You've Already Been Hacked

**What’s in this episode?** - **Top Story** – How generative AI is letting attackers spin up polymorphic ransomware in minutes. - **Support Stories** – New funding for AI‑driven vulnerability remediation, agentic chip design, a Def Con attendance shake‑up, and a Smashing Security podcast on internet sovereignty. - **Live Threat Maps** – See the world’s cyber threat landscape in real time. --- ## 🌐 Live Cyber Threat Maps - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence ebc_spam Map** – https://talosintelligence.com/ebc_spam --- ## 🔥 Top Story – AI‑Accelerated Malware **Title:** *AI‑Accelerated Malware: Hackers are Building More Sophisticated Threats in Half the Time* **Summary:** TechRadar shows that generative AI is slashing malware development time from days to minutes. Attackers can now produce polymorphic ransomware, encrypted payloads, key‑loggers, and fast exfiltration modules that bypass both signature and behavioral detection. The speed‑up gives attackers a 10× advantage over traditional development cycles. **Why it Matters:** - Speed & Scale - Complexity & Evasion - Skill Gap **What to Do:** 1. Adopt AI‑driven threat intel. 2. Implement behavior‑based monitoring. 3. Update incident‑response playbooks. 4. Train analysts on AI‑evolved threats. **Link:** https://www.techradar.com/pro/security/ai-is-helping-hackers-make-new-malware-faster-and-more-complex-than-ever-and-things-may-only-get-tougher --- ## 💡 Additional Cybersecurity News | # | Title | Why it Matters | Link | |---|-------|----------------|------| | 1 | *Cogent Security Raises $42M to Scale AI Agents for Enterprise Vulnerability Remediation* | Automation at scale, faster patching, reduced human error | https://siliconangle.com/2026/02/18/cogent-security-raises-42m-scale-ai-agents-enterprise-vulnerability-remediation | | 2 | *ChipAgents Secures $50M to Accelerate Agentic Chip Design* | Hardware‑level security, faster time‑to‑market, design automation | https://siliconangle.com/2026/02/18/chipagents-secures-50m-funding-accelerate-agentic-chip-design | | 3 | *Def Con Bans Three Attendees Linked to Jeffrey Epstein* | Reputation risk, event security, industry precedent | https://techcrunch.com/2026/02/18/hacking-conference-def-con-bans-three-people-linked-to-epstein/ | | 4 | *Smashing Security Podcast #455: Face Off – Meta’s Glasses & America’s Internet Kill Switch* | Policy debate, technical feasibility, cyber‑law implications | https://grahamcluley.com/smashing-security-podcast-455/ | --- ## 📣 Call to Action - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Tell us what you think – it helps the community grow. - **Join the Conversation**: Follow our community and ask questions. --- ## 🎙️ Sponsor **No sponsors this episode** --- ## 📲 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (formerly Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

## Episode Information **Episode Number:** XxX **Hosts:** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps:** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Live Cyber threat map (Checkpoint)** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – ebc_spam Map** – https://talosintelligence.com/ebc_spam **Overview** In this episode we unpack Microsoft’s blockbuster patch that closes the one‑click attack vector, dig into CertiK’s fresh transparency play after the Huione fallout, and discuss how geolocation services are becoming an adversarial attack surface. We also explore how CISOs can balance AI innovation with risk and how Red Hat is reshaping vulnerability management with vendor‑centric pipelines. **Guest Information** None this episode. **Topics Covered** 1. Microsoft’s one‑click exploit patch – what it fixes and why it matters. 2. CertiK’s rebuild‑trust strategy post‑Huione backlash. 3. Geofeed manipulation – why it’s a real threat and how to guard against it. 4. AI in security: governance, bias, adversarial attacks, and human‑in‑the‑loop. 5. Red Hat’s collaborative vulnerability‑management blueprint and its impact on MTTR. **Top Stories** - **Microsoft Fixes Bugs Behind One‑Click Attacks** – [PYMNTS](https://www.pymnts.com/cybersecurity/2026/microsoft-fixes-bugs-behind-one-click-attacks/) **Additional Cybersecurity News – Titles and URLs** - **CertiK Rebuilds Trust After Huione‑Related Backlash** – [CoinDesk](https://www.coindesk.com/business/2026/02/11/how-certik-rebuilt-trust-as-it-prepares-itself-for-an-ipo) - **Geofeeds Are Adversarial – A Call for Better IP Geolocation Integrity** – [NANOG Mailing List](https://seclists.org/nanog/2026/Feb/59) - **Balancing AI Innovation and Security Risk – A CISO’s Playbook** – [TechTarget](https://www.techtarget.com/searchsecurity/feature/How-CISOs-can-balance-AI-innovation-and-security-risk) - **Elevate Your Vulnerability Management Strategy – Red Hat’s Blueprint** – [Red Hat Blog](https://www.redhat.com/en/blog/elevate-your-vulnerability-management-strategy-red-hat) **Resources & Links** *(All links listed above)* --- ## Call to Action - **Subscribe:** Stay updated on the latest cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## Sponsor (if applicable) No sponsors this episode. --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **Twitter/X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum (copyable raw link):** https://discord.gg/cz3xdsrqAE ---

