Netlogon & GlobalProtect Exploited, Andariel Hits Nuclear Sector | Ep 1

Netlogon RCE Active Exploitation

CVE-2026-41089 is being actively exploited in the wild, and if your organization runs Windows domain controllers, that's the only thing that matters right now. The vulnerability is a critical buffer overflow in the Windows Netlogon protocol.

Listen now →

Palo Alto GlobalProtect VPN Bypass

Alongside that, Palo Alto's GlobalProtect VPN is under active exploitation through CVE-2026-0257, an authentication bypass affecting remote access infrastructure. The pattern here is consistent: critical flaw disclosed, patch released, exploitation begins within days.

Listen now →

China-Aligned APT Gulf Espionage

Moving to the nation-state picture. A new threat intelligence report covering recent APT activity highlights a significant surge in China-aligned operations targeting the Gulf region and parts of Asia.

Listen now →

Andariel Targets Nuclear Sector

North Korea's Andariel group has been linked to an attack against a company operating in the nuclear power sector. The activity spans a monitoring period from October twenty twenty-five through March twenty twenty-six.

Listen now →

Iran Groups Escalate Against Israel

Iran-aligned actors have continued destructive and espionage campaigns against Israeli organizations, with device manufacturers appearing in the targeting list alongside traditional government and critical infrastructure targets. Destructive tooling combined with hardware-level targeting suggests escalation beyond data collection.

Listen now →

Microsoft Threatens Security Researcher

The disclosure story that's drawn the sharpest reaction involves Microsoft's Digital Crimes Unit publicly threatening criminal prosecution against a security researcher who published unpatched bugs and proof-of-concept exploit code. Microsoft frames this as protecting users.

Listen now →