The Awareness Angle: Cyber Security Awareness and Human Risk

Risky Creative - Cyber Security for Humans
  • 0.0 (0)
  • Tech News
  • Updated Weekly

The Awareness Angle is a weekly cybersecurity podcast that makes cyber security make sense for everyday people. Every week, Ant and Luke break down the biggest cyber security news, including data breaches, phishing scams, AI fraud, and the sneaky ways people get hacked, in plain English with no jargon. But this isn’t just another tech podcast. We focus on the human side of cyber security. How scams actually work, why people fall for them, and what you can do to stay safer online. Whether you’re worried about identity theft, online fraud, or just want to understand what’s going on in the world of cyber security, you’ll get practical tips, real-world examples, and relatable stories every week. New episodes every week. Subscribe so you never miss one.

  1. 6d ago

    They Walked Into the Law Firm, 23andMe Covered It Up & Your AI Can Be Hacked Through a Podcast

    Solo episode this week. A fake UK visa website left 100,000 passports in an open folder online. iPhone thieves in London are now threatening victims' families to get them to remove Activation Lock. California has sued the company formerly known as 23andMe, alleging they paid the hacker in secret while telling customers everything was fine. A ChatGPT vulnerability lets attackers hide phishing links inside AI responses. A criminal group called Silent Ransom Group has been physically walking into US law firm offices dressed as IT support and plugging in USB drives. And researchers demonstrate AudioHijack - inaudible commands hidden inside podcasts, Zoom calls and music that AI assistants process as real instructions while you hear nothing. Plus: a real Amber Alert that looked exactly like a phishing scam because the URL got clipped by a character limit, and how a TikToker's phone home screen told scammers exactly which bank to impersonate when they called him. Chapters00:00 Intro01:04 SANS Security Awareness Summit - Official Media Partner Announcement02:15 Flying Solo This Week02:45 Breach of the Week - UK Visa Portal Leaks 100,000 Passports04:34 London iPhone Theft - Thieves Are Now Threatening Your Family09:42 23andMe - California Sues Over the Cover-Up, Not Just the Breach15:47 ChatGPhish - Attackers Hiding Phishing Links Inside ChatGPT21:31 Silent Ransom Group - Criminals Walking Into Law Firm Offices27:36 AudioHijack - The AI Commands Hidden in Sounds You Can't Hear34:50 Amber Alert Accidental Phishing (Ant's Topic)39:41 Tom the Tech Chap - Your Phone Screen Tells Scammers Which Bank to Impersonate (Luke's Topic) The Awareness Angle is a weekly cybersecurity podcast and newsletter that explains the biggest cyber threats, data breaches, and online scams in plain English. No jargon. No technical background needed. New episode every week. 📧 Newsletter🌐 riskycreative.com🎙️ Spotify🎙️ Apple Podcasts▶️ YouTube: @riskycreative📱 TikTok: @antdaviscyber📱 Instagram: @antdaviscyber💼 LinkedIn: antdaviscyber Our Intro and Outro Song © 16 by Falling Foreverhttps://fallingforever.bandcamp.com/track/16Licence: CC BY 4.0 https://creativecommons.org/licenses/by/4.0/

    47 min

  2. May 25

    CISA Left Its Passwords on GitHub, Mac's Worst Malware Yet & The Verizon DBIR Breakdown

    CISA left admin passwords and AWS keys on a public GitHub repo called "Private-CISA" for six months. A new macOS stealer called Reaper fakes Apple security updates to steal everything on your machine. And the 2026 Verizon DBIR lands with 22,000 breaches across 145 countries. Chapters00:00 Intro01:30 Breach Watch: 7-Eleven / ShinyHunters04:20 Breach Watch: Portugal postal service leak07:12 CISA left passwords on public GitHub12:32 Iran-linked attacks on US fuel monitors17:54 Reaper macOS stealer22:43 Discord end-to-end encryption27:01 The 2026 Verizon DBIR breakdown33:26 Newsletter and socials34:30 Security Socials Subscribe to the newsletter at riskycreative.com Follow us on TikTok | Instagram | LinkedIn Listen on Spotify | Apple Podcasts Our Intro and Outro Song is 16 by Falling ForeverListen on BandcampLicensed under Creative Commons Attribution 4.0

