The CISO Life

•

Channel • 4 Shows

Tech News

Tech News

Updated Weekly
Tech News

Tech News

Updated Monthly
Tech News

Tech News

Updated Daily
Investing

Investing

Updated Weekly

MAR 19

Daily Cyber & AI Briefing — 2026-03-19

Daily Cyber & AI Briefing with Michael Housch. This episode was published automatically and includes the assembled audio plus full transcript. TranscriptToday, we’re diving into the evolving world of cyber and AI risk—a landscape that’s growing more complex by the day. If you’re leading security, managing IT, or simply trying to keep your organization’s digital assets safe, the news from the past 24 hours offers plenty to pay attention to. We’re seeing a surge in sophisticated exploit activity, large-scale data breaches, and new challenges around AI governance. I’m Michael Housch, and over the next 15 minutes, I’ll walk you through the most critical developments, what they mean in practice, and how organizations can adapt to stay resilient. Let’s start with the headline that’s making waves across the cybersecurity community: the rise of advanced exploit campaigns targeting widely used platforms. This isn’t just a technical concern—it’s a direct threat to business continuity, data privacy, and even reputational trust. First up, the Darksword exploit kit. This is a new campaign that’s specifically targeting iPhone devices, and it’s notable for both its sophistication and its speed. Attackers are leveraging six different vulnerabilities, including three zero-days, to achieve full device takeover. For those less familiar, a zero-day is a vulnerability that’s unknown to the vendor and for which no patch exists at the time of discovery. These are the crown jewels for attackers, and when multiple zero-days are chained together—as we’re seeing with Darksword—the impact can be devastating. What’s particularly concerning is how quickly these exploits are being weaponized. The window between vulnerability discovery and active exploitation is shrinking, putting immense pressure on security teams to patch devices rapidly. For organizations with bring-your-own-device policies or executives traveling internationally, the risk is even higher. Mobile device management needs to be more than a checkbox—it should be an active, ongoing process. Rapid iOS patch deployment is essential, and organizations should consider tightening controls around device access, especially for users with elevated privileges or access to sensitive data. Shifting gears, let’s talk about network infrastructure. Cisco firewalls are a staple in enterprise environments, but even these robust systems aren’t immune. A zero-day vulnerability in Cisco firewalls is currently being exploited by the Interlock ransomware group. Attackers are bypassing security controls and deploying ransomware payloads directly onto networks. This is a classic example of attackers going after the “plumbing” of the internet—targeting the very devices meant to keep us safe. This trend—using network infrastructure as an initial access vector—underscores the importance of timely firmware updates. But patching alone isn’t enough. Network segmentation can help limit the blast radius of an attack, and continuous monitoring of firewall logs is critical for detecting anomalous activity early. If you’re not already reviewing your firewall logs for signs of compromise, now’s the time to start. Browsers are another high-value target, and Google Chrome is no exception. Google has just issued an urgent update for Chrome, version 146, to address an actively exploited zero-day. Given Chrome’s ubiquity in both consumer and enterprise environments, the risk here is widespread. Delayed patching can leave organizations open to drive-by attacks, where simply visiting a compromised website can result in malware infection or credential theft. Security teams should prioritize rolling out browser updates across all endpoints—laptops, desktops, and even mobile devices. But technology alone won’t solve the problem. User awareness is equally important. Employees need to recognize the risks of phishing emails and malicious downloads, as attackers often use social

Mar 19

•

15 min
JAN 5

When Cybersecurity Pros Go Rogue: Insider Threats, Massive Breaches, and the ALPHV Takedown

In this eye-opening episode, Mike Housch covers the shocking story of US cybersecurity professionals who pleaded guilty to participating in ALPHV ransomware attacks, plus critical vulnerabilities like the React2Shell exploit affecting 85,000 systems, major data breaches at Covenant Health and the European Space Agency, WhatsApp metadata leaks, and a devastating $8.5M cryptocurrency wallet supply chain attack. From insider threats to IoT botnets, this episode covers the full spectrum of cybersecurity shenanigans kicking off the new year.

