You've Already Been Hacked

Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Quantum Ransomware Is Here. You're Not Ready Episode Number: 3x46 Overview Weekly roundup of the most critical cybersecurity developments from 2026-04-19 to 2026-04-23. Join Professor CyberRisk and Cyber Cowboy Live as they break down the stories that matter most. Guest Information None this episode Topics Covered * Main threat analysis and implications * Emerging AI security challenges * Vulnerability disclosures and patches * Threat landscape updates Top Stories 1. Hackers exploit file upload bug in Breeze Cache WordPress plugin - https://www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/ Additional Cybersecurity News – Titles and URLs 2. Cyera acquires Ryft to give enterprises traceable data access for AI agents - https://siliconangle.com/2026/04/23/cyera-acquires-ryft-give-enterprises-traceable-data-access-ai-agents/ 3. Bitwarden CLI is the next compromise in supply chain campaign - https://slashdot.org/submission/17346688/bitwarden-cli-is-the-next-compromise-in-supply-chain-campaign 4. In a first, a ransomware family is confirmed to be quantum-safe - https://slashdot.org/firehose.pl?op=view&id=181960188 5. Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet - https://www.wired.com/story/fast16-malware-stuxnet-precursor-iran-nuclear-attack/ Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts • Professor CyberRisk • Cyber Cowboy --- Live Cyber Maps Bitdefender Threat Map — https://threatmap.bitdefender.com/ Checkpoint Threat Map — https://threatmap.checkpoint.com/ Kaspersky Cyber Threat Map — https://cybermap.kaspersky.com/ Talos Intelligence (EBC Spam Map) — https://talosintelligence.com/ebc_spam --- Episode Information Title: NIST Pulls Back: CVE Enrichment Limits Shake the Industry Episode Number: 3x45 --- Overview This week, the cybersecurity world reacted to NIST’s decision to scale back automatic CVE enrichment after a massive surge in vulnerability submissions. We break down what this means for defenders, vendors, and anyone relying on the NVD for prioritization. We also cover major developments in AI infrastructure, government–AI relations, and the rapidly growing AI chip market. --- Guest Information None this episode --- Topics Covered • NIST’s new CVE enrichment limits • AI’s shifting role in government cybersecurity • Enterprise AI infrastructure consolidation • AI chip market expansion and IPO activity --- Top Stories 1. NIST Limits CVE Enrichment After 263% Surge in Submissions NIST is restricting automatic CVE enrichment due to overwhelming volume growth. Only CVEs tied to KEV, federal software, or EO 14028 critical software will be prioritized. Everything else risks being marked “Not Scheduled.” Source: https://it.slashdot.org/story/26/04/17/2127243/nist-limits-cve-enrichment-after-263-surge-in-vulnerability-submissions (it.slashdot.org in Bing) 2. Anthropic’s New Cybersecurity Model Reopens Doors in Washington After months of tension with the administration, Anthropic’s “Claude Mythos Preview” — a defensive cybersecurity model — appears to be improving relations with federal leadership. Source: https://www.theverge.com/ai-artificial-intelligence/914229/tides-turning-anthropic-trump-administration-cybersecurity-mythos-preview (theverge.com in Bing) 3. Dell & Nvidia Position AI Infrastructure as the New Enterprise Power Center A major partnership aims to unify Dell’s server ecosystem with Nvidia’s GPU dominance, creating a turnkey AI infrastructure stack for enterprises. Source: https://siliconangle.com/2026/04/17/dell-nvidia-push-ai-infrastructure-aifactoriesdatacenters/ (siliconangle.com in Bing) 4. Cerebras Systems Files for IPO Amid Explosive Growth AI chipmaker Cerebras is heading toward one of the largest tech IPOs in recent years after reporting massive revenue gains. Source: https://siliconangle.com/2026/04/17/ai-chip-developer-cerebras-systems-files-go-public-amid-rapid-revenue-growth/ (siliconangle.com in Bing) --- Additional Cybersecurity News – Titles and URLs • NIST Limits CVE Enrichment After 263% Surge In Vulnerability Submissions — https://it.slashdot.org/story/26/04/17/2127243/nist-limits-cve-enrichment-after-263-surge-in-vulnerability-submissions (it.slashdot.org in Bing) • Anthropic’s Cybersecurity Model May Repair Government Relations — https://www.theverge.com/ai-artificial-intelligence/914229/tides-turning-anthropic-trump-administration-cybersecurity-mythos-preview (theverge.com in Bing) • Dell & Nvidia Turn AI Infrastructure Into Enterprise Power Center — https://siliconangle.com/2026/04/17/dell-nvidia-push-ai-infrastructure-aifactoriesdatacenters/ (siliconangle.com in Bing) • Cerebras Systems Files for IPO Amid Rapid Growth — https://siliconangle.com/2026/04/17/ai-chip-developer-cerebras-systems-files-go-public-amid-rapid-revenue-growth/ (siliconangle.com in Bing) --- Resources & Links None this episode --- Call to Action • Subscribe: Stay updated on cybersecurity threats. • Leave a Review: Let us know what you think. • Join the Conversation: Follow our community and ask questions. --- Sponsor (if applicable) No sponsors this episode --- Podcast Socials & Website • Website: https://www.youvealreadybeenhacked.com • X: @professorcyberrisk • YouTube: https://www.youtube.com/@YABHPodcast • Discord — The Neural...

