020 - 2026
  • Episodes
    124
  • Rating
    Clean
  • Copyright
    © Professor CyberRisk
  • Show Website
    You've Already Been Hacked

You Might Also Like