You've Already Been Hacked

Professor CyberRisk

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

  1. 11h ago

    RoguePlanet: A SYSTEM-Level Wake-Up Call

    Episode 3x54: RoguePlanet: A SYSTEM-Level Wake-Up Call Hosts: Professor CyberRisk & Cyber Cowboy TOP STORY: RoguePlanet — Windows Defender Zero-Day (CVE-2026-50656) Microsoft has patched a critical race condition in Windows Defender that allows attackers to escalate privileges to SYSTEM level on fully patched Windows 10 and 11 devices. Discovered by researcher Nightmare Eclipse, who published a proof-of-concept after Microsoft removed their repos from GitHub and GitLab. The exploit is probabilistic but works regardless of real-time protection status. The fix was delivered via Malware Protection Engine 1.1.26060.3008 on July 8. Every previous Nightmare Eclipse disclosure (RedSun, UnDefend, BlueHammer) has been weaponized in the wild. Source: https://www.securityweek.com/microsoft-patches-defender-rogueplanet-vulnerability/ --- STORY 1: Injective SDK npm Supply-Chain Attack Hackers compromised a legitimate Injective Labs contributor account to publish malicious npm package @injectivelabs/sdk-ts v1.20.21. The malware only activates when developers call wallet key functions — capturing mnemonic seed phrases and private keys, then exfiltrating them through legitimate Injective Labs infrastructure endpoints. The package had 50,000 weekly downloads and 87 dependent packages. Malicious version was downloaded 310 times before deprecation. Source: https://www.bleepingcomputer.com/news/security/injective-sdk-on-npm-infected-with-cryptocurrency-wallet-stealer/ --- STORY 2: QIZ Security Raises $17M for Post-Quantum Readiness QIZ Security announced a $17M seed round for its post-quantum cryptography readiness platform. The funding comes as a Trump executive order requires federal PQC migration by end of 2030 (accelerated from 2035). Most enterprises can't answer basic questions about their own cryptography — where algorithms are deployed, who owns keys, or what breaks during migration — leaving them vulnerable to "harvest now, decrypt later" attacks. Source: https://siliconangle.com/2026/07/09/qiz-security-raises-17m-seed-round-post-quantum-readiness-platform/ --- STORY 3: Microsoft's AI-Driven Patch Tuesdays Getting Bigger Microsoft announced heavy AI integration into its security update pipeline, resulting in larger, more comprehensive Patch Tuesday releases. AI will proactively identify vulnerabilities earlier in the development lifecycle, the Secure Development Lifecycle now accounts for AI-enabled attack techniques, and new agentic harnesses will automatically generate and validate security fixes. Expect more patches per month and increased testing overhead. Source: https://www.theverge.com/tech/963307/microsoft-patch-tuesday-ai-security-updates --- STORY 4: GigaWiper Sleeper Wiper Microsoft detailed GigaWiper, a hybrid Windows backdoor combining code from FlockWiper, Crucio ransomware, and VNC-like remote access capabilities. Operators can keep it dormant for long-term surveillance before triggering irreversible damage — full disk wipe, targeted OS wipe, or fake ransomware with .candy extension using keys that are never saved. Persistence via "OneDrive Update" scheduled task. C2 uses RabbitMQ and Redis. Source: https://hackread.com/microsoft-gigawiper-backdoor-destroy-windows-pcs/ --- RESOURCES & LINKS • Bitdefender Threat Map: https://threatmap.bitdefender.com/ • Checkpoint Threat Map: https://threatmap.checkpoint.com/ • Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ • Talos Intelligence Spam Map: https://talosintelligence.com/ebc_spam • CVE-2026-50656 (RoguePlanet): https://www.securityweek.com/microsoft-patches-defender-rogueplanet-vulnerability/ --- STAY CONNECTED • Website: https://www.youvealreadybeenhacked.com • X: @professorcyberrisk • YouTube: https://www.youtube.com/@YABHPodcast • Discord: https://discord.gg/cz3xdsrqAE --- Generated: 2026-07-10 | JARVIS