Hosts * Professor CyberRisk * Cyber Cowboy Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: LucidRook, Ransomware, and AI Fallout Episode Number: 344 Guest Information None this episode Topics Covered * Main threat analysis and implications * Emerging AI security challenges * Vulnerability disclosures and patches * Threat landscape updates Top Stories 1. New ‘LucidRook’ malware used in targeted attacks on NGOs, universities - https://www.bleepingcomputer.com/news/security/new-lucidrook-malware-used-in-targeted-attacks-on-ngos-universities/ Additional Cybersecurity News – Titles and URLs 2. Florida AG announces investigation into OpenAI over shooting that allegedly involved ChatGPT | TechCrunch - https://techcrunch.com/2026/04/09/florida-ag-investigation-openai-chatgpt-shooting/ 3. Healthcare IT solutions provider ChipSoft hit by ransomware attack - https://www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/ 4. After data breach, $10B valued startup Mercor is having a month | TechCrunch - https://techcrunch.com/2026/04/09/after-data-breach-10b-valued-startup-mercor-is-having-a-month/ 5. Barcelona complain to Uefa about VAR in Atletico loss - https://www.bbc.com/sport/football/articles/cr41dq4pywxo Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Hijacking the Machines: The New AI Attack Surface Episode Number: 3x43 Guest Information None this episode Topics Covered * Main threat analysis and implications * Emerging AI security challenges * Vulnerability disclosures and patches * Threat landscape updates Top Stories 1. Google Researchers Reveal Every Way Hackers Can Trap, Hijack AI Agents - https://decrypt.co/363201/google-researchers-reveal-every-way-hackers-can-trap-hijack-ai-agents Additional Cybersecurity News – Titles and URLs 2. Mercor, a $10 billion AI startup that works with companies including OpenAI and Anthropic, confirms major data breach - https://fortune.com/2026/04/02/mercor-ai-startup-security-incident-10-billion/ 3. The democratisation of business email compromise fraud - https://blog.talosintelligence.com/the-democratisation-of-business-email-compromise-fraud/ 4. Critical Cisco IMC auth bypass gives attackers Admin access - https://www.bleepingcomputer.com/news/security/critical-cisco-imc-auth-bypass-gives-attackers-admin-access/ 5. Maintaining cyber control when AI can act autonomously - https://www.techradar.com/pro/maintaining-cyber-control-when-ai-can-act-autonomously Resources & Links None this episode Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE ---

Hosts • Professor CyberRisk • Cyber Cowboy --- Live Cyber Maps • Bitdefender Threat Map — https://threatmap.bitdefender.com/ • Check Point Threat Map — https://threatmap.checkpoint.com/ • Kaspersky Cyber Threat Map — https://cybermap.kaspersky.com/ • Talos Intelligence Spam Map — https://talosintelligence.com/ebc_spam --- Episode Information Title: Vibe Coding’s Hidden Cost: AI‑Generated Code Is Creating Real CVEs Episode Number: March 27, 2026 --- Overview Security researchers at Georgia Tech have uncovered a disturbing trend: AI coding assistants are now directly responsible for at least 35 newly reported CVEs, each introduced by AI‑generated code. This marks a fundamental shift in software security — vulnerabilities are no longer just human mistakes or malicious injections, but systemic flaws created by the tools meant to accelerate development. This episode explores how AI‑generated vulnerabilities, leaked iPhone exploits, macOS malware using fake CAPTCHAs, human psychology at RSAC 2026, and a cyberattack on medical device manufacturer Stryker all point to the same conclusion: the threat landscape is evolving faster than traditional defenses can keep up. From the document: “At least 35 new Common Vulnerabilities and Exposures entries have been identified where the flaw was introduced specifically by AI-generated code.” --- Guest Information None this episode. --- Topics Covered • AI‑generated vulnerabilities and the rise of “vibe coding” • Leaked nation‑state iPhone exploits targeting older devices • Infiniti Stealer: macOS malware using ClickFix and fake CAPTCHAs • RSAC 2026: Why phishing still works on everyone • Stryker cyberattack and the fragility of healthcare manufacturing --- Top Stories 1. AI‑Generated Code Is Creating Real CVEs Georgia Tech researchers identify at least 35 CVEs introduced by AI coding tools. Link: https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/ 2. Leaked iPhone Exploits Leave Millions Exposed Nation‑grade spyware targeting older iOS versions is now in the wild. Link: https://techcrunch.com/2026/03/26/apple-made-strides-with-ios-26-security-but-leaked-hacking-tools-still-leave-millions-exposed-to-spyware-attacks/ 3. Infiniti Stealer Targets macOS Users A new infostealer uses fake CAPTCHA pages and ClickFix to trick users into running malicious commands. Link: https://www.malwarebytes.com/blog/threat-intel/2026/03/infiniti-stealer-a-new-macos-infostealer-using-clickfix-and-python-nuitka 4. RSAC 2026: Phishing Still Works Because of Human Psychology Researchers show that cognitive biases—not weak passwords—drive phishing success. Link: https://uk.pcmag.com/security/164040/rsac-2026-the-surprising-reason-phishing-still-works-on-everyone 5. Stryker Recovers After Major Cyberattack A cyberattack disrupts medical device manufacturing, highlighting cyber‑physical risk. Link: https://www.channelnewsasia.com/business/stryker-says-manufacturing-mostly-restored-after-cyberattack-6019376 --- Additional Cybersecurity News – Titles and URLs None beyond the top stories this episode. --- Resources & Links None this episode. --- Call to Action • Subscribe: Stay updated on cybersecurity threats. • Leave a Review: Tell us what you think. • Join the Conversation: Follow our community and ask questions. --- Sponsor (if applicable) No sponsors this episode. --- Podcast Socials & Website • Website: https://www.youvealreadybeenhacked.com • X: @professorcyberrisk • YouTube: https://www.youtube.com/@YABHPodcast • Discord – The Neural Network: https://discord.gg/cz3xdsrqAE

Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Iran-Linked Hack Shuts Down Stryker Medical - AI Risks, 1B Record Leak & New Cyber Strategy Episode Number: XxX (to be filled in) Overview This week's episode covers the devastating Iran-linked ransomware attack that shut down Stryker's global medical device infrastructure, China's CERT warning about OpenClaw security risks, a massive 1 billion record identity leak across 26 countries, the White House's new AI-first cyber defense strategy, and Anthropic's new institute for AI risk research. Guest Information None this episode Topics Covered * Destructive ransomware attacks on critical healthcare infrastructure * Security risks of autonomous agentic AI systems * Massive data breaches and cloud security hygiene * U.S. National Cyber Strategy 2026 and AI-driven defense * Industry initiatives for AI safety and risk research Top Stories 1. Stryker Suffers Global Outage After Iran-Linked Hack - https://www.nbcnews.com/world/iran/iran-appears-conducted-significant-cyberattack-us-company-first-war-st-rcna263084 Additional Cybersecurity News – Titles and URLs 2. China's CERT Warns About OpenClaw's Security Risks - https://www.theregister.com/2026/03/12/china_cert_openclaw_security_warning/ 3. One-Billion-Record Identity Leak Exposed Across 26 Countries - https://www.breitbart.com/politics/2026/03/11/one-billion-identity-records-26-countries-exposed-data-leak/ 4. U.S. National Cyber Strategy 2026: AI-First Cyber Defense - https://www.elastic.co/blog/cyber-strategy-for-america 5. Anthropic Launches Institute to Study AI Risks - https://siliconangle.com/2026/03/11/anthropic-launches-anthropic-institute-tackle-ai-risks/ Resources & Links * Medical device firmware audit: Verify OTA update mechanisms enforce signed binaries * Cloud security review: Ensure all storage containers are private and encrypted * AI governance compliance: Adopt transparent model-audit trails and bias mitigation * Zero-Trust 4.0: Re-architect networks for continuous verification Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