    51 min

  3. May 18

    Fired on a Teams Call, Deleted 96 Databases While Still Recording

    This week the Canvas story is back. Instructure has paid ShinyHunters and says the stolen student data has been destroyed, but nobody in the security industry believes them. A telehealth platform breach exposed over 700,000 patients from a company most of them have never heard of. Twin brothers got fired on a Teams call, forgot it was still recording, and deleted 96 government databases while talking through their plan out loud. Kids are beating age verification with a drawn-on mustache. A fake Claude Code installer is stealing developer credentials through Google search ads. And Google has confirmed for the first time that hackers used AI to find and exploit a zero-day. Plus, a stoner just recovered $400,000 in Bitcoin after losing his password while high in 2015. Chapters00:00 Intro01:42 Breach Watch: Canvas Pays ShinyHunters05:56 Breach Watch: OpenLoop Health Breach10:20 Twin Brothers Delete 96 Government Databases14:03 Kids Bypass Age Verification With a Fake Mustache19:18 Fake Claude Code Installer24:34 Hackers Used AI to Find a Zero-Day30:20 Stoner Recovers $400K Bitcoin With AI33:57 Audi VIN Vulnerability40:32 Security Socials47:24 UK Banks Storing Biometric Data51:47 Waymo Cars Driving Into Floods Subscribe to the weekly newsletter at riskycreative.com or find us as The Awareness Angle on LinkedIn, TikTok, Instagram, YouTube, Spotify and Apple Podcasts. 📩 Newsletter🎧 Spotify🎧 Apple Podcasts📸 Instagram🎵 TikTok: @infosecant▶️ YouTube 🎵 Music: "16" by Falling ForeverCreative Commons Attribution 4.0

    53 min

  4. May 11

    Dead Airline Still Taking Bookings, Chrome's Secret AI Download & The Hackable Killer Lawn Mower

    Spirit Airlines shut down on May 2nd but nobody turned anything off. A security researcher discovered the entire booking system is still running, still taking personal details, and still attempting payment transactions for flights that will never exist. Google Chrome has been silently downloading a 4GB AI model onto your computer without consent, and if you delete it, it comes back. And a $5,000 robot lawn mower can be hijacked by anyone on the internet, including overriding the emergency stop button. It phones home to TikTok's parent company. Also this week: Zara and Cushman & Wakefield both breached by ShinyHunters, a phishing attack that bypasses MFA using Microsoft's own login flow, Instagram quietly removes encrypted DMs, Anthropic's Mythos AI finds tens of thousands of vulnerabilities, OpenAI adds a trusted contact feature after self-harm lawsuits, and a student stops four high-speed trains with a radio he bought online. Chapters00:00 Intro01:43 Breach Watch: Zara Data Breach via Third-Party Vendor03:43 Breach Watch: Cushman & Wakefield Vishing Attack08:34 ConsentFix v3 Bypasses MFA via Microsoft OAuth12:18 Spirit Airlines Zombie Infrastructure Still Taking Bookings19:04 Google Chrome Secretly Installs 4GB AI Model24:31 Instagram Drops End-to-End Encryption on DMs29:22 Anthropic Mythos Exposes Thousands of Vulnerabilities35:25 OpenAI Trusted Contact Feature40:14 Student Hacks Taiwan High-Speed Rail44:25 Yarbo Robot Lawn Mower Hack51:20 Security Socials1:00:00 Outro Subscribe to the weekly newsletter at riskycreative.com for the full breakdown of every story. 📺 YouTube🎧 Spotify🎧 Apple Podcasts📰 Newsletter📸 Instagram📱 TikTok: @infosecant🌐 Website 🎵 Our Intro and Outro Song © 16 by Falling ForeverLicensed under CC BY 4.0

    1h 3m

  5. May 5

    ADT Breached by a Phone Call, AI Wipes a Startup in 9 Seconds, and 85% of UK Breaches Are Phishing

