You've Already Been Hacked

Professor CyberRisk

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

  1. NOV 16

    Supply‑Chain Siege: Fake NPM Packages + the New AI Threat Landscape

    ### 🔢 Episode Information |-------|-------| | **Title** | Supply‑Chain Siege: Fake NPM Packages + the New AI Threat Landscape | | **Episode Number** | 3x31 | | **Hosts** | Professor CyberRisk & Cyber Cowboy | | **Guests** | None this episode | --- ### 👀 Overview Attackers keep evolving their tactics, and defenders can stay one step ahead by tightening supply‑chain hygiene. In this episode we dive into: 1️⃣ The latest npm registry breach – 46,000 counterfeit packages flooding the ecosystem. 2️⃣ Four support stories that show how policy, data protection, visibility, and AI infrastructure are all part of the same threat matrix. --- ### 🗣️ Topics Covered - **npm Supply‑Chain Attack** – How a worm‑like spam operation can compromise millions of projects. - **Policy & Vendor Risk** – EU’s ban on Huawei/ZTE as a real‑world example of hardware risk management. - **Data Resilience** – IBM Safeguarded Copy and immutable snapshots for ransomware protection. - **Visibility & Detection** – ThreatBook NDR’s top marks in Gartner Peer Insights™ 2025. - **AI Infrastructure Hardening** – Microsoft’s Atlanta AI “Super Factory” and what it means for zero‑trust architecture. --- | Title | URL | |-------|-----| | **Bitdefender Threat Map** | https://threatmap.bitdefender.com/ | | **Checkpoint Live Cyber Threat Map** | https://threatmap.checkpoint.com/ | | **Kaspersky Cyber Threat Map** | https://cybermap.kaspersky.com/ | | **Talos Intelligence – ebc_spam Map** | https://talosintelligence.com/ebc_spam | --- ### 📚 Resources & Links - **npm audit guide:** https://docs.npmjs.com/cli/npm-audit - **Snyk dependency‑monitoring:** https://snyk.io/ - **IBM Safeguarded Copy whitepaper** – (link provided in episode) - **ThreatBook NDR product page** – https://threatbook.ai/nrd --- ### 🚀 Call to Action 1. **Subscribe**: Stay updated on the latest cybersecurity threats. 2. **Leave a Review**: Let us know what you think. 3. **Join the Conversation**: Follow our community and ask questions. --- ### 🎙 Sponsor (if applicable) > No sponsors this episode --- ### 📲 Podcast Socials & Website | Platform | Link | |----------|------| | **Website** | https://www.youvealreadybeenhacked.com | | **X** | @professorcyberrisk | | **YouTube** | https://www.youtube.com/@YABHPodcast | | **Discord/Community Forum** | https://discord.gg/cz3xdsrqAE

    28 min

  2. NOV 10

    AI vs Hackers: Fortinet, SentinelOne & CrowdStrike’s New Weaponry

    ## 🎙 Episode Information | Item | Details | | **Episode Number** | 3x30 | | **Overview** | In today’s episode we dive into the newest AI‑powered defenses from industry giants Fortinet, SentinelOne and CrowdStrike – a game‑changer for any organization running machine‑learning workloads. We’ll unpack why protecting the *intelligence* itself is now mandatory, walk through practical steps you can take right away, and bring in four supporting stories that broaden the conversation to honeypots, password hygiene, IoT hardening and critical infrastructure security. | | Host | Professor CyberRisk – a veteran researcher in AI security and cyber‑threat intelligence | | **Topics Covered** | • AI‑driven security features from Fortinet, SentinelOne & CrowdStrike • Correlating malware with honeypot logs via PowerShell• Password hygiene lessons from the Louvre breach• The TP‑Link router debate and hardening steps• Norway’s new safeguards for electric buses (critical infra) | ## 🎙 Wrap‑Up These stories collectively underscore that defending AI workloads is no longer an optional enhancement—it’s a necessity. Combine this with robust password hygiene, hardened IoT devices, and secured critical infrastructure to create a resilient security posture. Feel free to weave in your own anecdotes or audience questions—these notes are just the skeleton for an engaging episode! --- ## 🎧 Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## 📣 Sponsor **No sponsors this episode** --- ## 🖥 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