    31 min
  2. Jun 21

    AI Export Controls, Defender Zero-Day & APT28 Attacks

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: AI Export Controls, Defender Zero-Day & APT28 Attacks - 2026-06-19 Episode Number: 3x53 Overview Weekly roundup of the most critical cybersecurity developments from 2026-06-14 to 2026-06-18. The White House forces Anthropic to restrict AI model access, Microsoft's own Defender gets a zero-day, Russian hackers exploit Office within hours of disclosure, Splunk Enterprise falls to unauthenticated RCE, and Kodak gets hit by ShinyHunters. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * AI export controls and government intervention in AI safety * Microsoft Defender RoguePlanet zero-day privilege escalation * APT28 rapid weaponization of Office zero-day against Ukraine/EU * Splunk Enterprise unauthenticated RCE zero-day (CVE-2026-20253) * ShinyHunters extortion campaign targeting Oracle PeopleSoft users Top Stories 1. The Korean Telecom Giant at the Center of Anthropic's Mythos Controversy - https://www.wired.com/story/sk-telecom-anthropic-mythos-export-controls/ 2. Microsoft Defender Zero-Day 'RoguePlanet' - CVE-2026-50656 - https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html 3. Russian APT28 Exploits Microsoft Office Zero-Day Hours After Disclosure - CVE-2026-21509 - https://thecyberexpress.com/russian-apt28-exploit-zero-day-cve-2026-21509/ 4. Splunk Enterprise Zero-Day — CVE-2026-20253 — https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/ 5. Kodak Confirms Data Breach as ShinyHunters Threatens 2.2M Record Leak - https://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadline Resources & Links * CISA Known Exploited Vulnerabilities Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog * CERT-UA Advisory on CVE-2026-21509: https://cert.gov.ua/ * Microsoft Security Response Center: https://msrc.microsoft.com/ * Splunk Security Advisory CVE-2026-20253: https://cybersecuritynews.com/splunk-enterprise-vulnerability-exploit/ Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    31 min
  3. Jun 14

    ShinyHunters Just Hit 100+ Companies — And Microsoft Dropped 200 Patches in One Day

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: ShinyHunters Just Hit 100+ Companies — And Microsoft Dropped 200 Patches in One Day Episode Number: 352 Overview Weekly roundup of the most critical cybersecurity developments from 2026-06-07 to 2026-06-11. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * Oracle PeopleSoft zero-day exploited by ShinyHunters across 100+ organizations * University of Nottingham breach — 40GB of student data leaked * Maine breach portal weaponized for fake disclosure misinformation * CISA KEV listing: actively exploited Magento RCE (CVE-2026-45247) * Microsoft record Patch Tuesday: 200 vulnerabilities, 6 zero-days, BitLocker bypasses Top Stories 1. Oracle warns of security bug that hackers abused to breach 100+ companies | TechCrunch - https://techcrunch.com/2026/06/11/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies/ Additional Cybersecurity News – Titles and URLs 2. Maine breach portal abused to publish fake data breach disclosures - https://www.bleepingcomputer.com/news/security/maine-breach-portal-abused-to-publish-fake-data-breach-disclosures/ 3. ShinyHunters Leak 40GB of University of Nottingham Student Data - https://hackread.com/shinyhunters-university-of-nottingham-student-data-leak/ 4. CISA Lists Actively Exploited Magento RCE — CVE-2026-45247 - https://cipherssecurity.com/cve-2026-45247-magento-mirasvit-rce-cisa-kev/ 5. Microsoft June Patch Tuesday fixes 6 zero-days and 200 flaws — a record-breaking month - https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-3-zero-day-200-flaws/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    33 min
  4. Jun 7

