Cybersecurity Daily: News & Threats artwork
News > Tech News Daily

Cybersecurity Daily: News & Threats

Cybersecurity Daily: News & Threats delivers sharp, up-to-the-minute coverage of the cyber attacks, data breaches, malware campaigns, and vulnerabilities reshaping the digital world. Every episode cuts through the noise to give security professionals, IT teams, and tech-savvy listeners a clear-eyed breakdown of the threats that matter most — from nation-state intrusions and ransomware outbreaks to OAuth exploits, botnets, and supply chain compromises. Whether it's the Icarus OAuth attack targeting enterprise authentication, a breach inside the Council of Europe, or the emerging AryStinger botnet spreading across global networks, we cover the stories making waves in the security community before they hit the mainstream press. What sets Cybersecurity Daily apart is its relentless focus on actionable intelligence: you'll understand not just what happened, but how attacks unfolded, who is affected, and what defenders should do next. Designed for CISOs, security analysts, network defenders, ethical hackers, and curious technologists, this show is your daily briefing in a threat landscape that never sleeps. Subscribe to stay ahead of adversaries, sharpen your situational awareness, and never be caught off guard by the next major incident. New episodes drop daily — because in cybersecurity, yesterday's news is already out of date.

Listen on Spreaker
45 episodes · Verified by YesOui

Episodes

Latest episodes

23 Jun 2026 · 4 min

Icarus OAuth Attack, Council of Europe Breach & AryStinger Botnet

Nine security firms breached via stolen OAuth tokens, ShinyHunters publishes 297GB of Council of Europe data after a missed ransom deadline, and the AryStinger botnet silently maps infrastructure through thousands of unpatched D-Link routers. Today's briefing connects all three to one structural blind spot defenders can't afford to ignore.
22 Jun 2026 · 4 min

208 CVEs, Qilin Hits Telecom & GentleKiller EDR Bypass

Microsoft's 208-CVE Patch Tuesday introduced a Recycle Bin regression hitting millions of Windows systems, while Qilin ransomware claimed Q Link Wireless and the GentleKiller EDR bypass toolkit went public. Today's briefing also covers Teams-based C2 attacks and tightening regulations under DORA and CIRCIA.
21 Jun 2026 · 5 min

Credentials Meet CVE Data, FortiBleed & SocGholish Dismantled

A 24-billion-password dump cross-referenced with CVE data is redefining credential threats, while 74,000 Fortinet firewall admin credentials leak in FortiBleed and the SocGholish botnet falls after seven years of ransomware delivery. Today's briefing covers the most consequential cybersecurity developments of the past 24 hours.
20 Jun 2026 · 4 min

Splunk RCE Exploited & Icarus OAuth Attack Hit CRM Data

A critical Splunk Enterprise RCE (CVE-2026-20253, CVSS 9.8) is under active attack with a federal patch deadline of June 21, while threat actor Icarus stole OAuth tokens from SaaS vendor Klue to silently extract CRM data from Huntress, Jamf, Recorded Future, and Tanium. Two stories, one pattern: attackers reaching infrastructure that was never designed to stop them.
19 Jun 2026 · 4 min

INC Ransomware Hits 830 Victims, FortiBleed & Oracle 245-Patch CPU

INC ransomware's Rust rewrite powers a surge to 830+ victims as FortiBleed compromises 30,000 firewalls across 194 countries. Plus: a fourth Defender zero-day from the same researcher and Oracle's 245-vulnerability Critical Patch Update.
18 Jun 2026 · 4 min

ShinyHunters' Kodak Deadline, 24B Credential Dump & Vertex AI Patch

ShinyHunters gives Kodak until June 18 to respond or face exposure of 2.2 million records, while researchers uncover a 24-billion-credential Elasticsearch dump fuelled by live infostealer logs. Plus: the Vertex AI race-condition patch and unverified ICAI exam-portal breach claims.
17 Jun 2026 · 5 min

PeopleSoft CVE-2026-35273 Exploited, Healthcare Costs Hit $11M & Ransomware at 44%

A critical PeopleSoft zero-day with no patch has hit over 100 organizations including the University of Nottingham, while ransomware now accounts for 44% of all data breaches. Today's briefing covers the ShinyHunters campaign, record healthcare breach costs, a North Korean supply chain attack on developers, and Samsung's 45-vulnerability patch.
16 Jun 2026 · 5 min

4 Zero-Days Live: Chrome V8, RoguePlanet, UniFi Root Chain & Splunk RCE

Four zero-days are under active exploitation simultaneously — Chrome V8, Microsoft Defender RoguePlanet, a UniFi OS root-access chain, and Splunk Enterprise RCE. Plus: 400+ AUR packages hijacked, US breach costs hit $10.2M, and AI phishing now drives 37% of attacks.
14 Jun 2026 · 4 min