    17 min

  3. OCT 27

    🚨 Spy Drones & AI Wars: 2025’s Cyber Battleground – Why Your Company Needs to Listen

    **Title** 🚨 Spy Drones & AI Wars: 2025’s Cyber Battleground – Why Your Company Needs to Listen --- ### Episode Information - **Episode Number:** 329 --- #### Overview In this episode we break down the most alarming cyber‑espionage trends of 2025: from North Korean Lazarus drones to AI‑firewalls and legal battles over data scraping. We’ll explain why these stories matter for you—and give you concrete steps you can take today. #### Hosts - Professor CyberRisk - Cyber Cowboy --- ### Topics Covered | # | Topic | |---|-------| | 1 | Lazarus drone campaign (Operation DreamJob) – what it means for European UAV makers | | 2 | Taiwan’s hardware & semiconductor sector under siege – supply‑chain hardening tips | | 3 | Maxis AI‑powered firewall rollout in Malaysia – lessons on communication‑layer security | | 4 | Reddit suing data‑scrapers – implications for AI training and privacy | | 5 | Gartner 2026 tech forecast – AI, connectivity & emerging risks | --- ## Additional Cybersecurity News – Titles and URLs | Title | URL | |-------|-----| | “North Korean Lazarus Group Targets UAV Sector in Europe” | https://www.globenewswire.com/news-release/2025/10/23/3171642/0/en/North-Korean-Lazarus-group-targets-the-drone-sector-in-Europe-likely-for-espionage-ESET-Research-discovers.html | | “Taiwan’s Hardware & Semiconductor Sectors Remain Top Cyber‑Attack Targets” | https://www.digitimes.com/news/a20251023PD206/check-point-cybersecurity-data-hardware-taiwan.html | | “Maxis Deploys AI‑Powered Firewall to Block Malicious SMS & Voice Calls in Malaysia” | https://soyacincau.com/2025/10/23/maxis-globe-teleservices-ai-firewall-message-voice-security/ | | “Reddit Suing Data‑Scraping Firms Over Unauthorized Use of Its Content for AI Training” | https://siliconangle.com/2025/10/22/reddit-suing-perplexity-ai-data-scraping-firms-using-data-without-permission/ | | “Gartner Forecasts 2026 Tech Trends – AI, Connectivity, and Emerging Risks” | https://www.helpnetsecurity.com/2025/10/23/gartner-2026-technology-trends | --- ## Resources & Links *None this episode.* --- ## Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor No sponsors this episode. --- #### Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