Hosts * Professor CyberRisk * Cyber Cowboy Live Cyber Maps (Live Threat Visualization) * Bitdefender Threat Map: https://threatmap.bitdefender.com/ * Checkpoint Threat Map: https://threatmap.checkpoint.com/ * Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ * Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: Zero-Day Apocalypse: Google's Warning Episode Number: 3x40 Overview This week brings a perfect storm of zero-day exploits targeting enterprise systems. Professor CyberRisk and Cyber Cowboy Live break down Google Threat Intelligence's alarming report, plus four other stories that demand your attention. From iOS crypto scams to China-linked APTs, we cover what matters most. Guest Information None this episode - deep dive analysis from the hosts Topics Covered * Zero-day exploit surge targeting enterprise infrastructure * Nation-state actor activity and supply chain implications * Mobile security threats: iOS crypto scams * Zero Trust architecture implementations * 90 zero-days exploited in a single year - the new normal? Top Stories 1. Google Threat Intelligence warns enterprise systems increasingly targeted by zero-day attacks https://siliconangle.com/2026/03/05/google-threat-intelligence-group-warns-enterprise-systems-increasingly-targeted-by-zero-day-exploits/ Additional Cybersecurity News – Titles and URLs 2. Google says spyware makers and China-linked groups dominated zero-day attacks last year - https://www.theregister.com/2026/03/05/zero_day_attacks_enterprise_tech_record/ 3. Google says 90 zero-days were exploited in attacks last year - https://www.bleepingcomputer.com/news/security/google-says-90-zero-days-were-exploited-in-attacks-last-year/ 4. iPhone Users Warned: Crypto Scams Can Trigger 'Coruna' iOS Exploits - https://www.newsbtc.com/news/iphone-users-warned-crypto-scams-can-trigger-coruna-ios-exploits/ 5. ThreatLocker launches Zero Trust network and cloud access to stop credential-based cyberattacks - https://www.globenewswire.com/news-release/2026/03/05/3250529/0/en/ThreatLocker-launches-Zero-Trust-network-and-cloud-access-to-stop-credential-based-cyberattacks.html Resources & Links * NIST Zero Trust Architecture: https://csrc.nist.gov/publications/detail/sp/800-207/final * Google Threat Intelligence Report: See top story link above * CVE Database: https://cve.mitre.org/ Call to Action * Subscribe: Stay updated on cybersecurity threats. * Leave a Review: Let us know what you think. * Join the Conversation: Follow our community and ask questions. Sponsor (if applicable) No sponsors this episode Podcast Socials & Website * Website: https://www.youvealreadybeenhacked.com * X: @professorcyberrisk * YouTube: https://www.youtube.com/@YABHPodcast * Discord/Community Forum: https://discord.gg/cz3xdsrqAE

**“Your Pre‑Paid Card & Smart Home Are at Risk”** --- ### Hosts - **Professor CyberRisk** - **Cyber Cowboy** --- ### Episode Information **Episode Number:** 339 **Overview:** In this episode we dive deep into a sudden surge of fraud on Yes Bank’s forex‑card, unpack the looming Australian IoT security law, explore how AI is turning honeypots into high‑yield threat‑intel labs, and look at the U.S. diplomatic push against global data‑sovereignty rules. We’ll give you the practical steps to safeguard your cards, devices, and data in 2026. --- ### Guest Information *No special guests this episode – the hosts tackle the stories directly.* --- ### Topics Covered | Topic | Key Take‑aways | |-------|----------------| | **Yes Bank Card Fraud Surge** | 15 Latin‑American merchants flagged; 2‑FA enforcement; bank’s new safeguards. | | **Messaging‑Security Market Growth** | $36.82 B by 2033; AI‑driven detection; enterprise messaging as a target. | | **Australia’s IoT Security Mandate** | Mandatory secure boot, encryption at rest, OTA updates; “security rating” system. | | **AI‑Assisted Honeypots** | Deploy low‑interaction honeypots; use ML for triage; legal/ethical best practices. | | **U.S. Diplomats vs. Data‑Sovereignty** | Pushback on global data regulations; implications for AI, national security, and business compliance. | --- ### Top Story **Yes Bank Ramps Up Security After Sudden Surge in Forex‑Card Fraud** *Source: [Economictimes.indiatimes.com](https://economictimes.indiatimes.com/industry/banking/finance/banking/yes-bank-tightens-safeguards-after-spike-in-forex-card-transaction-declines/articleshow/128801679.cms)* --- ### Additional Cybersecurity News – Titles and URLs 1. **“Phishing & Ransomware Drive Messaging Security Market Surge”** – [Globenewswire.com](https://www.globenewswire.com/news-release/2026/02/26/3245179/0/en/Messaging-Security-Market-to-Surpass-USD-36-82-Billion-by-2033-Driven-by-Escalating-Phishing-and-Ransomware-Threats-SNS-Insider.html) 2. **“Australia Mandates Minimum Security Standards for Consumer Smart Devices”** – [Itnews.com.au](https://www.itnews.com.au/feature/security-for-smart-devices-time-to-step-forward-because-theres-nowhere-to-hide-623882) 3. **“Lessons Learned Running a Honeypot with AI Assistance”** – [ISC.SANS.edu](https://isc.sans.edu/diary/32744) 4. **“US Diplomatic Push Against Global Data‑Sovereignty Regulations”** – [Economictimes.indiatimes.com](https://economictimes.indiatimes.com/tech/technology/us-orders-diplomats-to-fight-data-sovereignty-initiatives/articleshow/128800080.cms) --- ### Resources & Links | Resource | Link | |----------|------| | Live Cyber Threat Map – Bitdefender | | Live Cyber Threat Map – Checkpoint | | Live Cyber Threat Map – Kaspersky | | Talos Intelligence – ebc_spam Map | | Podcast Website | | X (Twitter) | @professorcyberrisk | | YouTube | | Discord / Community Forum | https://discord.gg/cz3xdsrqAE --- ### Call to Action - **Subscribe** – Stay updated on the latest cybersecurity threats. - **Leave a Review** – Tell us what you think so we can improve. - **Join the Conversation** – Follow us on X, YouTube, and Discord to ask questions and share insights. --- ### Sponsor *None this episode.*