    FBI FLASH Alert: Ransomware Gang Sending Fake IT Workers Into Law Firms

    Hosts * Professor CyberRisk *Cyber Cowboy Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam --- ## EPISODE TITLE FBI FLASH Alert: Ransomware Gang Sending Fake IT Workers Into Law Firms Episode Number: 351 --- ## EPISODE DESCRIPTION The Silent Ransom Group just crossed from cyber into the physical world — and the FBI's highest-urgency FLASH alert is their warning. Russia-linked extortion operatives are walking into law firm offices disguised as IT support, plugging in USB drives, and stealing data when remote social engineering fails. We break down the full attack chain, the 100+ firms hit so far, and why Jones Day (yes, Trump's lawyers) is on their leak site. Plus this week: A Cisco SD-WAN zero-day with NO PATCH that gives attackers root across your entire network fabric. An AI-discovered "HTTP/2 Bomb" that can take down any major web server in seconds — found by OpenAI's own Codex. Google and YouTube ads silently delivering a macOS backdoor that passed Apple notarization. And how Grafana Labs got hit by the same npm supply chain attack that compromised OpenAI and Mistral. Links to all stories below. Subscribe for weekly threat intelligence breakdowns. ---- ## STORY LINKS **Silent Ransom Group FBI Alert:** https://techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/ **Cisco SD-WAN 0-Day (CVE-2026-20245):** https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/ **HTTP/2 Bomb (CVE-2026-49975):** https://cybersecuritynews.com/http-2-bomb-remote-dos-exploit/ **Operation FlutterBridge:** https://unit42.paloaltonetworks.com/flutterbridge-new-fluttershell-backdoor/ **Grafana Labs Supply Chain Breach:** https://thehackernews.com/2026/05/grafana-github-breach-exposes-source.html Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    38 min
  5. May 31

    AI Is Now the Weapon — GreyVibe, BTMOB, and the New Attack Pipeline

    Hosts * Professor CyberRisk Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: AI Is Now the Weapon — GreyVibe, BTMOB, and the New Attack Pipeline Episode Number: 350 Overview This week: A Russian-linked threat group called GreyVibe is weaponizing ChatGPT, Google Gemini, and Ideogram AI to run sophisticated cyberespionage campaigns against Ukrainian targets across military, government, and civilian sectors. ESET documents BTMOB, an Android RAT sold as malware-as-a-service with a point-and-click builder for generating custom phishing payloads. Perplexity launches Bumblebee, an open-source developer supply chain scanner. And we look at how social engineering on gaming platforms like Roblox is leading to malware infections and extortion attempts targeting younger demographics. Guest Information None this episode Topics Covered * GreyVibe threat group uses AI tools (ChatGPT, Gemini, Ideogram) for cyberespionage against Ukrainian targets * BTMOB Android RAT-as-a-service with graphical APK builder for custom phishing payloads * Perplexity launches Bumblebee open-source developer supply chain scanner * Roblox social engineering campaign leads to malware infection and cookie-logging extortion Top Stories 1. GreyVibe hackers use ChatGPT, Gemini to power cyberattacks - https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/ Additional Cybersecurity News - Titles and URLs 2. BTMOB Android malware service generates custom phishing payloads - https://www.bleepingcomputer.com/news/security/btmob-android-malware-service-generates-custom-phishing-payloads/ 3. Perplexity launches Bumblebee: open-source read-only dev supply chain scanner - https://www.zdnet.com/article/perplexity-launches-bumblebee-how-its-new-read-only-dev-scanner-differs-from-chainguard/ 4. Roblox social engineering leads to malware infection and extortion - https://www.bleepingcomputer.com/forums/t/816420/malware-extortion-and-cookie-logging/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    14 min
  6. May 25

    Netherlands Seizes 800 Servers in Pro-Russian Cyber Takedown + Microsoft Defender Zero-Days

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Netherlands Seizes 800 Servers in Pro-Russian Cyber Takedown + Microsoft Defender Zero-Days Episode Number: 349 Overview This week: Dutch authorities dismantle a massive bulletproof hosting operation linked to pro-Russian cyberattacks, seizing 800 servers and arresting two suspects. Microsoft confirms two actively exploited zero-days in Windows Defender and rushes emergency mitigation for a BitLocker bypass vulnerability. A solo researcher's six-week campaign of retaliatory zero-days against Microsoft is now being weaponized by ransomware groups. And Foxconn confirms a Nitrogen ransomware attack stole 8TB of data including network topology maps for Intel, Google, and other major tech firms. Guest Information None this episode Topics Covered * Netherlands seizes 800 servers of hosting firm enabling pro-Russian cyberattacks * Two actively exploited Microsoft Defender zero-days (CVE-2026-41091, CVE-2026-45498) * YellowKey BitLocker bypass zero-day - emergency manual mitigation required * Nightmare-Eclipse: six zero-days targeting Windows core security stack * Foxconn Nitrogen ransomware attack - 8TB stolen, supply chain implications Top Stories 1. Netherlands Seizes 800 Servers, Arrests Two in Major Takedown of Pro-Russian Cyberattack Hosting Infrastructure - https://www.bleepingcomputer.com/news/security/netherlands-seizes-800-servers-of-hosting-firm-enabling-cyberattacks/ Additional Cybersecurity News - Titles and URLs 2. Microsoft Warns of Two Actively Exploited Defender Zero-Days - Patches Rolling Out - https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/ 3. Microsoft Rushes Emergency Mitigation for YellowKey - BitLocker Bypass Zero-Day - https://cybersecuritynews.com/windows-bitlocker-yellowkey-mitigation/ 4. Nightmare-Eclipse - Six Zero-Days, Six Weeks, One Big Grudge - https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge 5. Foxconn Confirms Nitrogen Ransomware Attack - 8TB Stolen Including Network Topology Maps - https://cybersecuritynews.com/foxconn-confirms-cyberattack/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    36 min
  7. May 17