5 Zero-Days Live, Wormable RDP & AUR Supply-Chain Compromise

Microsoft's record-breaking Patch Tuesday lands with five actively exploited zero-days — including a wormable RDP flaw and AI-feature kernel vulnerabilities — while a supply-chain attack compromises 400+ Arch Linux packages. Everything you need to act on, in under ten minutes.
13 Jun 2026 · 5 min

Record 206-Patch Tuesday, The Gentlemen RaaS & OnyxC2 MaaS

Microsoft drops a single-day record 206 security patches with 39 critical flaws, while The Gentlemen ransomware group confirms 478 victims and a new MaaS tool called OnyxC2 evades detection across major scanning platforms. Today's briefing covers the biggest cybersecurity stories shaping enterprise defenses right now.
12 Jun 2026 · 5 min

OceanLotus Supply Chain, Defender Zero-Day & Ivanti CVSS 10 Exploited

A five-month OceanLotus supply chain attack hit Vietnamese stock investors, a Windows Defender zero-day is already being exploited in the wild, and Ivanti Sentry's CVSS 10 flaws were backdoored within 24 hours of PoC release. Today's briefing also covers a 206-CVE Patch Tuesday, CISA's new 3-day patching directive, and a disputed VRChat breach filing.
11 Jun 2026 · 5 min

Record Patch Tuesday: HTTP.sys Zero-Day, BitLocker Bypass & ServiceNow Breach

Microsoft's largest-ever Patch Tuesday lands with three actively exploited zero-days targeting Windows servers, workstations, and encrypted drives — while ServiceNow confirms a silent pre-patch breach affecting 8,000+ enterprises. If you run internet-facing Windows infrastructure or ServiceNow, today's briefing is required listening.
10 Jun 2026 · 5 min

CISA's June 11 Deadline, Chrome's 5th Zero-Day & 698 Ransomware Attacks in May

CISA has issued an emergency directive forcing federal agencies to patch a Check Point VPN authentication bypass exploited by Qilin ransomware — or go offline by June 11. Also: Chrome's fifth zero-day of 2026, Microsoft's record 200+ CVE Patch Tuesday, and a 48% ransomware surge.
9 Jun 2026 · 4 min

Check Point VPN Zero-Day, 44% Ransomware Surge & FBI Network Breach

A Qilin ransomware affiliate is actively exploiting a Check Point VPN zero-day with no patch in sight, as new data shows ransomware now drives 44% of all breaches. Plus: an FBI network breach attributed to China, a supply chain hit on Trivy and Bitwarden, nation-state attacks on European energy grids, and a ransomware shutdown at a US school district.
8 Jun 2026 · 4 min

Cisco SD-WAN Zero-Day Exploited, FBI Breach & Iran Hits Water Utilities

A critical Cisco SD-WAN vulnerability is being actively exploited with no patch in sight, while Chinese actors breach FBI surveillance data and Iran-linked hackers target U.S. water utilities. Today's briefing covers six major stories spanning zero-days, nation-state attacks, supply chain compromises, and the infostealer-to-ransomware pipeline.
7 Jun 2026 · 4 min

Miasma Worm Hits 73 Microsoft GitHub Repos via AI Coding Agents

A supply chain worm called Miasma compromised 73 Microsoft GitHub repositories without exploiting a single vulnerability — just stolen credentials and weaponised AI coding agents. This is the first documented case of malware using Claude Code, Gemini CLI, and VS Code as an execution trigger.
6 Jun 2026 · 4 min

Azure Cloud Vulns Surge 16%, Cisco SD-WAN Zero-Day & Silent Ransom Goes Physical

Critical Azure and Entra ID vulnerabilities surge 16% as attackers pivot to cloud identity infrastructure — while a Cisco SD-WAN zero-day with no patch is being actively exploited in the wild. Plus: Silent Ransom Group impersonates IT workers in offices, a SharePoint RCE patch drops, and India's CBSE portal survives a coordinated DDoS.
5 Jun 2026 · 5 min

VS Code OAuth Exploit, 76% Finance Ransomware Surge & DarkSword iPhone Kit

A researcher dropped a live VS Code OAuth token-theft exploit just one hour after private disclosure, signalling that responsible disclosure is breaking down. Plus: financial ransomware up 76%, the DarkSword iPhone watering-hole kit, and two Indian data exposures.
4 Jun 2026 · 5 min