    This week on The Awareness Angle, we hit 1.2 million views on a single video across TikTok and Instagram, which is pretty wild for an independent podcast. Thank you to everyone who watched and shared. ADT gets breached for the third time in under a year and it all started with a phone call. An AI coding agent wipes a startup's entire database and all its backups in nine seconds, then writes its own incident report admitting it broke every safety rule it had. The supply chain attack that started with Trivy has now hit Checkmarx and Bitwarden, with three criminal groups teaming up to turn supply chain access into ransomware. And the UK government's annual cyber report says 43% of businesses were breached last year, phishing was behind 85% of them, and despite M&S, Co-op and JLR making national headlines, nothing's really changed. Plus Instructure's Canvas LMS breached again, Itron's smart meters filing quietly on a Friday night, Microsoft Teams helpdesk impersonation going wild, 610,000 Roblox accounts stolen by three lads in Ukraine, QR code scams in Toronto, and a toaster with a touchscreen that nobody asked for. The Awareness Angle is an independent cybersecurity podcast covering cyber news, data breaches, phishing, social engineering, and security awareness. New episodes every week. Chapters:00:00 Intro01:30 Welcome01:52 ADT Breached Again by ShinyHunters Vishing Attack07:23 Instructure / Canvas LMS Hit by Another Cyber Attack13:38 Critical Infrastructure Giant Itron Confirms Cyberattack17:56 AI Coding Agent Deletes Startup Database in 9 Seconds25:28 Supply Chain Attack Hits Checkmarx and Bitwarden28:40 Roblox Account Theft: 610,000 Accounts Stolen36:56 UK Cyber Security Breaches Survey 2025-2643:06 Microsoft Teams Helpdesk Impersonation Attacks52:21 QR Code Scams in Toronto57:03 Smart Toasters and Unnecessary IoT1:01:09 Hannah Fry on AI Agents Going Rogue Subscribe to the newsletter at riskycreative.com Our Intro and Outro Song © 16 by Falling Foreverhttps://fallingforever.bandcamp.com/track/16Licensed under Creative Commons Attribution 4.0https://creativecommons.org/licenses/by/4.0/

    1h 7m

  6. Apr 27

    How Roblox Cheats Led to a Corporate Breach, Warship Tracked by Postcard, Passkeys Replace Passwords

    Roblox cheats at work lead to a full corporate breach. Half a million people's health data listed for sale on Alibaba by the researchers trusted to protect it. A $5 Bluetooth tracker in a postcard tracks a NATO warship for 24 hours. The UK government officially says passkeys should replace passwords. In this episode we break down the Vercel breach, the UK Biobank scandal, a Bluetooth tracker that exposed a $585 million warship, the NCSC's official passkey guidance ahead of World Password Day, plus Rituals Cosmetics, GCHQ's SilentGlass, Claude Desktop's silent browser hooks, a Grafana-branded sextortion scam, and Bitwarden's CLI getting hijacked. Chapters 00:00 Intro01:18 Vercel Breach: Roblox Cheats to Customer Data Exposure06:38 Rituals Cosmetics Loyalty Programme Breach09:46 UK Biobank Health Data Sold on Alibaba13:41 GCHQ SilentGlass: Blocking Malware Over HDMI16:25 Claude Desktop Silently Installs Browser Hooks24:03 Sextortion Scam Disguised as Grafana Alert29:15 Bitwarden CLI Hijacked in Supply Chain Attack31:52 $5 Bluetooth Tracker Exposes NATO Warship35:44 NCSC: Passkeys Should Replace Passwords42:50 Security Socials: The HR Hot Take46:08 Security Socials: Spam Caller Rick Astley Script48:09 Security Socials: iPhone 17 Pro Stolen51:56 Security Socials: My Cocoon Airplane Privacy54:19 Security Socials: GPT Image 2 AI Generation58:57 Outro Subscribe to the newsletter for links to every story we discuss: LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/ Our Intro and Outro Song © 16 by Falling Forever — Bandcamp: https://fallingforever.bandcamp.com/track/16 — Licence: https://creativecommons.org/licenses/by/4.0/

    1 hr

  7. Apr 20

    Hungarian Passwords, Rockstar Hacked & Booking.com Scams

    Nearly 800 Hungarian government passwords found in breach databases — including one from a colonel in charge of information security who used "FrankLampard". We break down how it happened, why it keeps happening, and what it means for anyone responsible for security culture at work. Also this week: Rockstar Games hacked for the second time in three years through a third-party supplier. Basic-Fit gym breach exposes bank details of around one million members across Europe. Booking.com customers scammed using their own stolen reservation data before the company even told them about the breach. On the news side: Microsoft's biggest ever Patch Tuesday with 165 fixes including an actively exploited SharePoint flaw, France ditching Windows across government, a UK energy company loses £700,000 in a payment redirection attack, Google cracking down on back button hijacking, and an emergency Adobe Acrobat patch for a flaw being quietly exploited since December. Cybersecurity news explained in plain English. No jargon. Just the stories that matter and why they matter to real people. New episodes every week. Subscribe wherever you listen. SpotifyApple PodcastsLinkedIn NewsletterYouTubeInstagramTikTok Our Intro and Outro Song © 16 by Falling Forever — https://fallingforever.bandcamp.com/track/16