    Breached, Stolen, Encrypted This Week's Cyber Threat Trifecta

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Breached, Stolen, Encrypted This Week's Cyber Threat Trifecta Episode Number: 349 Overview Weekly roundup of the most critical cybersecurity developments from 2026-05-10 to 2026-05-14. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * Main threat analysis and implications * Emerging AI security challenges * Vulnerability disclosures and patches * Threat landscape updates Top Stories 1. Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/ Additional Cybersecurity News – Titles and URLs 2. TeamPCP hackers advertise Mistral AI code repos for sale - https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/ 3. Red Hat outlines sovereign AI strategy amid growing regulation and control concerns - https://siliconangle.com/2026/05/14/red-hat-outlines-sovereign-ai-strategy-amid-growing-regulation-control-concerns/ 4. .VER_TU-[random string] has encrypted my files (Mimic/Pay2Key) - https://www.bleepingcomputer.com/forums/t/816096/ver-tu-random-string-has-encrypted-my-files-mimicpay2key/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

    32 min
  8. May 10

    9,000 Schools Hacked, AI Used as Malware Bait, and the IMF Sounds the Alarm

    Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: 9,000 Schools Hacked, AI Used as Malware Bait, and the IMF Sounds the Alarm Episode Number: TBD Air Date: 2026-05-08 Overview It was a rough week for education, AI trust, and global finance. Join Professor CyberRisk and Cyber Cowboy Live as they break down the biggest cybersecurity stories from 2026-05-03 to 2026-05-07 — including a massive Canvas LMS breach affecting 275 million users, attackers using fake AI sites to spread new malware, and the IMF warning that advanced AI could trigger a systemic shock to global financial markets. Guest Information None this episode Top Stories 1. Duke among 9,000 schools affected by Canvas cyberattack - The Duke Chronicle The threat group ShinyHunters breached Instructure's Canvas LMS, defacing login pages and exfiltrating over 3.65 TB of data across nearly 9,000 institutions worldwide — affecting an estimated 275 million users. https://slashdot.org/firehose.pl?op=view&id=183156890 2. Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware Attackers built a convincing fake site for a popular AI tool, using SEO poisoning and malvertising to deliver a new backdoor called Beagle via DLL sideloading. https://hackread.com/hackers-fake-claude-ai-site-infect-beagle-malware/ 3. Akamai shares surge 26% on $1.8B AI infrastructure deal as Q1 results meet estimates Akamai is doubling down on AI-powered security with a major acquisition, signaling where the industry is heading. https://siliconangle.com/2026/05/07/akamai-shares-surge-26-1-8b-ai-infrastructure-deal-q1-results-meet-estimates/ 4. IMF Warns New AI Models Risk 'Systemic' Shock To Finance The IMF is raising red flags about AI-powered cyberattacks targeting the highly interconnected global financial system — and the potential for cascading consequences. https://news.slashdot.org/story/26/05/07/200212/imf-warns-new-ai-models-risk-systemic-shock-to-finance Topics Covered * Canvas LMS breach: scope, impact, and what schools should do now * How attackers are weaponizing AI brand trust to spread malware * Akamai's AI security acquisition and what it signals for the industry * IMF's warning on AI-driven systemic risk to global finance Resources & Links None this episode Call to Action * Subscribe to stay ahead of the latest cybersecurity threats every week * Leave a review and let us know what stories you want covered * Join the conversation in our Discord community — links below Sponsors No sponsors this episode Connect With Us * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord: https://discord.gg/cz3xdsrqAE

    25 min

Ratings & Reviews

5
out of 5
4 Ratings

About

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

You Might Also Like