The Cybersecurity Defenders Podcast

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A high-profile phishing incident has resulted in the compromise of several widely-used JavaScript packages on npm, after a developer known as "Qix" inadvertently clicked a malicious link from a fake support email.Multiple undersea cable cuts in the Red Sea have led to degraded internet connectivity across the Middle East and South Asia, affecting key infrastructure and cloud services.North Korean-aligned threat actors operating under the Contagious Interview campaign have been systematically abusing cyber threat intelligence (CTI) platforms to monitor exposure of their own infrastructure and scout for new assets.Researchers from Ontinue have detailed a sophisticated phishing campaign leveraging the Salty2FA phishing kit - a framework that reflects how cybercriminal tooling is increasingly mimicking enterprise-grade software in terms of design, capability, and operational maturity.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Matt Bromiley, a security engineer and incident response veteran building agentic AI SOC solutions at Prophet Security. He talks about practical AI use in SOC workflows. He explains why AI is more than chatbots and why it cannot fully replace human analysts. He shares tactics like private LLMs, RAG and project-based context, modular subagents, and treating AI for handoff and recordkeeping.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The Salt Typhoon cyber campaign, attributed to Chinese state-backed hackers, has been declared a national defense crisis by the FBI and allied intelligence agencies.A group identifying itself as “Scattered LapSus Hunters” has posted a threat on Telegram demanding that Google terminate two of its employees.A newly discovered WhatsApp vulnerability, now tracked as CVE-2025-55177, has triggered urgent security advisories, particularly for iPhone users.More than 1,000 developers were compromised in just over four hours on August 26 during an unprecedented, AI-assisted software supply chain attack targeting the npm ecosystem.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel’s io_uring interface to operate undetected by standard endpoint detection and response (EDR) systems.A cyberattack on the Netherlands’ Openbaar Ministerie (OM), the Public Prosecution Service, has unexpectedly disrupted speed enforcement across the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community sit down with Jared Atkinson and dive into BloodHound.Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog at www.invoke-ir.com.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays

On this episode of the Cybersecurity Defenders Podcast we speak with Peter Ruta, Founder / CEO, Arcanna.ai.Peter is a Romanian-born entrepreneur and technology expert with over 13 years of experience in the industry. His interest in technology was sparked after following a military path, and he went on to secure key jobs in prominent tech companies such as Cisco. In 2015, Peter decided to pursue his passion for entrepreneurship and founded Siscale AI INC. He then went on to develop Arcanna AI, a product that leverages the latest advancements in artificial intelligence to deliver cutting-edge solutions to clients. Alongside his highly knowledgeable team, Peter has successfully grown Siscale AI into a thriving company with a strong reputation for innovation and excellence. Throughout his career, Peter has been recognized for his inquisitive, analytical mind and his ability to grasp complex situations quickly. He is known for his professionalism, results-oriented approach, and unwavering determination in the face of challenges. Peter is a natural leader who inspires his team to achieve their full potential and never loses sight of his goals.Learn more at https://www.arcanna.ai/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.• Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers.• AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys.• At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as part of their malware arsenal.• Microsoft has released an in-depth technical analysis of PipeMagic, a modular backdoor linked to ransomware operations carried out by Storm-2460, a financially motivated threat group associated with RansomEXX.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Ezra Woods, Security Engineer at Grand Canyon Education, shares insights on current attack trends and practical defensive strategies you can use to protect your environment with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/• A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel’s eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1• Microsoft’s Microsoft Active Protections Program, or MAPP, is designed to shorten the time between vulnerability discovery and patch deployment by giving trusted security vendors early access to vulnerability details. https://nattothoughts.substack.com/p/when-privileged-access-falls-into• US law enforcement, in coordination with multiple international partners, has taken action against the BlackSuit ransomware group — also known as Royal — resulting in the seizure of four servers, nine domains, and approximately $1 million in cryptocurrency. https://www.darkreading.com/vulnerabilities-threats/blacksuit-ransomware-infrastructure-law-enforcementSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Christopher Luft, Co-Founder and CCO of LimaCharlie, and Dr. Mike Saylor, CEO of Blackswan Cybersecurity, sat down with the Defender Fridays community for Black Hat week wrap up and a deep dive building secure environments for IR.Dr. Mike Saylor is an accomplished, outcome-driven and solution-focused business professional and entrepreneur with 30+ years of Consulting, IT Audit & Risk, Cyber Security & Incident Response experience. Uniquely qualified as a leader with a solid knowledge of operations, strategy and management, Dr. Mike has enjoyed repeated success guiding highly skilled, cross functional teams in areas of intelligence, security, technology, and audit & compliance. Dr. Mike is an experienced public speaker, writer, and researcher on topics of technology, security, and cybercrime. He stays current with changes in the industry through professional affiliations and continuing professional development. Learn more about Blackswan Cybersecurity at blackswan-cybersecurity.comOn Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at limacharlie.io/defender-fridays