## 📺 Episode Information **Title:** Episode Number: **336** *(to be filled in)* ### Overview Today’s episode dives into a high‑impact, zero‑day campaign that hijacks web traffic by rewriting NGINX configurations with the React2Shell web shell. We break down the technical mechanics, the broader threat landscape, and actionable defense strategies. In addition, we cover the latest high‑profile data breach, economic fallout from online fraud in Malaysia, the NFL’s cyber‑defense playbook for Super Bowl 2026, and a new MSSP partnership in Singapore. --- ## 🔧 Topics Covered 1. **NGINX Traffic Hijack via React2Shell** – The top story, detailing the attack vector, stealth, and mass‑scale risk. 2. **Canada Computers & Electronics Data Breach** – 1,300 customers impacted; payment data exposure. 3. **Malaysia’s RM8 Billion Online Fraud Losses** – Economic toll and mitigation tactics. 4. **NFL Super Bowl 2026 Cyber‑Defense Playbook** – Edge security, AI monitoring, and event‑level protection. 5. **Acronis & Insightz MSSP Partnership** – Managed security services expansion in Singapore. --- ## 🛡️ Top Story – “Hackers Hijack Web Traffic via Compromised NGINX & Baota Panels Using React2Shell” **Summary** Researchers uncovered a campaign that uses the open‑source shell **React2Shell** to compromise NGINX servers and Baota control panels. Attackers rewrite NGINX’s configuration to forward all inbound traffic through malicious proxy servers, enabling eavesdropping, malware injection, or phishing redirection while keeping the original server’s IP intact. **Cited Link** [The Hacker News – Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers](https://thehackernews.com/2026/02/hackers-exploit-react2shell-to-hijack.html) --- ## 📢 Additional Cybersecurity News | Title | URL | |-------|-----| | *Canada Computers & Electronics Under Investigation After Data Breach Hits 1,300 Customers* | https://www.cbc.ca/news/business/canada-computers-data-breach-scope-9.7074605 | | *Malaysia Records RM8 Billion Losses From Online Fraud Since 2020* | https://www.thestar.com.my/news/nation/2026/02/05/almost-rm8bil-lost-to-online-fraud-since-2020-dewan-rakyat-told | | *Super Bowl 2026: NFL Deploys Cybersecurity Squad, Advanced Routers, & Data Centers* | https://www.pymnts.com/cybersecurity/2026/super-bowl-lineup-includes-cybersecurity-squad-wireless-routers-and-data-centers/ | | *Acronis Welcomes Insightz Technology as Singapore’s First MSSP Partner* | https://www.globenewswire.com/news-release/2026/02/05/3232606/0/en/Acronis-Welcomes-Insightz-Technology-as-First-MSSP-Partner-in-Singapore.html | --- - ## 📣 Call to Action - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Let us know what you think – it helps the podcast grow. - **Join the Conversation**: Follow our community, ask questions, and share insights. --- ## 🏷️ Sponsor No sponsors this episode --- ## 🌐 Podcast Socials & Website - **Website**: https://www.youvealreadybeenhacked.com - **X (Twitter)**: @professorcyberrisk - **YouTube**: https://www.youtube.com/@YABHPodcast - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

**Hosts** - Professor CyberRisk - Cyber Cowboy - Live Cyber Maps Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Live Cyber threat map (Checkpoint): https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information** - **Title:** *Zero‑Day Chaos & Firmware Secrets: Cisco RCE Alert + UEFI Parser* - **Episode Number:** 3x35 - **Overview:** In today’s episode we dive deep into a critically‑exploited Cisco zero‑day that’s been wreaking havoc across Unified Communications and Webex environments. We then turn our attention to a groundbreaking open‑source UEFI parser that’s exposing hidden firmware vulnerabilities, followed by a real‑world watering‑hole attack targeting EmEditor users and an EU telecom supply‑chain purge that could reshape vendor relationships. - **Guest Information:** *None – this is an all‑host episode.* - **Topics Covered:** 1. Cisco Zero‑Day CVE‑2026‑20045 (UC & Webex RCE) 2. UEFI Parser – Open‑Source Firmware Vulnerability Discovery 3. EmEditor Watering‑Hole Malware Campaign 4. EU Telecom Supplier Ban Proposal 5. Luxshare Precision Ransomware Incident & Supply‑Chain Implications - **Top Stories:** - **Cisco Zero‑Day CVE‑2026‑20045** – *Cisco Releases Emergency Patch for Actively Exploited RCE*: https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html - **Breaking UEFI Secrets – New Open‑Source Parser** – *CERT/CC Launches UEFI Parser Tool*: https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/ - **Watering Hole Targets EmEditor** – *TrendMicro Uncovers Multi‑Stage Malware*: https://www.trendmicro.com/en_us/research/26/a/watering-hole-attack-targets-emeditor-users.html - **EU Targets High‑Risk Foreign Telecom Suppliers** – *Proposal to Ban Third‑Country Companies from EU Mobile Networks*: https://www.spacewar.com/reports/Eyeing_China_EU_moves_to_ban_high-risk_foreign_suppliers_from_telecoms_networks_999.html - **Luxshare Under Attack – Ransomware Claims Apple & Nvidia Data** – *China‑Based Manufacturer Breach*: https://www.digitimes.com/news/a20260122PD226/luxshare-security-electronics-manufacturing-nvidia-apple.html - **Additional Cybersecurity News – Titles and URLs:** (All links above) - **Resources & Links:** *None this episode* **Call to Action** - **Subscribe:** Stay updated on the latest cybersecurity threats – hit that subscribe button! - **Leave a Review:** Tell us what you think – reviews help us improve and grow the community. - **Join the Conversation:** Follow our community and ask questions on Discord. **Sponsor** - No sponsors this episode **Podcast Socials & Website** - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title** 🚨 Copilot Leak Exposed: Reprompt Attack & 4 More AI‑Driven Threats 🚨 **Episode Number** 3x34 --- ### Episode Information **Overview** In this episode, Professor CyberRisk and Cyber Cowboy dive into the latest “Reprompt” back‑door that lets attackers steal data from Microsoft Copilot. We unpack how the exploit works, why it matters for every business using AI, and the broader implications for AI security. Plus, we spotlight four critical vulnerabilities—from FortiSIEM RCE to AI‑voice cloning—and explore how to protect your organization. **Guest Information** None (all insights delivered by our hosts). **Topics Covered** - The “Reprompt” attack on Microsoft Copilot - Immediate mitigations and patch status - FortiSIEM CVE‑2025‑64155 RCE proof‑of‑concept - AI‑voice cloning, Wi‑Fi kill‑switch, PLC vulnerabilities (ThreatsDay bulletin) - Nozomi Networks Vantage IQ: private AI assistant for OT & IoT - CISO Global & TeleDental’s CyberSimple for dental clinics --- ### Top Stories - **“Reprompt” Attack Lets Microsoft Copilot Leak Sensitive Data** – ### Additional Cybersecurity News | Title | URL | |-------|-----| | PoC Exploit Released for Critical FortiSIEM Vulnerability (CVE‑2025‑64155) | | ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi‑Fi Kill Switch, PLC Vulnerabilities & More | | Nozomi Networks Unveils Vantage IQ—A Private AI Assistant for OT & IoT Security | | CISO Global Partners with TeleDental to Protect Dental Clinics Using CyberSimple Powered by CHECKLIGHT | --- ### Resources & Links - **Live Cyber Maps** - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Live Cyber Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spam --- ### Call to Action - **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- ### Sponsor No sponsors this episode. --- ### Podcast Socials & Website - Website: https://www.youvealreadybeenhacked.com - X (Twitter): @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE ---

