Now Playing
Three Microsoft Flaws, Drupal RCE & Iran Wiper Escalation | This Week's Threats
Audio is available on Spreaker — see link below.
Three Microsoft vulnerabilities — including a Defender RCE — are under active exploitation this week, alongside a zero-auth Drupal PostgreSQL flaw and Iranian wiper attacks targeting critical infrastructure. Today's briefing covers the most urgent threats security teams need to act on right now.
Audio is available on Spreaker — see link below.
Three vulnerabilities in Microsoft Defender are under active exploitation right now. That's the lead.
The Microsoft story gets broader. A cross-site scripting flaw in on-premise Exchange Server, CVE-2026-42897, is now confirmed actively exploited.
Shifting to web infrastructure. Drupal released an emergency patch for CVE-2026-9082, a SQL injection flaw in the PostgreSQL database layer.
Four vulnerabilities from two thousand eight to two thousand ten just got added to the CISA Known Exploited Vulnerabilities catalog. Internet Explorer remote code execution.
On the geopolitical side, the shift from data theft to destructive operations is accelerating. The Iranian-linked Handala group claims a wiper attack against Stryker, the medical device manufacturer, asserting fifty terabytes of data stolen and operational disruption across seventy-nine countries.
Separately, the ShinyHunters gang claimed a one petabyte breach of Telus Digital, the Canadian business process outsourcer, with extortion demands of sixty-five million dollars. The scale of that claimed exfiltration is notable.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.