Cybersecurity Headlines

NATO clears iPhones and iPads for classified work. A DoDoor backdoor is exploiting DNS over HTTPS and social engineering against US education and healthcare. Trend Micro warns of critical remote code execution flaws in Apex One. A botnet is hiding command infrastructure on the Polygon blockchain.

Google disrupted a major cybercrime group's cloud infrastructure after widespread intrusions. A healthcare portal breach exposed millions of personal and insurance records. A long‑running Cisco SD‑WAN flaw allowed attackers to add rogue peers and was exploited since 2023. Developers were targeted via malicious Next.js repos and cloud code vulnerabilities enabled remote code execution and API key theft.

Quick summaries of lightning-fast breakouts that let attackers move laterally in under 30 minutes. Coverage of alleged distillation attacks targeting a major AI model and defensive responses. Report on a DeFi platform halting operations after a multi-million dollar crypto theft. Short notes on fines, ransomware campaigns, and critical infrastructure defense.

A major U.S. healthcare breach exposed 140k records and payment data. Regulators urge limits on generative AI that creates realistic people. A Sandworm-style NPM worm is stealing developer secrets from the supply chain. Arrests and probes touch DDoS, malware, and airline data theft. The show questions whether compliance audits actually reduce risk.

Peter Gregory, cybersecurity author and analyst, and Montez Fitzpatrick, CISO with operational security experience, unpack breaking vulnerabilities and AI governance. They cover a Chrome zero-day patch, a Copilot mishap that exposed summaries of confidential mail, hard-coded credential exploits, identity-driven initial access, and AI code-scanning’s impact on security.

An AI-assisted info‑stealer experiment and signs of LLM involvement. A large-scale campaign brute forcing Fortinet management interfaces and rapid breaches. Intelligence assessments on Russia increasing hybrid cyber and sabotage operations. Attacks hitting semiconductor suppliers and new global malware campaigns delivering remote access tools.

Urgent patch orders for a critical Dell credential flaw and active exploitation. Android malware using Gemini to interpret UI and remotely control devices. Nearly half of cyberattacks traced back to browser activity, highlighting browsers as an attack vector. New phishing kit that relays live sites to bypass MFA and fingerprinting.

A Microsoft Copilot bug exposed summaries of confidential emails. ShinyHunters claims a massive CarGurus data theft. Texas sues TP-Link over alleged router security failures and foreign-linked vulnerabilities. Reports cover a critical Honeywell CCTV bypass and a hotel booking hack that charged one cent. Coverage also includes malware targeting protesters and a Dell zero-day enabling root access.

Stories about malware targeting anti‑government protest supporters and a preinstalled Android backdoor used for ad fraud. A UK campaign pushes small businesses to adopt basic cybersecurity protections. Reporting links forensic phone‑access tools to a high‑profile Kenyan politician's device. Pentagon supply‑chain concerns and identity abuse driving most intrusions are also covered.

Stolen Eurail traveler records are being offered for sale on the dark web, prompting password reset warnings. EU lawmakers have turned off built-in AI features amid cloud data and security concerns. A Tokyo-area hotel reports a ransomware disruption and police involvement. Emergency Chrome patches address an actively exploited zero-day vulnerability.