**What’s in this episode?** - **Top Story** – How generative AI is letting attackers spin up polymorphic ransomware in minutes. - **Support Stories** – New funding for AI‑driven vulnerability remediation, agentic chip design, a Def Con attendance shake‑up, and a Smashing Security podcast on internet sovereignty. - **Live Threat Maps** – See the world’s cyber threat landscape in real time. --- ## 🌐 Live Cyber Threat Maps - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence ebc_spam Map** – https://talosintelligence.com/ebc_spam --- ## 🔥 Top Story – AI‑Accelerated Malware **Title:** *AI‑Accelerated Malware: Hackers are Building More Sophisticated Threats in Half the Time* **Summary:** TechRadar shows that generative AI is slashing malware development time from days to minutes. Attackers can now produce polymorphic ransomware, encrypted payloads, key‑loggers, and fast exfiltration modules that bypass both signature and behavioral detection. The speed‑up gives attackers a 10× advantage over traditional development cycles. **Why it Matters:** - Speed & Scale - Complexity & Evasion - Skill Gap **What to Do:** 1. Adopt AI‑driven threat intel. 2. Implement behavior‑based monitoring. 3. Update incident‑response playbooks. 4. Train analysts on AI‑evolved threats. **Link:** https://www.techradar.com/pro/security/ai-is-helping-hackers-make-new-malware-faster-and-more-complex-than-ever-and-things-may-only-get-tougher --- ## 💡 Additional Cybersecurity News | # | Title | Why it Matters | Link | |---|-------|----------------|------| | 1 | *Cogent Security Raises $42M to Scale AI Agents for Enterprise Vulnerability Remediation* | Automation at scale, faster patching, reduced human error | https://siliconangle.com/2026/02/18/cogent-security-raises-42m-scale-ai-agents-enterprise-vulnerability-remediation | | 2 | *ChipAgents Secures $50M to Accelerate Agentic Chip Design* | Hardware‑level security, faster time‑to‑market, design automation | https://siliconangle.com/2026/02/18/chipagents-secures-50m-funding-accelerate-agentic-chip-design | | 3 | *Def Con Bans Three Attendees Linked to Jeffrey Epstein* | Reputation risk, event security, industry precedent | https://techcrunch.com/2026/02/18/hacking-conference-def-con-bans-three-people-linked-to-epstein/ | | 4 | *Smashing Security Podcast #455: Face Off – Meta’s Glasses & America’s Internet Kill Switch* | Policy debate, technical feasibility, cyber‑law implications | https://grahamcluley.com/smashing-security-podcast-455/ | --- ## 📣 Call to Action - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Tell us what you think – it helps the community grow. - **Join the Conversation**: Follow our community and ask questions. --- ## 🎙️ Sponsor **No sponsors this episode** --- ## 📲 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (formerly Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

## Episode Information **Episode Number:** XxX **Hosts:** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps:** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Live Cyber threat map (Checkpoint)** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – ebc_spam Map** – https://talosintelligence.com/ebc_spam **Overview** In this episode we unpack Microsoft’s blockbuster patch that closes the one‑click attack vector, dig into CertiK’s fresh transparency play after the Huione fallout, and discuss how geolocation services are becoming an adversarial attack surface. We also explore how CISOs can balance AI innovation with risk and how Red Hat is reshaping vulnerability management with vendor‑centric pipelines. **Guest Information** None this episode. **Topics Covered** 1. Microsoft’s one‑click exploit patch – what it fixes and why it matters. 2. CertiK’s rebuild‑trust strategy post‑Huione backlash. 3. Geofeed manipulation – why it’s a real threat and how to guard against it. 4. AI in security: governance, bias, adversarial attacks, and human‑in‑the‑loop. 5. Red Hat’s collaborative vulnerability‑management blueprint and its impact on MTTR. **Top Stories** - **Microsoft Fixes Bugs Behind One‑Click Attacks** – [PYMNTS](https://www.pymnts.com/cybersecurity/2026/microsoft-fixes-bugs-behind-one-click-attacks/) **Additional Cybersecurity News – Titles and URLs** - **CertiK Rebuilds Trust After Huione‑Related Backlash** – [CoinDesk](https://www.coindesk.com/business/2026/02/11/how-certik-rebuilt-trust-as-it-prepares-itself-for-an-ipo) - **Geofeeds Are Adversarial – A Call for Better IP Geolocation Integrity** – [NANOG Mailing List](https://seclists.org/nanog/2026/Feb/59) - **Balancing AI Innovation and Security Risk – A CISO’s Playbook** – [TechTarget](https://www.techtarget.com/searchsecurity/feature/How-CISOs-can-balance-AI-innovation-and-security-risk) - **Elevate Your Vulnerability Management Strategy – Red Hat’s Blueprint** – [Red Hat Blog](https://www.redhat.com/en/blog/elevate-your-vulnerability-management-strategy-red-hat) **Resources & Links** *(All links listed above)* --- ## Call to Action - **Subscribe:** Stay updated on the latest cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## Sponsor (if applicable) No sponsors this episode. --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **Twitter/X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum (copyable raw link):** https://discord.gg/cz3xdsrqAE ---