Jan 5

•

17 min
MAR 13

Daily Cyber & AI Briefing — 2026-03-13

Daily Cyber & AI Briefing with Michael Housch. This draft includes the assembled audio and full transcript for review before publication. TranscriptWelcome to today’s cyber and AI risk brief. I’m Michael Housch, and over the next several minutes, I’ll walk you through the most pressing developments shaping the security landscape right now. We’re seeing a convergence of urgent vulnerabilities, active exploitation, and a rapidly evolving mix of threats—from sophisticated supply chain attacks to the growing intersection of AI and cybersecurity. Let’s dive in. First, let’s talk about what’s dominating headlines: a surge in critical software vulnerabilities and active zero-day exploits. If your organization relies on Chrome, Veeam, or OpenSSH—and let’s be honest, that’s most of us—you need to pay close attention. Google Chrome, the world’s most widely used browser, is under active attack. Security researchers and Google have disclosed several zero-day vulnerabilities in Chrome’s Skia and V8 components. These are not theoretical issues—attackers are exploiting them in the wild right now. The flaws allow remote execution of malicious code, meaning a user could visit a compromised website and inadvertently give an attacker a foothold on their machine. The takeaway here is simple: update Chrome immediately across your organization. Don’t wait for a scheduled maintenance window. Rapid patching is critical, especially given how central browsers are to daily business operations. For CISOs and IT leaders, this is a reminder that browser security is not just an endpoint issue—it’s a gateway to your enterprise. Moving on to backup infrastructure, Veeam has released urgent patches for multiple critical remote code execution vulnerabilities in its backup server platform. Veeam is a backbone for data protection in many enterprises, and these flaws could allow attackers to gain full control over backup systems. The risk isn’t just data theft—it’s the potential for ransomware actors to destroy or encrypt your backups, undermining your ability to recover from an attack. If you’re running Veeam, prioritize these patches and review who has access to your backup environment. This is about more than compliance; it’s about business continuity. Let’s shift to the threat landscape on the malware front. Researchers have uncovered a sophisticated campaign leveraging Remcos RAT, a remote access Trojan, using multi-stage payloads hidden in JavaScript and PowerShell scripts. This approach helps attackers evade traditional detection tools and establish persistent access. What’s notable here is the blending of scripting languages and the use of multiple stages to slip past defenses. The practical implication is clear: organizations need layered endpoint protection, robust script monitoring, and ongoing user awareness training. Attackers are getting smarter about bypassing signature-based defenses, so our detection strategies must evolve as well. Now, let’s talk about data breaches and reputational risk. Starbucks recently suffered a breach that exposed the personal information of hundreds of users. While the scale is limited compared to some mega-breaches, it’s a stark reminder that even well-resourced, consumer-facing brands remain vulnerable. The consequences of these incidents go beyond regulatory fines—they erode customer trust and can have lasting reputational impact. For security leaders, this is a cue to review data protection practices, especially around customer-facing platforms, and to ensure incident response plans are up to date and tested. Supply chain risk continues to escalate, and it’s not just a buzzword. Group-IB has profiled six supply chain attack groups that are expected to be major players in 2026. These groups are targeting software dependencies and third-party providers, exploiting the trust organizations place in their vendors. The SolarWinds attack a few years ago was a wake-up

Mar 13

•

15 min
09/16/2025

Episode 16 (9/16/2025)

Today’s episode covers Apple's extensive backports and new OS releases to patch over 50 vulnerabilities, including a critical ImageIO flaw (CVE-2025-43300) exploited in targeted spyware attacks against WhatsApp users. Another significant concern is the "FileFix" social engineering campaign, which leverages deceptive Facebook security alerts to trick victims worldwide into executing StealC information-stealing malware via malicious images downloaded from legitimate platforms like BitBucket. Furthermore, researchers have demonstrated "Phoenix," a novel Rowhammer attack (CVE-2025-6202) capable of achieving root access on DDR5 memory systems in under two minutes, despite advanced in-DRAM refresh mechanisms. Finally, an emerging threat involves ChatGPT's calendar integration, which can be exploited with specially crafted invites to exfiltrate sensitive emails, highlighting broader vulnerabilities in AI assistant integrations with enterprise tools. China's new cybersecurity regulations, demanding incident reporting within one hour, underscore a global trend towards stricter disclosure requirements in the face of these escalating cyber threats.