**🎙️ Episode Information** **Title:** **Office Glitches to Capitol Spies: Threats + AI Health Warning** **Episode Number:**3x33** **Overview:** Professor CyberRisk and Cyber Cowboy dive into today’s headline‑shattering **Top Story**: CISA’s newly‑KEVed Microsoft Office and HPE OneView flaws that are already being weaponised in the wild. He then walks listeners through four high‑impact support stories that showcase the breadth of today’s threat landscape—from political espionage to credential‑stuffing in online casinos, to the new risks introduced by OpenAI’s medical‑AI feature, and Red Hat’s secure‑AI deployment blueprint. --- **Guest Information** *No guest this episode.* --- **Topics Covered** | # | Topic | |---|-------| | 1 | CISA Flags Microsoft Office CVE‑2026‑xxxx & HPE OneView CVE‑2026‑yyyy as “Actively Exploited” | | 2 | China Hacks U.S. Congressional Committee Email – Salt Typhoon Espionage | | 3 | Credential‑Stuffing Surge Hits Online Casino Platforms | | 4 | OpenAI Announces ChatGPT Health – AI Meets Medical Advice, but With New Security Risks | | 5 | Red Hat Unveils Secure AI Deployment Architecture – Blueprint for Protecting AI‑Driven Systems | --- **Top Story** **CISA Flags Microsoft Office & HPE OneView Flaws as “Actively Exploited” – Your Systems Are on the Hook** *Summary & Why It Matters* – see show notes above. *What You Can/Should Be Doing* – 1) Patch immediately, 2) Verify integrity, 3) Enable MFA & least‑privilege, 4) Deploy advanced threat protection, 5) Update incident playbooks. --- **Additional Cybersecurity News – Titles & URLs** | # | Title | URL | |---|-------|-----| | 1 | China Hacks U.S. Congressional Committee Email – Salt Typhoon Espionage | https://cryptobriefing.com/china-hacks-us-congressional-email-systems-salt-typhoon-espionage-ft/ | | 2 | Credential‑Stuffing Surge Hits Online Casino Platforms – The Jackpot of Data Breach | https://www.hoover.org/research/cybersecurity-experts-report-surge-credential-stuffing-attacks-targeting-online-casino | | 3 | OpenAI Announces ChatGPT Health – AI Meets Medical Advice, but With New Security Risks | https://siliconangle.com/2026/01/07/openai-introduces-chatgpt-health-answer-users-medical-questions/ | | 4 | Red Hat Unveils Secure AI Deployment Architecture – A Blueprint for Protecting AI‑Driven Systems | https://www.redhat.com/en/blog/navigating-secure-ai-deployment-architecture-enhancing-ai-system-security-and-safety | --- **Resources & Links** | Resource | URL | |----------|-----| | Bitdefender Live Cyber Threat Map | https://threatmap.bitdefender.com/ | | Check Point Live Cyber Threat Map | https://threatmap.checkpoint.com/ | | Kaspersky Cyber Threat Map | https://cybermap.kaspersky.com/ | | Talos Intelligence – ebc_spam Map | https://talosintelligence.com/ebc_spam | | CISA KEV Catalog (Office & HPE OneView) | https://www.cisa.gov/keV | | Microsoft Office Security Updates | https://support.microsoft.com/en-us/topic/office-security-update | | HPE OneView Security Patch (2026‑02) | https://support.hpe.com/hpsc/doc/public/display?docId=0000000000060197 | --- **Call to Action** - **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- **Sponsor (if applicable)** *No sponsors this episode.* --- **Podcast Socials & Website** - **Website**: https://www.youvealreadybeenhacked.com - **X**: @professorcyberrisk - **YouTube**: https://www.youtube.com/@YABHPodcast - **Discord / Community Forum**: https://discord.gg/cz3xdsrqAE *(copy‑and‑paste link)* ---

**Title:** 🔥 AI’s Dark Side Exposed: OpenAI Warns of “High‑Risk” Models & New Cyber‑Attack Tactics! 🔥 --- ## Episode Information **Episode Number:**3x32 **Overview:** In this episode we break down OpenAI’s chilling warning that its next‑gen models are entering a “high” cybersecurity risk zone, and explore how the same AI tech is being weaponized in real‑world attacks—from insider‑facilitated Russian cyberops to ad‑driven macOS infostealers and deceptive cloud services. We’ll also look at Genetec’s latest report on AI‑driven physical security and what that means for the convergence of cyber & physical defenses. **Guest Information:** None this episode – it’s a deep‑dive into current headlines. **Topics Covered:** - OpenAI’s “high‑risk” model alert and defensive AI initiatives - Insider‑facilitated Russian cyberattacks (Ukrainian woman indictment) - Ad‑based phishing via ChatGPT & Grok leading to macOS infostealer - False claims of cloud compliance by former Accenture employee - Genetec’s 2026 State of Physical Security report & AI adoption surge - Practical steps for incident response, AI detection, vendor vetting & training **Top Stories:** | # | Title | Source URL | |---|-------|------------| | 1 | OpenAI Signals “High” Cybersecurity Risk with Next‑Gen Models | | | 2 | Ukrainian Woman Charged for Facilitating Russian‑Backed Cyberattacks | | | 3 | Google Ads Drive macOS Infostealer Malware via ChatGPT & Grok Guides | | | 4 | Former Accenture Employee Charged with Misleading the Government on Cloud Security | | | 5 | Genetec Releases 2026 State of Physical Security Report – AI Adoption Doubles | | **Additional Cybersecurity News – Titles & URLs** - **Bitdefender Threat Map** – - **Checkpoint Live Cyber Threat Map** – - **Kaspersky Cyber Threat Map** – - **Talos Intelligence – EBC Spam Map** – **Resources & Links** (See “Additional Cybersecurity News” above for threat‑map links; no other resources listed.) **Sponsor** None this episode **Call to Action** - **Subscribe**: Stay updated on the latest cybersecurity threats. - **Leave a Review**: Tell us what you think about the episode. - **Join the Conversation**: Follow our community and ask questions. **Podcast Socials & Website** - **Website**: - **Twitter**: @professorcyberrisk - **YouTube**: - **Discord/Community Forum**: https://discord.gg/cz3xdsrqAE