    28 min

  4. OCT 19

    Your F5 is in the Crosshairs

    **Title:** 🚨 “Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked” --- ### **Hosts** - **Professor CyberRisk** ### **Live Cyber Maps** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – EBC Spam Map** – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** *Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked* **Episode Number:** 3x28 ### Overview In this episode we unpack a nation‑state supply‑chain attack that exposed the source code of F5’s BIG‑IP platform, explore the weaponization of public infrastructure at Canadian and U.S. airports, and dive into the new AI security best‑practices IBM presented at TechXchange 2025. We also cover alarming firmware flaws in popular motherboards and Meta’s new partnership with Arm for energy‑efficient AI GPUs. ### Guest Information - **Professor CyberRisk** – Security strategist and researcher. - **Cyber Cowboy** – Field operations expert in incident response. ### Topics Covered 1. Nation‑state breach of F5 BIG‑IP source code 2. IoT exploitation in airport public‑announcement systems 3. Secure AI pipelines: IBM’s takeaways from TechXchange 2025 4. Firmware vulnerabilities in mainstream motherboards 5. Meta + Arm partnership and the security implications of next‑gen AI GPUs 6. Practical steps: patching, zero‑trust, and incident‑response readiness --- ## Top Stories ### 1. Nation‑State Threat Cracks F5’s BIG‑IP Source Code - **Summary:** F5 disclosed that a sophisticated nation‑state actor accessed its internal systems, exfiltrated portions of BIG‑IP source code, and is now forcing emergency patches for all customers. - **Why it Matters:** The BIG‑IP platform sits in millions of data‑center, cloud, and edge deployments, meaning a single code compromise threatens countless enterprises, government agencies, and critical infrastructure. - **What to Do:** Verify inventory, apply patches, enforce MFA, isolate admin access, audit supply chain, and update incident‑response playbooks. - **Link:** [SiliconANGLE – F5 says nation‑state actor breached internal systems, stole BIG‑IP development files](https://siliconangle.com/2025/10/15/f5-says-nation-state-actor-breached-internal-systems-stole-big-ip-development-files/) --- ## Additional Cybersecurity News | Title | URL | |-------|-----| | **Airport Hijack: Pro‑Hamas Messages Blare Across Canadian & US Terminals** | https://www.israelnationalnews.com/news/416318 | | **IBM’s TechXchange 2025: AI Revolution & Security Takeaways** | https://siliconangle.com/2025/10/15/ibm-techxchange-2025-navigating-ai-revolution/ | | **Firmware Flaws: Motherboard Manufacturers Show Little Security Care** | https://www.xda-developers.com/firmware-security-failures-show-motherboard-manufacturers-dont-care/ | | **Meta Partners with Arm for Energy‑Efficient AI GPUs** | https://siliconangle.com/2025/10/15/meta-platforms-use-arms-energy-efficient-neoverse-gpus-ai-workloads/ | --- ## Resources & Links _None this episode_ --- ## Call to Action - **Subscribe**: Stay updated on the latest cyber threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- ## Sponsor (if applicable) _No sponsors this episode_ --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum:** https://discord.gg/cz3xdsrqAE *(copyable raw link)*

    14 min

  5. OCT 11

    Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive

    **Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Hosts:** Professor CyberRisk • Cyber Cowboy Live **Live Cyber Maps:** - Bitdefender Threat Map – https://threatmap.bitdefender.com/ - Checkpoint Live Cyber threat map – https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Episode Number:** 3x27 **Overview:** In this episode we dissect a high‑profile Discord breach that exposed government ID photos for ~70,000 users, dive into Okta’s new “Identity‑Security Fabric” and its AI governance capabilities, explore NetApp’s next‑gen storage platform for AI resilience, uncover how attackers are hijacking the Velociraptor DFIR tool in ransomware campaigns, and discuss the U.S. Labor Department’s pilot for a national unemployment claims database—an initiative that could create a single point of failure. **Guest Information:** None **Topics Covered:** - Discord security breach and third‑party vendor risk - Okta’s AI‑governed Identity‑Security Fabric at Oktane 2025 - NetApp INSIGHT: disaggregated storage for AI workloads and ransomware resilience - Threat actor reuse of Velociraptor DFIR tool in LockBit/Babuk ransomware - Labor Department’s national unemployment claims intake pilot and privacy implications --- ## Top Stories - **Discord Security Breach Exposed Government ID Photos of 70,000 Users** – https://www.cnet.com/tech/services-and-software/discord-security-breach-exposed-government-id-photos-of-70000-users/ --- ## Additional Cybersecurity News – Titles and URLs 1. **Three insights you might have missed from theCUBE’s coverage of Okta’s Oktane event** – https://siliconangle.com/2025/10/09/okta-identity-security-fabric-oktaoktane/ 2. **What to expect during NetApp INSIGHT: Join theCUBE Oct. 14** – https://siliconangle.com/2025/10/09/next-generation-enterprise-storage-netappinsight/ 3. **Hackers now use Velociraptor DFIR tool in ransomware attacks** – https://www.bleepingcomputer.com/news/security/hackers-now-use-velociraptor-dfir-tool-in-ransomware-attacks/ 4. **Labor Department looks to pilot intaking unemployment claims for states** – https://www.nextgov.com/digital-government/2025/10/labor-department-looks-pilot-intaking-unemployment-claims-states/408734/ --- ## Resources & Links None this episode --- ### Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor (if applicable) No sponsors this episode --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