    53 min

  8. Apr 13

    Missile Alert Phishing, Meeting Recordings Exposed and You Already Have A QR Code Generator

    This week: attackers are sending fake missile alert emails exploiting real Iran-US-Israel tensions to steal Microsoft credentials via QR code. We also cover a massive leak of sensitive LAPD police documents, an AI model that autonomously finds and exploits thousands of zero-days, and a Windows exploit that went public after a researcher fell out with Microsoft. This week on The Awareness Angle: Hackers steal 7.7TB of sensitive LAPD police documents including officer files, internal affairs investigations, and unredacted witness identities, via a third-party storage system. World Leaks (formerly Hunters International) are behind it. Anthropic's Claude Mythos autonomously discovers and exploits thousands of zero-day flaws across major systems. The same capability that speeds up defence also speeds up attack. We break down what this means for security teams. GrafanaGhost: a vulnerability in the popular monitoring platform Grafana that allows silent data exfiltration via AI prompt injection. Grafana disputes the severity. We give both sides. Fake missile alert emails are landing in inboxes right now, exploiting real Iran-US-Israel tensions. They use QR codes to bypass email filters and redirect victims to a fake Microsoft login page. Urgency is the mechanism. BlueHammer: a Windows local privilege escalation zero-day leaked publicly by a disgruntled researcher after a falling-out with Microsoft's security response team. No patch available. Functional exploit on GitHub. The White House is proposing a $707 million cut to CISA, the agency that coordinates national cyber defence. A third of staff already left in the first months of Trump's second term. Phish of the Week (from Hoxhunt): a WhatsApp/Meta impersonation email targeting business accounts that captures your login credentials and your MFA code in real time. Plus: a North Korean hacker gets caught mid-interview, a job candidate accidentally receives a recording of his interviewers criticising him after he dropped off the call, and TikTok Lite appearing on Android phones after a carrier update. 00:00 Introduction 01:03 Breach of the Week: LAPD Police Documents Stolen and Leaked 03:18 Wynn Resorts - 21,000 Employees Hit by ShinyHunters 05:21 ChipSoft Ransomware Attack Disrupts Dutch Hospitals 06:51 Jones Day Law Firm Confirms Breach - Silent Ransom Group 09:48 Anthropic Project Glasswing: AI Finds Thousands of Zero-Days 13:42 GrafanaGhost: Data Theft via AI Prompt Injection 17:53 Missile Alert Phishing - Fake Civil Defence Emails Steal Microsoft Logins 22:49 BlueHammer: Windows Zero-Day Leaked on GitHub 26:55 White House Proposes $707M Cut to CISA 30:10 Phish of the Week: WhatsApp Meta Impersonation 35:34 Security Socials Subscribe to the newsletter: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/ Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196 TikTok: https://www.tiktok.com/@infosecantInstagram: https://www.instagram.com/riskycreative YouTube: https://www.youtube.com/@riskycreative Our Intro and Outro Song © 16 by Falling Forever Bandcamp: https://fallingforever.bandcamp.com/track/16 Licence: https://creativecommons.org/licenses/by/4.0/

    48 min
See All (90)

About

The Awareness Angle is a weekly cybersecurity podcast that makes cyber security make sense for everyday people. Every week, Ant and Luke break down the biggest cyber security news, including data breaches, phishing scams, AI fraud, and the sneaky ways people get hacked, in plain English with no jargon. But this isn’t just another tech podcast. We focus on the human side of cyber security. How scams actually work, why people fall for them, and what you can do to stay safer online. Whether you’re worried about identity theft, online fraud, or just want to understand what’s going on in the world of cyber security, you’ll get practical tips, real-world examples, and relatable stories every week. New episodes every week. Subscribe so you never miss one.

Information

You Might Also Like