### 🔢 Episode Information |-------|-------| | **Title** | Supply‑Chain Siege: Fake NPM Packages + the New AI Threat Landscape | | **Episode Number** | 3x31 | | **Hosts** | Professor CyberRisk & Cyber Cowboy | | **Guests** | None this episode | --- ### 👀 Overview Attackers keep evolving their tactics, and defenders can stay one step ahead by tightening supply‑chain hygiene. In this episode we dive into: 1️⃣ The latest npm registry breach – 46,000 counterfeit packages flooding the ecosystem. 2️⃣ Four support stories that show how policy, data protection, visibility, and AI infrastructure are all part of the same threat matrix. --- ### 🗣️ Topics Covered - **npm Supply‑Chain Attack** – How a worm‑like spam operation can compromise millions of projects. - **Policy & Vendor Risk** – EU’s ban on Huawei/ZTE as a real‑world example of hardware risk management. - **Data Resilience** – IBM Safeguarded Copy and immutable snapshots for ransomware protection. - **Visibility & Detection** – ThreatBook NDR’s top marks in Gartner Peer Insights™ 2025. - **AI Infrastructure Hardening** – Microsoft’s Atlanta AI “Super Factory” and what it means for zero‑trust architecture. --- | Title | URL | |-------|-----| | **Bitdefender Threat Map** | https://threatmap.bitdefender.com/ | | **Checkpoint Live Cyber Threat Map** | https://threatmap.checkpoint.com/ | | **Kaspersky Cyber Threat Map** | https://cybermap.kaspersky.com/ | | **Talos Intelligence – ebc_spam Map** | https://talosintelligence.com/ebc_spam | --- ### 📚 Resources & Links - **npm audit guide:** https://docs.npmjs.com/cli/npm-audit - **Snyk dependency‑monitoring:** https://snyk.io/ - **IBM Safeguarded Copy whitepaper** – (link provided in episode) - **ThreatBook NDR product page** – https://threatbook.ai/nrd --- ### 🚀 Call to Action 1. **Subscribe**: Stay updated on the latest cybersecurity threats. 2. **Leave a Review**: Let us know what you think. 3. **Join the Conversation**: Follow our community and ask questions. --- ### 🎙 Sponsor (if applicable) > No sponsors this episode --- ### 📲 Podcast Socials & Website | Platform | Link | |----------|------| | **Website** | https://www.youvealreadybeenhacked.com | | **X** | @professorcyberrisk | | **YouTube** | https://www.youtube.com/@YABHPodcast | | **Discord/Community Forum** | https://discord.gg/cz3xdsrqAE

## 🎙 Episode Information | Item | Details | | **Episode Number** | 3x30 | | **Overview** | In today’s episode we dive into the newest AI‑powered defenses from industry giants Fortinet, SentinelOne and CrowdStrike – a game‑changer for any organization running machine‑learning workloads. We’ll unpack why protecting the *intelligence* itself is now mandatory, walk through practical steps you can take right away, and bring in four supporting stories that broaden the conversation to honeypots, password hygiene, IoT hardening and critical infrastructure security. | | Host | Professor CyberRisk – a veteran researcher in AI security and cyber‑threat intelligence | | **Topics Covered** | • AI‑driven security features from Fortinet, SentinelOne & CrowdStrike • Correlating malware with honeypot logs via PowerShell • Password hygiene lessons from the Louvre breach • The TP‑Link router debate and hardening steps • Norway’s new safeguards for electric buses (critical infra) | ## 🎙 Wrap‑Up These stories collectively underscore that defending AI workloads is no longer an optional enhancement—it’s a necessity. Combine this with robust password hygiene, hardened IoT devices, and secured critical infrastructure to create a resilient security posture. Feel free to weave in your own anecdotes or audience questions—these notes are just the skeleton for an engaging episode! --- ## 🎧 Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## 📣 Sponsor **No sponsors this episode** --- ## 🖥 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title** 🚨 Spy Drones & AI Wars: 2025’s Cyber Battleground – Why Your Company Needs to Listen --- ### Episode Information - **Episode Number:** 329 --- #### Overview In this episode we break down the most alarming cyber‑espionage trends of 2025: from North Korean Lazarus drones to AI‑firewalls and legal battles over data scraping. We’ll explain why these stories matter for you—and give you concrete steps you can take today. #### Hosts - Professor CyberRisk - Cyber Cowboy --- ### Topics Covered | # | Topic | |---|-------| | 1 | Lazarus drone campaign (Operation DreamJob) – what it means for European UAV makers | | 2 | Taiwan’s hardware & semiconductor sector under siege – supply‑chain hardening tips | | 3 | Maxis AI‑powered firewall rollout in Malaysia – lessons on communication‑layer security | | 4 | Reddit suing data‑scrapers – implications for AI training and privacy | | 5 | Gartner 2026 tech forecast – AI, connectivity & emerging risks | --- ## Additional Cybersecurity News – Titles and URLs | Title | URL | |-------|-----| | “North Korean Lazarus Group Targets UAV Sector in Europe” | https://www.globenewswire.com/news-release/2025/10/23/3171642/0/en/North-Korean-Lazarus-group-targets-the-drone-sector-in-Europe-likely-for-espionage-ESET-Research-discovers.html | | “Taiwan’s Hardware & Semiconductor Sectors Remain Top Cyber‑Attack Targets” | https://www.digitimes.com/news/a20251023PD206/check-point-cybersecurity-data-hardware-taiwan.html | | “Maxis Deploys AI‑Powered Firewall to Block Malicious SMS & Voice Calls in Malaysia” | https://soyacincau.com/2025/10/23/maxis-globe-teleservices-ai-firewall-message-voice-security/ | | “Reddit Suing Data‑Scraping Firms Over Unauthorized Use of Its Content for AI Training” | https://siliconangle.com/2025/10/22/reddit-suing-perplexity-ai-data-scraping-firms-using-data-without-permission/ | | “Gartner Forecasts 2026 Tech Trends – AI, Connectivity, and Emerging Risks” | https://www.helpnetsecurity.com/2025/10/23/gartner-2026-technology-trends | --- ## Resources & Links *None this episode.* --- ## Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor No sponsors this episode. --- #### Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title:** 🚨 “Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked” --- ### **Hosts** - **Professor CyberRisk** ### **Live Cyber Maps** - **Bitdefender Threat Map** – https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map** – https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map** – https://cybermap.kaspersky.com/ - **Talos Intelligence – EBC Spam Map** – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** *Your F5 is in the Crosshairs – Why Your Network Might Already Be Hacked* **Episode Number:** 3x28 ### Overview In this episode we unpack a nation‑state supply‑chain attack that exposed the source code of F5’s BIG‑IP platform, explore the weaponization of public infrastructure at Canadian and U.S. airports, and dive into the new AI security best‑practices IBM presented at TechXchange 2025. We also cover alarming firmware flaws in popular motherboards and Meta’s new partnership with Arm for energy‑efficient AI GPUs. ### Guest Information - **Professor CyberRisk** – Security strategist and researcher. - **Cyber Cowboy** – Field operations expert in incident response. ### Topics Covered 1. Nation‑state breach of F5 BIG‑IP source code 2. IoT exploitation in airport public‑announcement systems 3. Secure AI pipelines: IBM’s takeaways from TechXchange 2025 4. Firmware vulnerabilities in mainstream motherboards 5. Meta + Arm partnership and the security implications of next‑gen AI GPUs 6. Practical steps: patching, zero‑trust, and incident‑response readiness --- ## Top Stories ### 1. Nation‑State Threat Cracks F5’s BIG‑IP Source Code - **Summary:** F5 disclosed that a sophisticated nation‑state actor accessed its internal systems, exfiltrated portions of BIG‑IP source code, and is now forcing emergency patches for all customers. - **Why it Matters:** The BIG‑IP platform sits in millions of data‑center, cloud, and edge deployments, meaning a single code compromise threatens countless enterprises, government agencies, and critical infrastructure. - **What to Do:** Verify inventory, apply patches, enforce MFA, isolate admin access, audit supply chain, and update incident‑response playbooks. - **Link:** [SiliconANGLE – F5 says nation‑state actor breached internal systems, stole BIG‑IP development files](https://siliconangle.com/2025/10/15/f5-says-nation-state-actor-breached-internal-systems-stole-big-ip-development-files/) --- ## Additional Cybersecurity News | Title | URL | |-------|-----| | **Airport Hijack: Pro‑Hamas Messages Blare Across Canadian & US Terminals** | https://www.israelnationalnews.com/news/416318 | | **IBM’s TechXchange 2025: AI Revolution & Security Takeaways** | https://siliconangle.com/2025/10/15/ibm-techxchange-2025-navigating-ai-revolution/ | | **Firmware Flaws: Motherboard Manufacturers Show Little Security Care** | https://www.xda-developers.com/firmware-security-failures-show-motherboard-manufacturers-dont-care/ | | **Meta Partners with Arm for Energy‑Efficient AI GPUs** | https://siliconangle.com/2025/10/15/meta-platforms-use-arms-energy-efficient-neoverse-gpus-ai-workloads/ | --- ## Resources & Links _None this episode_ --- ## Call to Action - **Subscribe**: Stay updated on the latest cyber threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. --- ## Sponsor (if applicable) _No sponsors this episode_ --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord / Community Forum:** https://discord.gg/cz3xdsrqAE *(copyable raw link)*

**Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Hosts:** Professor CyberRisk • Cyber Cowboy Live **Live Cyber Maps:** - Bitdefender Threat Map – https://threatmap.bitdefender.com/ - Checkpoint Live Cyber threat map – https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ - Talos Intelligence ebc_spam Map – https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** Discord ID Photos Leak + AI Governance & Ransomware Hijinks – Cyber Threat Deep Dive **Episode Number:** 3x27 **Overview:** In this episode we dissect a high‑profile Discord breach that exposed government ID photos for ~70,000 users, dive into Okta’s new “Identity‑Security Fabric” and its AI governance capabilities, explore NetApp’s next‑gen storage platform for AI resilience, uncover how attackers are hijacking the Velociraptor DFIR tool in ransomware campaigns, and discuss the U.S. Labor Department’s pilot for a national unemployment claims database—an initiative that could create a single point of failure. **Guest Information:** None **Topics Covered:** - Discord security breach and third‑party vendor risk - Okta’s AI‑governed Identity‑Security Fabric at Oktane 2025 - NetApp INSIGHT: disaggregated storage for AI workloads and ransomware resilience - Threat actor reuse of Velociraptor DFIR tool in LockBit/Babuk ransomware - Labor Department’s national unemployment claims intake pilot and privacy implications --- ## Top Stories - **Discord Security Breach Exposed Government ID Photos of 70,000 Users** – https://www.cnet.com/tech/services-and-software/discord-security-breach-exposed-government-id-photos-of-70000-users/ --- ## Additional Cybersecurity News – Titles and URLs 1. **Three insights you might have missed from theCUBE’s coverage of Okta’s Oktane event** – https://siliconangle.com/2025/10/09/okta-identity-security-fabric-oktaoktane/ 2. **What to expect during NetApp INSIGHT: Join theCUBE Oct. 14** – https://siliconangle.com/2025/10/09/next-generation-enterprise-storage-netappinsight/ 3. **Hackers now use Velociraptor DFIR tool in ransomware attacks** – https://www.bleepingcomputer.com/news/security/hackers-now-use-velociraptor-dfir-tool-in-ransomware-attacks/ 4. **Labor Department looks to pilot intaking unemployment claims for states** – https://www.nextgov.com/digital-government/2025/10/labor-department-looks-pilot-intaking-unemployment-claims-states/408734/ --- ## Resources & Links None this episode --- ### Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ### Sponsor (if applicable) No sponsors this episode --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Title:** 🔥 *“Oracle’s Data is Leaking… And AI Agents Are the New Attack Vectors”* — Clop, Pentagon, and the Cybersecurity Apocalypse You Can’t Ignore --- **Episode Number:** 3x26 **Overview:** In this explosive episode of *You’ve Already Been Hacked*, Professor CyberRisk and Cyber Cowboy dive into a perfect storm of cyber chaos: Clop-linked hackers are weaponizing Oracle E-Business Suite to extort Fortune 500s, the Pentagon is gutting cyber training like it’s a body fat test, Google confirms executives are being targeted with fake data theft threats—and underneath it all, AI agents are quietly becoming the most dangerous insider threats you didn’t know you had. Mary Ann Davidson (ex-Oracle CSO) drops the bombshell: *“You’re never going to have enough cybersecurity people to defend what was never built to be defensible.”* We break down why traditional defenses are dead, how AI is rewriting the rules of attack and defense, and what you MUST do before your company becomes next week’s headline. **Topics Covered:** - 🚨 Clop ransomware group’s Oracle E-Business Suite data theft extortion campaign (unconfirmed breach, real-world panic) - ⚔️ Pentagon’s dangerous de-prioritization of cybersecurity training — equating it to beard length? - 🤖 Agentic Security: How AI agents are becoming autonomous attack vectors (behavioral monitoring, zero-trust for bots) - 💬 Google’s confirmation: Executives targeted with fake Oracle data theft emails — sophisticated social engineering at scale - 🧠 The “security-by-design” revolution: Why humans can’t keep up, and AI-powered detection is now non-negotiable **Top Stories:** 1. **Clop-linked hackers claim Oracle E-Business Suite data theft** — Extortion emails flooding corporations. → https://siliconangle.com/2025/10/02/clop-linked-hackers-claim-oracle-e-business-suite-data-theft-high-stakes-extortion-push/ 2. **Pentagon says warfighters don’t need “frequent” cybersecurity training** — Policy downgrade raises alarms. → https://www.theregister.com/2025/10/02/pentagon_relaxes_military_cybersecurity_training/ 3. **Google confirms extortion emails targeting executives via fake Oracle breaches** — Supply chain fearmongering in action. → https://www.yahoo.com/news/articles/google-says-hackers-sending-extortion-215459772.html 4. **Agentic Security: AI agents as new attack surfaces** — Defending autonomous systems before they go rogue. → https://siliconangle.com/2025/10/02/ai-agents-need-agentic-security-keep-safe-cyberdefense/ 5. **Mary Ann Davidson’s warning: “You’re never going to have enough people to defend what was never built to be defensible.”** → https://securityweeklytv.libsyn.com/ai-the-new-trigger-word-or-is-it-robots-psw-894 **Additional Cybersecurity News – Titles and URLs:** - **Bitdefender Threat Map (Live):** https://threatmap.bitdefender.com/ - **Checkpoint Live Cyber Threat Map:** https://threatmap.checkpoint.com/ - **Kaspersky Cyber Threat Map:** https://cybermap.kaspersky.com/ - **Talos Intelligence Spam Map (ebc_spam):** https://talosintelligence.com/ebc_spam **Call to Action:** ✅ **Subscribe** — Stay ahead of the next cyber apocalypse. ⭐ **Leave a Review** — Help others find us before their company gets hacked. 💬 **Join the Conversation** — Ask questions, share war stories, and debate AI threats in our community: https://discord.gg/cz3xdsrqAE **Sponsor:** None this episode — because *you* are the sponsor of your own security. **Podcast Socials & Website:** 🌐 **Website:** https://www.youvealreadybeenhacked.com 🐦 **X (Twitter):** @professorcyberrisk 📺 **YouTube:** https://www.youtube.com/@YABHPodcast 💬 **Discord/Community Forum :** https://discord.gg/cz3xdsrqAE --- *Hosts:* Professor CyberRisk | Cyber Cowboy *Live Threat Maps Featured:* Bitdefender • Checkpoint • Kaspersky • Talos Intelligence