## 📺 Episode Information **Title:** Episode Number: **336** *(to be filled in)* ### Overview Today’s episode dives into a high‑impact, zero‑day campaign that hijacks web traffic by rewriting NGINX configurations with the React2Shell web shell. We break down the technical mechanics, the broader threat landscape, and actionable defense strategies. In addition, we cover the latest high‑profile data breach, economic fallout from online fraud in Malaysia, the NFL’s cyber‑defense playbook for Super Bowl 2026, and a new MSSP partnership in Singapore. --- ## 🔧 Topics Covered 1. **NGINX Traffic Hijack via React2Shell** – The top story, detailing the attack vector, stealth, and mass‑scale risk. 2. **Canada Computers & Electronics Data Breach** – 1,300 customers impacted; payment data exposure. 3. **Malaysia’s RM8 Billion Online Fraud Losses** – Economic toll and mitigation tactics. 4. **NFL Super Bowl 2026 Cyber‑Defense Playbook** – Edge security, AI monitoring, and event‑level protection. 5. **Acronis & Insightz MSSP Partnership** – Managed security services expansion in Singapore. --- ## 🛡️ Top Story – “Hackers Hijack Web Traffic via Compromised NGINX & Baota Panels Using React2Shell” **Summary** Researchers uncovered a campaign that uses the open‑source shell **React2Shell** to compromise NGINX servers and Baota control panels. Attackers rewrite NGINX’s configuration to forward all inbound traffic through malicious proxy servers, enabling eavesdropping, malware injection, or phishing redirection while keeping the original server’s IP intact. **Cited Link** [The Hacker News – Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers](https://thehackernews.com/2026/02/hackers-exploit-react2shell-to-hijack.html) --- ## 📢 Additional Cybersecurity News | Title | URL | |-------|-----| | *Canada Computers & Electronics Under Investigation After Data Breach Hits 1,300 Customers* | https://www.cbc.ca/news/business/canada-computers-data-breach-scope-9.7074605 | | *Malaysia Records RM8 Billion Losses From Online Fraud Since 2020* | https://www.thestar.com.my/news/nation/2026/02/05/almost-rm8bil-lost-to-online-fraud-since-2020-dewan-rakyat-told | | *Super Bowl 2026: NFL Deploys Cybersecurity Squad, Advanced Routers, & Data Centers* | https://www.pymnts.com/cybersecurity/2026/super-bowl-lineup-includes-cybersecurity-squad-wireless-routers-and-data-centers/ | | *Acronis Welcomes Insightz Technology as Singapore’s First MSSP Partner* | https://www.globenewswire.com/news-release/2026/02/05/3232606/0/en/Acronis-Welcomes-Insightz-Technology-as-First-MSSP-Partner-in-Singapore.html | --- - ## 📣 Call to Action - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Let us know what you think – it helps the podcast grow. - **Join the Conversation**: Follow our community, ask questions, and share insights. --- ## 🏷️ Sponsor No sponsors this episode --- ## 🌐 Podcast Socials & Website - **Website**: https://www.youvealreadybeenhacked.com - **X (Twitter)**: @professorcyberrisk - **YouTube**: https://www.youtube.com/@YABHPodcast - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

**Hosts** - Professor CyberRisk - Cyber Cowboy - Live Cyber Maps Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Live Cyber threat map (Checkpoint): https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information** - **Title:** *Zero‑Day Chaos & Firmware Secrets: Cisco RCE Alert + UEFI Parser* - **Episode Number:** 3x35 - **Overview:** In today’s episode we dive deep into a critically‑exploited Cisco zero‑day that’s been wreaking havoc across Unified Communications and Webex environments. We then turn our attention to a groundbreaking open‑source UEFI parser that’s exposing hidden firmware vulnerabilities, followed by a real‑world watering‑hole attack targeting EmEditor users and an EU telecom supply‑chain purge that could reshape vendor relationships. - **Guest Information:** *None – this is an all‑host episode.* - **Topics Covered:** 1. Cisco Zero‑Day CVE‑2026‑20045 (UC & Webex RCE) 2. UEFI Parser – Open‑Source Firmware Vulnerability Discovery 3. EmEditor Watering‑Hole Malware Campaign 4. EU Telecom Supplier Ban Proposal 5. Luxshare Precision Ransomware Incident & Supply‑Chain Implications - **Top Stories:** - **Cisco Zero‑Day CVE‑2026‑20045** – *Cisco Releases Emergency Patch for Actively Exploited RCE*: https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html - **Breaking UEFI Secrets – New Open‑Source Parser** – *CERT/CC Launches UEFI Parser Tool*: https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/ - **Watering Hole Targets EmEditor** – *TrendMicro Uncovers Multi‑Stage Malware*: https://www.trendmicro.com/en_us/research/26/a/watering-hole-attack-targets-emeditor-users.html - **EU Targets High‑Risk Foreign Telecom Suppliers** – *Proposal to Ban Third‑Country Companies from EU Mobile Networks*: https://www.spacewar.com/reports/Eyeing_China_EU_moves_to_ban_high-risk_foreign_suppliers_from_telecoms_networks_999.html - **Luxshare Under Attack – Ransomware Claims Apple & Nvidia Data** – *China‑Based Manufacturer Breach*: https://www.digitimes.com/news/a20260122PD226/luxshare-security-electronics-manufacturing-nvidia-apple.html - **Additional Cybersecurity News – Titles and URLs:** (All links above) - **Resources & Links:** *None this episode* **Call to Action** - **Subscribe:** Stay updated on the latest cybersecurity threats – hit that subscribe button! - **Leave a Review:** Tell us what you think – reviews help us improve and grow the community. - **Join the Conversation:** Follow our community and ask questions on Discord. **Sponsor** - No sponsors this episode **Podcast Socials & Website** - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title** 🚨 Copilot Leak Exposed: Reprompt Attack & 4 More AI‑Driven Threats 🚨 **Episode Number** 3x34 --- ### Episode Information **Overview** In this episode, Professor CyberRisk and Cyber Cowboy dive into the latest “Reprompt” back‑door that lets attackers steal data from Microsoft Copilot. We unpack how the exploit works, why it matters for every business using AI, and the broader implications for AI security. Plus, we spotlight four critical vulnerabilities—from FortiSIEM RCE to AI‑voice cloning—and explore how to protect your organization. **Guest Information** None (all insights delivered by our hosts). **Topics Covered** - The “Reprompt” attack on Microsoft Copilot - Immediate mitigations and patch status - FortiSIEM CVE‑2025‑64155 RCE proof‑of‑concept - AI‑voice cloning, Wi‑Fi kill‑switch, PLC vulnerabilities (ThreatsDay bulletin) - Nozomi Networks Vantage IQ: private AI assistant for OT & IoT - CISO Global & TeleDental’s CyberSimple for dental clinics --- ### Top Stories - **“Reprompt” Attack Lets Microsoft Copilot Leak Sensitive Data** – ### Additional Cybersecurity News | Title | URL | |-------|-----| | PoC Exploit Released for Critical FortiSIEM Vulnerability (CVE‑2025‑64155) | | ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi‑Fi Kill Switch, PLC Vulnerabilities & More | | Nozomi Networks Unveils Vantage IQ—A Private AI Assistant for OT & IoT Security | | CISO Global Partners with TeleDental to Protect Dental Clinics Using CyberSimple Powered by CHECKLIGHT | --- ### Resources & Links - **Live Cyber Maps** - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Live Cyber Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spam --- ### Call to Action - **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- ### Sponsor No sponsors this episode. --- ### Podcast Socials & Website - Website: https://www.youvealreadybeenhacked.com - X (Twitter): @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE ---