    32 min

  6. OCT 4

    Oracle’s Data is Leaking… And AI Agents Are the New Attack Vectors

    **Title:** 🔥 *“Oracle’s Data is Leaking… And AI Agents Are the New Attack Vectors”* — Clop, Pentagon, and the Cybersecurity Apocalypse You Can’t Ignore --- **Episode Number:** 3x26 **Overview:** In this explosive episode of *You’ve Already Been Hacked*, Professor CyberRisk and Cyber Cowboy dive into a perfect storm of cyber chaos: Clop-linked hackers are weaponizing Oracle E-Business Suite to extort Fortune 500s, the Pentagon is gutting cyber training like it’s a body fat test, Google confirms executives are being targeted with fake data theft threats—and underneath it all, AI agents are quietly becoming the most dangerous insider threats you didn’t know you had. Mary Ann Davidson (ex-Oracle CSO) drops the bombshell: *“You’re never going to have enough cybersecurity people to defend what was never built to be defensible.”* We break down why traditional defenses are dead, how AI is rewriting the rules of attack and defense, and what you MUST do before your company becomes next week’s headline. **Topics Covered:** - 🚨 Clop ransomware group’s Oracle E-Business Suite data theft extortion campaign (unconfirmed breach, real-world panic) - ⚔️ Pentagon’s dangerous de-prioritization of cybersecurity training — equating it to beard length? - 🤖 Agentic Security: How AI agents are becoming autonomous attack vectors (behavioral monitoring, zero-trust for bots) - 💬 Google’s confirmation: Executives targeted with fake Oracle data theft emails — sophisticated social engineering at scale - 🧠 The “security-by-design” revolution: Why humans can’t keep up, and AI-powered detection is now non-negotiable **Top Stories:** 1. **Clop-linked hackers claim Oracle E-Business Suite data theft** — Extortion emails flooding corporations. → https://siliconangle.com/2025/10/02/clop-linked-hackers-claim-oracle-e-business-suite-data-theft-high-stakes-extortion-push/ 2. **Pentagon says warfighters don’t need “frequent” cybersecurity training** — Policy downgrade raises alarms. → https://www.theregister.com/2025/10/02/pentagon_relaxes_military_cybersecurity_training/ 3. **Google confirms extortion emails targeting executives via fake Oracle breaches** — Supply chain fearmongering in action. → https://www.yahoo.com/news/articles/google-says-hackers-sending-extortion-215459772.html 4. **Agentic Security: AI agents as new attack surfaces** — Defending autonomous systems before they go rogue. → https://siliconangle.com/2025/10/02/ai-agents-need-agentic-security-keep-safe-cyberdefense/ 5. **Mary Ann Davidson’s warning: “You’re never going to have enough people to defend what was never built to be defensible.”** → https://securityweeklytv.libsyn.com/ai-the-new-trigger-word-or-is-it-robots-psw-894 **Additional Cybersecurity News – Titles and URLs:** - **Bitdefender Threat Map (Live):** https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map:** https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map:** https://cybermap.kaspersky.com/ - **Talos Intelligence Spam Map (ebc_spam):** https://talosintelligence.com/ebc_spam **Call to Action:** ✅ **Subscribe** — Stay ahead of the next cyber apocalypse. ⭐ **Leave a Review** — Help others find us before their company gets hacked. 💬 **Join the Conversation** — Ask questions, share war stories, and debate AI threats in our community: https://discord.gg/cz3xdsrqAE **Sponsor:** None this episode — because *you* are the sponsor of your own security. **Podcast Socials & Website:** 🌐 **Website:** https://www.youvealreadybeenhacked.com 🐦 **X (Twitter):** @professorcyberrisk 📺 **YouTube:** https://www.youtube.com/@YABHPodcast 💬 **Discord/Community Forum :** https://discord.gg/cz3xdsrqAE --- *Hosts:* Professor CyberRisk | Cyber Cowboy *Live Threat Maps Featured:* Bitdefender • Checkpoint • Kaspersky • Talos Intelligence

    34 min

  7. SEP 28

    $115M Ransom Raid: Teen Gang, SIM‑Swaps & AI Breach – What’s Next?