Hosts Live Cyber Maps – Bitdefender Threat Map: https://threatmap.bitdefender.com/ Live Cyber threat map – Checkpoint: https://threatmap.checkpoint.com/ Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam Episode Information Title: $115M Ransom Raid: Teen Gang, SIM‑Swaps & AI Breach – What’s Next? Episode Number: 3x25 Overview: In today’s episode we dissect the explosive case of Scattered Spider, a multi‑nation, multi‑tech gang that has pulled in over $115 million in ransomware payouts from UK retailers, London transit and US healthcare systems. We’ll explore how teenage operatives can be prosecuted under U.S./U.K. law, why SIM‑swap attacks remain a critical vulnerability, and what a recent AI chatbot breach means for your cloud tokens. Finally we’ll look at the rise of self‑replicating open‑source worms and how online gambling scams create new channels for credential theft. Guest Information: None – this is an in‑house deep dive. Topics Covered Top Story Feds Tie “Scattered Spider” Duo to $115 M in Ransoms Additional Cybersecurity News – Titles and URLs SIM‑Swapper, Scattered Spider Hacker Gets 10 YearsThe Ongoing Fallout from a Breach at AI Chatbot Maker SalesloftSelf‑Replicating Worm Hits 180+ Software PackagesAffiliates Flock to ‘Soulless’ Scam Gambling MachineResources & Links None this episode. Call to Action Subscribe: Stay updated on cybersecurity threats. Leave a Review: Let us know what you think. Jo​in the Conversation: Follow our community and ask questions. Sponsor No sponsors this episode. Podcast Socials & Website Website: https://www.youvealreadybeenhacked.com X (Twitter): @professorcyberrisk Youtube: https://www.youtube.com/@YABHPodcast Discord/Community Forum: https://discord.gg/cz3xdsrqAE (copy‑and‑paste it as plain text)

**Hosts** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps** Bitdefender Threat Map – https://threatmap.bitdefender.com/ Live Cyber Threat Map – https://threatmap.checkpoint.com/ Kaspersky Cyber Threat Map – https://cybermap.kaspersky.com/ Talos Intelligence – ebc_spam Map – https://talosintelligence.com/ebc_spam --- ## **Episode Information** **Title:** _Agents, Exploits, and NanoCoder: Building Modular AI with Will Lamerton_ **Episode Number:** 3x24 **Overview:** In this special interview episode, we step away from the headlines and dive deep into the mind of Will Lamerton — creator of [NanoCoder](https://github.com/Mote-Software/nanocoder), a modular agentic framework that’s reshaping how developers build AI workflows. From the architecture of autonomous agents to the cybersecurity implications of automation, we explore how tools like NanoCoder can empower defenders… and potentially arm adversaries. **Guest Information:** **Will Lamerton** - Creator of NanoCoder - Developer at Mote Software - LinkedIn: https://www.linkedin.com/in/will-lamerton-b16ab915b/ - GitHub: https://github.com/Mote-Software/nanocoder --- ## **Topics Covered** - The origin story of NanoCoder and Will’s journey into agentic automation - How NanoCoder differs from LangChain, CrewAI, and other frameworks - Modular agents, memory, and orchestration philosophy - Real-world use cases: devops, creative workflows, and beyond - Cybersecurity implications — how defenders and attackers might use agentic tools - Threat modeling for autonomous systems - Human interest: Will’s coding rituals, rabbit holes, and creative inspirations - The future of agentic ecosystems and modular AI stacks --- ## **Call to Action** - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## **Sponsor (if applicable)** No sponsors this episode --- ## **Podcast Socials & Website** - Website: https://www.youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE

**Hosts:** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps & Resources** - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Live Cyber Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam --- ## Episode Information **Title:** Bulletproof Hosting Lives On: Stark’s Rebrand & 4 Cyber Flashpoints **Episode Number:** 3x23 --- ### Overview In this episode we unpack the latest headline: European sanctions hit Stark Industries Solutions Ltd., yet the firm slipped into a new shell, keeping its “bullet‑proof” hosting services running. We dive into why that matters for defenders, and we explore four additional headlines: a supply‑chain attack on npm libraries, the fallout from Salesloft’s token breach, Microsoft’s critical Patch Tuesday, and a new Russian gambling‑scam network. Get the details on how to spot, block, and remediate each threat. --- ### Guest Information *None for this episode (solid 5‑story deep dive).* --- ### Topics Covered - How “bullet‑proof” hosting evades EU sanctions - 18 npm packages hijacked to steal crypto funds - Salesloft token breach exposes corporate data across Slack, Google Workspace & AWS - Microsoft Patch Tuesday – 80+ fixes (incl. remote code exec, SMB flaws) - Russian “Soulless” gambling‑scam affiliate network --- ## Top Stories **1. Bulletproof Host Stark Industries Evades EU Sanctions** *Summary:* The EU slapped sanctions on Stark Industries Solutions Ltd. in May 2025 for fueling Kremlin‑linked DDoS, malware, and disinformation campaigns. New research shows Stark swiftly rebranded to “thehosting”, moved assets to a Dutch shell (WorkTitans BV), and shifted IP space to a new Moldovan entity, PQ Hosting Plus SRL. The core infrastructure—IP ranges, servers and the notorious MIRhosting partner—remained operational, allowing Russian‑backed attacks to continue almost unchanged. *Why it Matters:* This is a textbook example of how “bullet‑proof” hosting providers dodge regulation by shifting names and ownership while keeping the same malicious traffic lanes open. It shows that sanctions alone are insufficient; attackers simply reorganize and keep the same services running, continuing to supply state‑level cyberwarfare. *What you should do:* Monitor the domain and IP space associated with Stark and its partners (thehosting.com, PQ Hosting Plus SRL, MIRhosting). Use threat‑intel feeds to detect changes in ownership or DNS records. Block traffic from these IP ranges at your perimeter firewalls, especially if you run a web‑services or cloud platform. Keep an eye on EU sanctions lists and immediately flag any new entities that appear in your infrastructure logs. --- ## Additional Cybersecurity News – Titles & URLs | # | Title | URL | |---|-------|-----| | 2 | *18 Popular Code Packages Hacked, Rigged to Steal Crypto* | 3 | *The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft* | 4 | *Microsoft Patch Tuesday, September 2025 Edition* | | 5 | *Affiliates Flock to ‘Soulless’ Scam Gambling Machine* | --- ### Resources & Links *None this episode.* --- ## Call to Action - **Subscribe** – Stay updated on the latest cybersecurity threats. - **Leave a Review** – Let us know what you think. - **Join the Conversation** – Follow our community and ask questions. --- ### Sponsor *No sponsors this episode.* --- ## Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X (Twitter):** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

## 🎙️ Episode Information **Title:** _Citrix Cracked, WhatsApp Whacked, and Linux Under Attack: This Week in Cyber Mayhem_ **Episode Number:**3x22 ## 🧠 Overview This week, Professor CyberRisk and Cyber Cowboy break down the latest cybersecurity chaos—from a Citrix zero-day that’s been exploited for months, to a stealthy Linux dropper campaign targeting desktop shortcuts. Whether you're defending enterprise infrastructure or just trying to keep your devices clean, this episode delivers actionable insights and threat intelligence you can’t afford to miss. ## 👤 Guest Information None this episode ## 🧵 Topics Covered - Citrix NetScaler zero-day exploited since May - WhatsApp vulnerability chaining with Apple zero-days - Farmers Insurance breach affecting 1M+ customers - Sindoor Dropper malware targeting Linux users - U.S. government crackdown on fake ID marketplaces ## 🔥 Top Stories **Critical Citrix 0-Day Vulnerability Exploited Since May, Leaving Global Entities Exposed** **Summary:** CVE-2025-6543 in Citrix NetScaler has been exploited for months, allowing remote code execution and authentication bypass. **Why it Matters:** Long dwell time means attackers may already have persistent access to sensitive systems. **What can / should you be doing because of it:** - Patch immediately - Audit logs back to May - Monitor for lateral movement **Cited link:** Cybersecurity News coverage ## 🧷 Additional Cybersecurity News – Titles and URLs **WhatsApp Zero-Day Exploit Targets iOS and macOS Users** The Hacker News report **Farmers Insurance Breach Impacts Over 1 Million Customers** Cybernews coverage **Sindoor Dropper Malware Targets Linux via Weaponized .desktop Files** Cybersecurity News report **U.S. Government Seizes Domains Selling Fake Identity Documents** Cybersecurity News coverage ## 🗺️ Live Cyber Maps - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam ## 📚 Resources & Links None this episode ## 📣 Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. ## 💼 Sponsor (if applicable) No sponsors this episode ## 🌐 Podcast Socials & Website - **Website:** https://www.youvealreadybeenhacked.com - **X:** @professorcyberrisk - **YouTube:** https://www.youtube.com/@YABHPodcast - **Discord/Community Forum:** https://discord.gg/cz3xdsrqAE

**Hosts** - Professor CyberRisk - Cyber Cowboy **Live Cyber Maps** - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Checkpoint Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam **Episode Information** **Title:** _Hijacked by Design: OAuth Breach, AI Agents, and the Global Cybercrime Crackdown _**Episode Number:** 3x21 **Overview:** This week, Professor CyberRisk and Cyber Cowboy dissect the latest cybersecurity chaos—from a stealthy OAuth breach that compromised Salesforce data to the vulnerabilities lurking in autonomous AI agents. Plus, we spotlight Interpol’s massive takedown of global cybercrime infrastructure and the budget-driven pivot toward AI-powered defense. If you think your workflows are safe, think again. **Guest Information** None this episode **Topics Covered** - OAuth token abuse and AI chat agent exploitation - NIST’s new AI cybersecurity control overlays - Prompt injection and hijacking risks in autonomous agents - Operation Serengeti’s global infrastructure takedown - Shrinking cybersecurity budgets and the rise of AI defense **Top Stories** 1. **OAuth Breach via Drift AI Chat Agent Exposes Salesforce Data** The Hacker News coverage **Additional Cybersecurity News – Titles and URLs** 2. **NIST Releases AI Cybersecurity Control Overlays** Google News summary 3. **AI Agents Vulnerable to Hijacking Attacks** Google News summary 4. **Operation Serengeti Dismantles 11,500 Malicious Infrastructures** CyberScoop coverage 5. **Cybersecurity Budgets Shrinking, AI Defense Rising** Google News summary **Resources & Links** None this episode **Call to Action** - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. **Sponsor (if applicable)** No sponsors this episode **Podcast Socials & Website** - Website: https://www.youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community Forum: https://discord.gg/cz3xdsrqAE

## 🎙️ Hosts - Professor CyberRisk - Cyber Cowboy --- ## 🌐 Live Cyber Maps - Bitdefender Threat Map: https://threatmap.bitdefender.com/ - Check Point Threat Map: https://threatmap.checkpoint.com/ - Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/ - Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam --- ## 📢 Episode Information **Title:** _Legacy Exploits, Poisoned Packages, and Password Hijacks **Episode Number:** 3x20 --- ## 🧠 Overview This week, Professor CyberRisk and Cyber Cowboy dissect the latest wave of cyber threats—from Russian espionage campaigns targeting unpatched Cisco gear to stealthy clickjacking attacks on password managers. Whether you're an enterprise defender or a solo dev, these stories will make you rethink your patching strategy, supply chain hygiene, and user awareness training. --- ## 🎤 Guest Information None this episode --- ## 🧵 Topics Covered - Russian state-sponsored exploitation of legacy Cisco vulnerabilities - DOM-based clickjacking targeting browser password managers - Apple’s emergency patch for zero-day CVE-2025-43300 - Malicious PyPI packages infiltrating developer environments - AsyncRAT delivered via fake verification prompts --- ## 🚨 Top Stories **FBI Warns of Russian Espionage via Unpatched Cisco Devices** Summary: Russian group Static Tundra exploits CVE-2018-0171 in Cisco IOS/IOS XE. Why it Matters: Legacy vulnerabilities still pose major risks. What You Should Be Doing: Audit Cisco gear, patch or disable Smart Install, monitor traffic. Cited link: [The Hacker News](https://thehackernews.com/) --- ## 🧩 Additional Cybersecurity News – Titles and URLs **DOM-Based Clickjacking Targets Password Managers** https://thehackernews.com/ **Apple Patches Zero-Day CVE-2025-43300** https://thehackernews.com/ **Weaponized PyPI Packages Target Developers** https://cybersecuritynews.com/weekly-cybersecurity-news-recap/ **AsyncRAT Delivered via Fake Verification Prompts** https://cybersecuritynews.com/weekly-cybersecurity-news-recap/ --- ## 📚 Resources & Links None this episode --- ## 📣 Call to Action - **Subscribe:** Stay updated on cybersecurity threats. - **Leave a Review:** Let us know what you think. - **Join the Conversation:** Follow our community and ask questions. --- ## 💼 Sponsor (if applicable) No sponsors this episode --- ## 🌐 Podcast Socials & Website - Website: https://www.youvealreadybeenhacked.com - X: [@professorcyberrisk](https://twitter.com/professorcyberrisk) - YouTube: https://www.youtube.com/@YABHPodcast - Discord/Community: https://discord.gg/cz3xdsrqAE

### Hosts - Professor CyberRisk - Cyber Cowboy ### 🔥 Live Cyber Maps - Bitdefender Threat Map - Checkpoint Threat Map - Kaspersky Cyber Threat Map - Talos Intelligence Spam Map ### 🎧 Episode Information **Title:** _DEF CON 33: Agents, Extensions, and Ghosts in the Machine_ **Episode Number:** 3x19 ### 🗒️ Overview This episode dives deep into DEF CON 33’s most provocative cybersecurity talks—from AI-powered SOC assistants to browser-based identity theft, counter-surveillance tactics, and prompt injection warfare. Professor CyberRisk and Cyber Cowboy break down what defenders need to know, what attackers are already doing, and how the future of cybersecurity is being shaped by autonomous agents and invisible threats. ### 🎙️ Guest Information None this episode ### 🧠 Topics Covered - Microsoft Security Copilot and AI-augmented SOC workflows - Autonomous AI evaluation in cyber ranges - Ghost Mode counter-surveillance tactics - COPYCAT browser extension identity attacks - MPIT prompt injection tool and ShinoLLMApps testbed - General Paul Nakasone’s DEF CON insights on AI and national security - DEF CON 33 meta-trends and community tooling ### 🧨 Top Stories - **Microsoft Security Copilot Fireside Chat** – AI-driven incident response, plugin customization, and SOC acceleration - **AI Security Institute Evaluation Framework** – Realistic cyber ranges for autonomous agent testing - **Ghost Mode** – OSINT-powered counter-surveillance for everyday users - **COPYCAT Extension** – Ten browser-based identity attacks that bypass traditional defenses - **MPIT Prompt Injection Tool** – Genetic algorithm–optimized payloads for LLM exploitation - **General Nakasone’s Talk** – NSA’s evolving role in AI defense and collaboration - **DEF CON 33 Themes** – Agent-based red teaming, invisible threats, and open-source community power ### 📣 Call to Action - **Subscribe**: Stay updated on cybersecurity threats. - **Leave a Review**: Let us know what you think. - **Join the Conversation**: Follow our community and ask questions. ### 💼 Sponsor (if applicable) No sponsors this episode ### 🌐 Podcast Socials & Website - Website: youvealreadybeenhacked.com - X: @professorcyberrisk - YouTube: @YABHPodcast - Discord – The Neural Network: - https://discord.gg/cz3xdsrqAE