**🎙️ Episode Information** **Title:** **Office Glitches to Capitol Spies: Threats + AI Health Warning** **Episode Number:**3x33** **Overview:** Professor CyberRisk and Cyber Cowboy dive into today’s headline‑shattering **Top Story**: CISA’s newly‑KEVed Microsoft Office and HPE OneView flaws that are already being weaponised in the wild. He then walks listeners through four high‑impact support stories that showcase the breadth of today’s threat landscape—from political espionage to credential‑stuffing in online casinos, to the new risks introduced by OpenAI’s medical‑AI feature, and Red Hat’s secure‑AI deployment blueprint. --- **Guest Information** *No guest this episode.* --- **Topics Covered** | # | Topic | |---|-------| | 1 | CISA Flags Microsoft Office CVE‑2026‑xxxx & HPE OneView CVE‑2026‑yyyy as “Actively Exploited” | | 2 | China Hacks U.S. Congressional Committee Email – Salt Typhoon Espionage | | 3 | Credential‑Stuffing Surge Hits Online Casino Platforms | | 4 | OpenAI Announces ChatGPT Health – AI Meets Medical Advice, but With New Security Risks | | 5 | Red Hat Unveils Secure AI Deployment Architecture – Blueprint for Protecting AI‑Driven Systems | --- **Top Story** **CISA Flags Microsoft Office & HPE OneView Flaws as “Actively Exploited” – Your Systems Are on the Hook** *Summary & Why It Matters* – see show notes above. *What You Can/Should Be Doing* – 1) Patch immediately, 2) Verify integrity, 3) Enable MFA & least‑privilege, 4) Deploy advanced threat protection, 5) Update incident playbooks. --- **Additional Cybersecurity News – Titles & URLs** | # | Title | URL | |---|-------|-----| | 1 | China Hacks U.S. Congressional Committee Email – Salt Typhoon Espionage | https://cryptobriefing.com/china-hacks-us-congressional-email-systems-salt-typhoon-espionage-ft/ | | 2 | Credential‑Stuffing Surge Hits Online Casino Platforms – The Jackpot of Data Breach | https://www.hoover.org/research/cybersecurity-experts-report-surge-credential-stuffing-attacks-targeting-online-casino | | 3 | OpenAI Announces ChatGPT Health – AI Meets Medical Advice, but With New Security Risks | https://siliconangle.com/2026/01/07/openai-introduces-chatgpt-health-answer-users-medical-questions/ | | 4 | Red Hat Unveils Secure AI Deployment Architecture – A Blueprint for Protecting AI‑Driven Systems | https://www.redhat.com/en/blog/navigating-secure-ai-deployment-architecture-enhancing-ai-system-security-and-safety | --- **Resources & Links** | Resource | URL | |----------|-----| | Bitdefender Live Cyber Threat Map | https://threatmap.bitdefender.com/ | | Check Point Live Cyber Threat Map | https://threatmap.checkpoint.com/ | | Kaspersky Cyber Threat Map | https://cybermap.kaspersky.com/ | | Talos Intelligence – ebc_spam Map | https://talosintelligence.com/ebc_spam | | CISA KEV Catalog (Office & HPE OneView) | https://www.cisa.gov/keV | | Microsoft Office Security Updates | https://support.microsoft.com/en-us/topic/office-security-update | | HPE OneView Security Patch (2026‑02) | https://support.hpe.com/hpsc/doc/public/display?docId=0000000000060197 | --- **Call to Action** - **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- **Sponsor (if applicable)** *No sponsors this episode.* --- **Podcast Socials & Website** - **Website**: https://www.youvealreadybeenhacked.com - **X**: @professorcyberrisk - **YouTube**: https://www.youtube.com/@YABHPodcast - **Discord / Community Forum**: https://discord.gg/cz3xdsrqAE *(copy‑and‑paste link)* ---

**Title:** 🔥 AI’s Dark Side Exposed: OpenAI Warns of “High‑Risk” Models & New Cyber‑Attack Tactics! 🔥 --- ## Episode Information **Episode Number:**3x32 **Overview:** In this episode we break down OpenAI’s chilling warning that its next‑gen models are entering a “high” cybersecurity risk zone, and explore how the same AI tech is being weaponized in real‑world attacks—from insider‑facilitated Russian cyberops to ad‑driven macOS infostealers and deceptive cloud services. We’ll also look at Genetec’s latest report on AI‑driven physical security and what that means for the convergence of cyber & physical defenses. **Guest Information:** None this episode – it’s a deep‑dive into current headlines. **Topics Covered:** - OpenAI’s “high‑risk” model alert and defensive AI initiatives - Insider‑facilitated Russian cyberattacks (Ukrainian woman indictment) - Ad‑based phishing via ChatGPT & Grok leading to macOS infostealer - False claims of cloud compliance by former Accenture employee - Genetec’s 2026 State of Physical Security report & AI adoption surge - Practical steps for incident response, AI detection, vendor vetting & training **Top Stories:** | # | Title | Source URL | |---|-------|------------| | 1 | OpenAI Signals “High” Cybersecurity Risk with Next‑Gen Models | | | 2 | Ukrainian Woman Charged for Facilitating Russian‑Backed Cyberattacks | | | 3 | Google Ads Drive macOS Infostealer Malware via ChatGPT & Grok Guides | | | 4 | Former Accenture Employee Charged with Misleading the Government on Cloud Security | | | 5 | Genetec Releases 2026 State of Physical Security Report – AI Adoption Doubles | | **Additional Cybersecurity News – Titles & URLs** - **Bitdefender Threat Map** – - **Checkpoint Live Cyber Threat Map** – - **Kaspersky Cyber Threat Map** – - **Talos Intelligence – EBC Spam Map** – **Resources & Links** (See “Additional Cybersecurity News” above for threat‑map links; no other resources listed.) **Sponsor** None this episode **Call to Action** - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Tell us what you think about the episode. - **Join the Conversation**: Follow our community and ask questions. **Podcast Socials & Website** - **Website**: - **Twitter**: @professorcyberrisk - **YouTube**: - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