    Hosts Professor CyberRisk Cyber CowboyLive Cyber Maps – Bitdefender Threat Map: https://threatmap.bitdefender.com/Live Cyber threat map – Checkpoint: https://threatmap.checkpoint.com/Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam Episode InformationTitle: $115M Ransom Raid: Teen Gang, SIM‑Swaps & AI Breach – What’s Next?Episode Number: 3x25  Overview:In today’s episode we dissect the explosive case of Scattered Spider, a multi‑nation, multi‑tech gang that has pulled in over $115 million in ransomware payouts from UK retailers, London transit and US healthcare systems. We’ll explore how teenage operatives can be prosecuted under U.S./U.K. law, why SIM‑swap attacks remain a critical vulnerability, and what a recent AI chatbot breach means for your cloud tokens. Finally we’ll look at the rise of self‑replicating open‑source worms and how online gambling scams create new channels for credential theft.  Guest Information: None – this is an in‑house deep dive.  Topics Covered Scattered Spider ransomware & teen gang enforcement SIM‑swap attacks & mobile security AI chatbot breach and token exfiltration Self‑replicating open‑source worm (Shai‑Hulud) Online gambling scam ecosystemsTop StoryFeds Tie “Scattered Spider” Duo to $115 M in Ransoms Additional Cybersecurity News – Titles and URLs SIM‑Swapper, Scattered Spider Hacker Gets 10 Years – The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Self‑Replicating Worm Hits 180+ Software Packages – Affiliates Flock to ‘Soulless’ Scam Gambling Machine –Resources & LinksNone this episode.  Call to ActionSubscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Jo​in the Conversation: Follow our community and ask questions.  SponsorNo sponsors this episode.  Podcast Socials & WebsiteWebsite: https://www.youvealreadybeenhacked.comX (Twitter): @professorcyberriskYoutube: https://www.youtube.com/@YABHPodcast Discord/Community Forum: https://discord.gg/cz3xdsrqAE (copy‑and‑paste it as plain text)

    31 min

  8. SEP 20

    Agents, Exploits, and NanoCoder: Building Modular AI with Will Lamerton

    **Hosts** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps** Bitdefender Threat Map – https://threatmap.bitdefender.com/ Live Cyber Threat Map – https://threatmap.checkpoint.com/ Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ Talos Intelligence – ebc_spam Map – https://talosintelligence.com/ebc_spam --- ## **Episode Information** **Title:** _Agents, Exploits, and NanoCoder: Building Modular AI with Will Lamerton_ **Episode Number:** 3x24 **Overview:** In this special interview episode, we step away from the headlines and dive deep into the mind of Will Lamerton — creator of [NanoCoder](https://github.com/Mote-Software/nanocoder), a modular agentic framework that’s reshaping how developers build AI workflows. From the architecture of autonomous agents to the cybersecurity implications of automation, we explore how tools like NanoCoder can empower defenders… and potentially arm adversaries. **Guest Information:** **Will Lamerton** - Creator of NanoCoder - Developer at Mote Software - LinkedIn: https://www.linkedin.com/in/will-lamerton-b16ab915b/ - GitHub: https://github.com/Mote-Software/nanocoder --- ## **Topics Covered** - The origin story of NanoCoder and Will’s journey into agentic automation - How NanoCoder differs from LangChain, CrewAI, and other frameworks - Modular agents, memory, and orchestration philosophy - Real-world use cases: devops, creative workflows, and beyond - Cybersecurity implications — how defenders and attackers might use agentic tools - Threat modeling for autonomous systems - Human interest: Will’s coding rituals, rabbit holes, and creative inspirations - The future of agentic ecosystems and modular AI stacks --- ## **Call to Action** - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## **Sponsor (if applicable)** No sponsors this episode --- ## **Podcast Socials & Website** - Website: https://www.youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    50 min
See All (101)

Ratings & Reviews

5
out of 5
4 Ratings

About

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

Information

  • Creator
    Professor CyberRisk
  • Years Active
    2020 - 2025
  • Episodes
    101
  • Rating
    Clean
  • Copyright
    © Professor CyberRisk
  • Show Website
    You've Already Been Hacked

You Might Also Like