09/16/2025

•

9 min
FEB 19

Zero-Days, Shiny Hunters, and the Texas Throwdown

On today's episode of Cyber Scoops & Digital Shenanigans, host Mike Housch breaks down ten stories rattling the security world this week — from a Chrome zero-day already being exploited in the wild and a Chinese espionage group quietly living inside Dell infrastructure for 18 months, to ShinyHunters going car shopping at CarGurus and Texas AG Ken Paxton picking a legal fight with TP-Link over alleged CCP ties. It's a packed house — buckle up.

Feb 19

•

24 min
10/20/2025

AI Data Pipelines, $25M Fraud Defense, and Investing in the Cyber 'Just War'

This week on the Cyber Street Journal, we dive deep into the capital flow supporting cyber defense, highlighting major funding rounds for firms like Resistant AI and Realm.Security. We also examine SentinelOne’s latest $225 million acquisition of Observo AI and discuss Born Defense's unique investment issuer model challenging traditional VC structures.

10/20/2025

•

8 min
10/27/2025

AI Jailbreaks, Hacking Team Spyware, and the Million-Dollar Exploit That Wasn't

Today, we dive into critical AI browser vulnerabilities, including a trick that weaponizes the OpenAI Atlas omnibox, and analyze the spectacular flop of a promised $1 million WhatsApp exploit at Pwn2Own. Plus, we cover active exploitation of a critical Windows Server WSUS vulnerability and the shifting economics of ransomware.

10/27/2025

•

12 min
10/23/2025

High-Severity Zero-Days, Cache Poisoning, and the AI Code Judgment Crisis

Today we dive into critical updates for BIND against high-severity cache poisoning flaws, the zero-day exploitation of Lanscope Endpoint Manager that requires immediate federal attention, and the serious governance concerns raised by "vibe coding" and AI-generated code's lack of judgment. We also examine Verizon’s latest Mobile Security Index, highlighting soaring mobile device attacks and the alarming rise of AI-powered threats like deepfakes and SMS phishing.

10/23/2025

•

10 min
11/10/2025

Agentic Threats and Trustworthy AI: The Week in Review

This week, we dive into critical research from MIT aimed at building safer, faster AI models and modular software, contrasted sharply by alarming reports of successful data exfiltration attacks against major LLMs like Claude and ChatGPT, alongside the emergence of autonomous, adaptive malware. We also look at the governance challenges presented by autonomous "agentic users" entering the enterprise workforce and the profound uncertainty surrounding AI integration in K-12 schools.

11/10/2025

•

15 min
09/29/2025

Episode 23 (9/29/2025

Today we dissect the new wave of low-profile, high-impact cybercrime, starting with Akira ransomware operators leveraging legitimate IT tools to blend in, giving defenders only hours to respond. Then, we scrutinize the UK government's massive financial intervention following the JLR attack, asking: Did that £1.5 billion bailout just paint a giant target on the UK?

09/29/2025

•

7 min

Stay ahead of the curve with a channel dedicated to the technologies shaping our future. From breakthrough advances in artificial intelligence and the latest cybersecurity threats and defenses, to the most important mergers, acquisitions, and deals in the cyber and tech landscape — our podcasts deliver sharp insights and expert analysis every week. Whether you’re a security leader, AI innovator, or tech strategist, this channel brings you the conversations and news that matter most in today’s digital world.

The CISO Life

Top Shows

Daily Cyber & AI Briefing — 2026-03-19

When Cybersecurity Pros Go Rogue: Insider Threats, Massive Breaches, and the ALPHV Takedown

Daily Cyber & AI Briefing — 2026-03-13

Episode 16 (9/16/2025)

Zero-Days, Shiny Hunters, and the Texas Throwdown

AI Data Pipelines, $25M Fraud Defense, and Investing in the Cyber 'Just War'

AI Jailbreaks, Hacking Team Spyware, and the Million-Dollar Exploit That Wasn't

High-Severity Zero-Days, Cache Poisoning, and the AI Code Judgment Crisis

Agentic Threats and Trustworthy AI: The Week in Review

Episode 23 (9/29/2025

About

The CISO Life

Top Shows

Top Episodes

About