### 🔢 Episode Information |-------|-------| | **Title** | Supply‑Chain Siege: Fake NPM Packages + the New AI Threat Landscape | | **Episode Number** | 3x31 | | **Hosts** | Professor CyberRisk & Cyber Cowboy | | **Guests** | None this episode | --- ### 👀 Overview Attackers keep evolving their tactics, and defenders can stay one step ahead by tightening supply‑chain hygiene. In this episode we dive into: 1️⃣ The latest npm registry breach – 46,000 counterfeit packages flooding the ecosystem. 2️⃣ Four support stories that show how policy, data protection, visibility, and AI infrastructure are all part of the same threat matrix. --- ### 🗣️ Topics Covered - **npm Supply‑Chain Attack** – How a worm‑like spam operation can compromise millions of projects. - **Policy & Vendor Risk** – EU’s ban on Huawei/ZTE as a real‑world example of hardware risk management. - **Data Resilience** – IBM Safeguarded Copy and immutable snapshots for ransomware protection. - **Visibility & Detection** – ThreatBook NDR’s top marks in Gartner Peer Insights™ 2025. - **AI Infrastructure Hardening** – Microsoft’s Atlanta AI “Super Factory” and what it means for zero‑trust architecture. --- | Title | URL | |-------|-----| | **Bitdefender Threat Map** | https://threatmap.bitdefender.com/ | | **Checkpoint Live Cyber Threat Map** | https://threatmap.checkpoint.com/ | | **Kaspersky Cyber Threat Map** | https://cybermap.kaspersky.com/ | | **Talos Intelligence – ebc_spam Map** | https://talosintelligence.com/ebc_spam | --- ### 📚 Resources & Links - **npm audit guide:** https://docs.npmjs.com/cli/npm-audit - **Snyk dependency‑monitoring:** https://snyk.io/ - **IBM Safeguarded Copy whitepaper** – (link provided in episode) - **ThreatBook NDR product page** – https://threatbook.ai/nrd --- ### 🚀 Call to Action 1. **Subscribe**: Stay updated on the latest cybersecurity threats. 2. **Leave a Review**: Let us know what you think. 3. **Join the Conversation**: Follow our community and ask questions. --- ### 🎙 Sponsor (if applicable) > No sponsors this episode --- ### 📲 Podcast Socials & Website | Platform | Link | |----------|------| | **Website** | https://www.youvealreadybeenhacked.com | | **X** | @professorcyberrisk | | **YouTube** | https://www.youtube.com/@YABHPodcast | | **Discord/Community Forum** | https://discord.gg/cz3xdsrqAE