DarkSword iPhone Kit, Apple's Record Patch Cycle & Finance Ransomware Surge

A complete iPhone exploit kit is live on compromised sites, Apple just issued its largest-ever patch release, and ransomware attacks on financial institutions surged 76% — all in the past 24 hours. Plus: the researcher disclosure crisis deepens as a second bug hunter goes public without warning.
3 Jun 2026 · 4 min

Microsoft Retracts Threat, BlueHammer Exploited & X.Org Nine Patches

Microsoft formally retracts its legal threat against security researchers as BlueHammer, a privilege escalation flaw in Microsoft Defender, lands on CISA's Known Exploited Vulnerabilities list with active intrusions confirmed. Plus nine critical X.Org patches and a White House AI security executive order.
2 Jun 2026 · 4 min

Netlogon & GlobalProtect Exploited, Andariel Hits Nuclear Sector | Ep 1

CVE-2026-41089 is being actively exploited against Windows domain controllers while Palo Alto GlobalProtect faces a simultaneous authentication bypass — two critical perimeter products under attack in the same window. Nation-state threats escalate as North Korea's Andariel targets the nuclear sector and China-aligned APTs surge across the Gulf.
31 May 2026 · 4 min

Criminal Threats vs. Researchers: Microsoft's Disclosure Crisis

Microsoft's Digital Crimes Unit threatened criminal prosecution against a security researcher for publishing zero-day exploit code — a move that could chill bug reporting industry-wide. Today's briefing unpacks the responsible disclosure debate and what it means for the future of vulnerability research.
30 May 2026 · 5 min

22-Second Ransomware, Carnival's 6M Breach & Nightmare Eclipse Escalates

A security researcher threatens to drop more weaponized Windows exploits on July 14, ransomware handoff times have collapsed to 22 seconds, and Carnival confirms a 6-million-person breach via social engineering. Today's briefing covers the stories every security team needs to track right now.
29 May 2026 · 5 min

Six Windows Zero-Days, Carnival's 6M Breach & Sandworm Hits NATO

Six Windows zero-days — three actively exploited — expose a coordinated disclosure breakdown between Microsoft and researcher Nightmare-Eclipse, while Carnival Corporation confirms a six-million-record breach and Sandworm deploys Rust-based wipers against NATO-linked infrastructure. Today's briefing covers the stories every security professional needs to know.
28 May 2026 · 5 min

GlassWorm Takedown, AI Zero-Day Confirmed & Starlette's Critical Flaw

CrowdStrike, Google, and Shadowserver dismantled GlassWorm's four-layer C2 infrastructure while Google confirmed the first real-world AI-discovered zero-day exploit. Plus: a critical host-header flaw in the Starlette framework threatens hundreds of millions of AI agent deployments.
27 May 2026 · 4 min

AI-Generated Zero-Day Confirmed & Defender Exploited in the Wild

The first confirmed AI-generated zero-day exploit hit 2FA infrastructure while three Microsoft Defender flaws moved from disclosure to active exploitation. Today's briefing covers nation-state Gemini abuse, a critical Starlette vulnerability, and breaches at 7-Eleven and Beacon Mutual.
26 May 2026 · 4 min

TrapDoor Supply Chain Attack & Cisco's New Disclosure Model

A live supply chain attack called TrapDoor is harvesting crypto wallets, SSH keys, and cloud credentials across npm, PyPI, and Crates.io — while Cisco quietly rewrites how it discloses vulnerabilities. Two stories, one shared pressure: AI is compressing the timeline for attackers and defenders alike.
25 May 2026 · 4 min

GitHub Poisoned at Scale: Megalodon, Laravel-Lang & YellowKey BitLocker

Researchers confirm infostealers as the direct entry point for Megalodon, a supply chain attack that poisoned 5,561 GitHub repositories in six hours. Plus: the Laravel-Lang credential stealer, Packagist's compromised Composer packages, npm's staged publishing rollout, and Microsoft's YellowKey BitLocker bypass mitigation.
24 May 2026 · 4 min

Extortion Without Encryption, Third-Party Breach Surge & Q-Day Risk

Ransomware gangs have abandoned encryption for silent data exfiltration — and third-party breaches have doubled to 30% in a single year. Today's briefing covers the tactics, the active Spanish enterprise campaign, AI-poisoned supply chains, and what defenders must reconfigure now.
23 May 2026 · 4 min

Three Microsoft Flaws, Drupal RCE & Iran Wiper Escalation | This Week's Threats

Three Microsoft vulnerabilities — including a Defender RCE — are under active exploitation this week, alongside a zero-auth Drupal PostgreSQL flaw and Iranian wiper attacks targeting critical infrastructure. Today's briefing covers the most urgent threats security teams need to act on right now.

Showing latest 30 of 45 episodes.