## 🎙 Episode Information | Item | Details | | **Episode Number** | 3x30 | | **Overview** | In today’s episode we dive into the newest AI‑powered defenses from industry giants Fortinet, SentinelOne and CrowdStrike – a game‑changer for any organization running machine‑learning workloads. We’ll unpack why protecting the *intelligence* itself is now mandatory, walk through practical steps you can take right away, and bring in four supporting stories that broaden the conversation to honeypots, password hygiene, IoT hardening and critical infrastructure security. | | Host | Professor CyberRisk – a veteran researcher in AI security and cyber‑threat intelligence | | **Topics Covered** | • AI‑driven security features from Fortinet, SentinelOne & CrowdStrike • Correlating malware with honeypot logs via PowerShell • Password hygiene lessons from the Louvre breach • The TP‑Link router debate and hardening steps • Norway’s new safeguards for electric buses (critical infra) | ## 🎙 Wrap‑Up These stories collectively underscore that defending AI workloads is no longer an optional enhancement—it’s a necessity. Combine this with robust password hygiene, hardened IoT devices, and secured critical infrastructure to create a resilient security posture. Feel free to weave in your own anecdotes or audience questions—these notes are just the skeleton for an engaging episode! --- ## 🎧 Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## 📣 Sponsor **No sponsors this episode** --- ## 🖥 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title** 🚨 Spy Drones & AI Wars: 2025’s Cyber Battleground – Why Your Company Needs to Listen --- ### Episode Information - **Episode Number:** 329 --- #### Overview In this episode we break down the most alarming cyber‑espionage trends of 2025: from North Korean Lazarus drones to AI‑firewalls and legal battles over data scraping. We’ll explain why these stories matter for you—and give you concrete steps you can take today. #### Hosts - Professor CyberRisk - Cyber Cowboy --- ### Topics Covered | # | Topic | |---|-------| | 1 | Lazarus drone campaign (Operation DreamJob) – what it means for European UAV makers | | 2 | Taiwan’s hardware & semiconductor sector under siege – supply‑chain hardening tips | | 3 | Maxis AI‑powered firewall rollout in Malaysia – lessons on communication‑layer security | | 4 | Reddit suing data‑scrapers – implications for AI training and privacy | | 5 | Gartner 2026 tech forecast – AI, connectivity & emerging risks | --- ## Additional Cybersecurity News – Titles and URLs | Title | URL | |-------|-----| | “North Korean Lazarus Group Targets UAV Sector in Europe” | https://www.globenewswire.com/news-release/2025/10/23/3171642/0/en/North-Korean-Lazarus-group-targets-the-drone-sector-in-Europe-likely-for-espionage-ESET-Research-discovers.html | | “Taiwan’s Hardware & Semiconductor Sectors Remain Top Cyber‑Attack Targets” | https://www.digitimes.com/news/a20251023PD206/check-point-cybersecurity-data-hardware-taiwan.html | | “Maxis Deploys AI‑Powered Firewall to Block Malicious SMS & Voice Calls in Malaysia” | https://soyacincau.com/2025/10/23/maxis-globe-teleservices-ai-firewall-message-voice-security/ | | “Reddit Suing Data‑Scraping Firms Over Unauthorized Use of Its Content for AI Training” | https://siliconangle.com/2025/10/22/reddit-suing-perplexity-ai-data-scraping-firms-using-data-without-permission/ | | “Gartner Forecasts 2026 Tech Trends – AI, Connectivity, and Emerging Risks” | https://www.helpnetsecurity.com/2025/10/23/gartner-2026-technology-trends | --- ## Resources & Links *None this episode.* --- ## Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor No sponsors this episode. --- #### Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title:** 🚨 “Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked” --- ### **Hosts** - **Professor CyberRisk** ### **Live Cyber Maps** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – EBC Spam Map** – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** *Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked* **Episode Number:** 3x28 ### Overview In this episode we unpack a nation‑state supply‑chain attack that exposed the source code of F5’s BIG‑IP platform, explore the weaponization of public infrastructure at Canadian and U.S. airports, and dive into the new AI security best‑practices IBM presented at TechXchange 2025. We also cover alarming firmware flaws in popular motherboards and Meta’s new partnership with Arm for energy‑efficient AI GPUs. ### Guest Information - **Professor CyberRisk** – Security strategist and researcher. - **Cyber Cowboy** – Field operations expert in incident response. ### Topics Covered 1. Nation‑state breach of F5 BIG‑IP source code 2. IoT exploitation in airport public‑announcement systems 3. Secure AI pipelines: IBM’s takeaways from TechXchange 2025 4. Firmware vulnerabilities in mainstream motherboards 5. Meta + Arm partnership and the security implications of next‑gen AI GPUs 6. Practical steps: patching, zero‑trust, and incident‑response readiness --- ## Top Stories ### 1. Nation‑State Threat Cracks F5’s BIG‑IP Source Code - **Summary:** F5 disclosed that a sophisticated nation‑state actor accessed its internal systems, exfiltrated portions of BIG‑IP source code, and is now forcing emergency patches for all customers. - **Why it Matters:** The BIG‑IP platform sits in millions of data‑center, cloud, and edge deployments, meaning a single code compromise threatens countless enterprises, government agencies, and critical infrastructure. - **What to Do:** Verify inventory, apply patches, enforce MFA, isolate admin access, audit supply chain, and update incident‑response playbooks. - **Link:** [SiliconANGLE – F5 says nation‑state actor breached internal systems, stole BIG‑IP development files](https://siliconangle.com/2025/10/15/f5-says-nation-state-actor-breached-internal-systems-stole-big-ip-development-files/) --- ## Additional Cybersecurity News | Title | URL | |-------|-----| | **Airport Hijack: Pro‑Hamas Messages Blare Across Canadian & US Terminals** | https://www.israelnationalnews.com/news/416318 | | **IBM’s TechXchange 2025: AI Revolution & Security Takeaways** | https://siliconangle.com/2025/10/15/ibm-techxchange-2025-navigating-ai-revolution/ | | **Firmware Flaws: Motherboard Manufacturers Show Little Security Care** | https://www.xda-developers.com/firmware-security-failures-show-motherboard-manufacturers-dont-care/ | | **Meta Partners with Arm for Energy‑Efficient AI GPUs** | https://siliconangle.com/2025/10/15/meta-platforms-use-arms-energy-efficient-neoverse-gpus-ai-workloads/ | --- ## Resources & Links _None this episode_ --- ## Call to Action - **Subscribe**: Stay updated on the latest cyber threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- ## Sponsor (if applicable) _No sponsors this episode_ --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum:** https://discord.gg/cz3xdsrqAE *(copyable raw link)*

**Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Hosts:** Professor CyberRisk • Cyber Cowboy Live **Live Cyber Maps:** - Bitdefender Threat Map – https://threatmap.bitdefender.com/ - Checkpoint Live Cyber threat map – https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Episode Number:** 3x27 **Overview:** In this episode we dissect a high‑profile Discord breach that exposed government ID photos for ~70,000 users, dive into Okta’s new “Identity‑Security Fabric” and its AI governance capabilities, explore NetApp’s next‑gen storage platform for AI resilience, uncover how attackers are hijacking the Velociraptor DFIR tool in ransomware campaigns, and discuss the U.S. Labor Department’s pilot for a national unemployment claims database—an initiative that could create a single point of failure. **Guest Information:** None **Topics Covered:** - Discord security breach and third‑party vendor risk - Okta’s AI‑governed Identity‑Security Fabric at Oktane 2025 - NetApp INSIGHT: disaggregated storage for AI workloads and ransomware resilience - Threat actor reuse of Velociraptor DFIR tool in LockBit/Babuk ransomware - Labor Department’s national unemployment claims intake pilot and privacy implications --- ## Top Stories - **Discord Security Breach Exposed Government ID Photos of 70,000 Users** – https://www.cnet.com/tech/services-and-software/discord-security-breach-exposed-government-id-photos-of-70000-users/ --- ## Additional Cybersecurity News – Titles and URLs 1. **Three insights you might have missed from theCUBE’s coverage of Okta’s Oktane event** – https://siliconangle.com/2025/10/09/okta-identity-security-fabric-oktaoktane/ 2. **What to expect during NetApp INSIGHT: Join theCUBE Oct. 14** – https://siliconangle.com/2025/10/09/next-generation-enterprise-storage-netappinsight/ 3. **Hackers now use Velociraptor DFIR tool in ransomware attacks** – https://www.bleepingcomputer.com/news/security/hackers-now-use-velociraptor-dfir-tool-in-ransomware-attacks/ 4. **Labor Department looks to pilot intaking unemployment claims for states** – https://www.nextgov.com/digital-government/2025/10/labor-department-looks-pilot-intaking-unemployment-claims-states/408734/ --- ## Resources & Links None this episode --- ### Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor (if applicable) No sponsors this episode --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE