Best Cyber Security Week In Review Podcasts (2025)

1
Week in Review: Google and Cloudflare outages, Copilot Zero-Click, Cloudflare's Claude flair 25:20

3d ago25:20

25:20

Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GR…

1
2FA middleman, Archetyp seized, Zoomcar hacked 7:35

26m ago7:35

7:35

Beware the SMS 2FA middleman Police seize Archetyp Market Zoomcar hack impacts 8.4 million users Huge thanks to our sponsor, Adaptive Security As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing simulations featuring realistic personalized deepfakes and engaging security awareness training. Their new…

1
SPOTLIGHT: Expansion plans for the military aviation industry, with Babcock’s Duncan Milne and Pierre Basquin 27:33

3h ago27:33

27:33

In this episode of the Defence Connect Spotlight podcast, host Liam Garman is joined by Duncan Milne, managing director of aviation and critical services at Babcock Australasia, and Pierre Basquin, chief executive of aviation and CEO France at Babcock International Group, to discuss further expansion into the military aviation industry to meet cust…

1
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms 1:03:42

9h ago1:03:42

1:03:42

In this critical episode, we dive into the alarming exploitation of CVE-2024-57727, a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software actively leveraged by ransomware operators since early 2025. This isn't just a theoretical risk—it's already being used to compromise utility billing providers and downstream MSP customers…

1
TeamFiltration and Token Theft: The Cyber Campaign Microsoft Never Saw Coming 1:01:04

4h ago1:01:04

1:01:04

In this episode, we dissect UNK_SneakyStrike—a major account takeover campaign targeting Microsoft Entra ID users with precision and scale. Tracked by Proofpoint, this campaign began in December 2024 and has since escalated, leveraging TeamFiltration, a legitimate penetration testing tool, to enumerate users and launch password spraying attacks tha…

1
Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows 44:04

15h ago44:04

44:04

In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center stage with three high-severity vulnerabilities discovered in Tenable’s Nessus Agent for Windows. We break down CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633, which, when exploited, allow a n…

1
WestJet Cyberattack: Cracks in Aviation’s Digital Armor 25:52

18h ago25:52

25:52

A major cyberattack has rocked Canada's second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this is more than just a corporate incident. It’s the latest sign of a broader, escalating crisis in aviation cybersecurity. In this episode, we examine the WestJ…

1
Insider threats, migrating away from cloud, RSAC interviews with Cyera and Blumira - Yotam Segev, Matthew Warner, Rob Allen - ESW #411 1:19:04

22h ago1:19:04

1:19:04

Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry’s…

1
Insider threats, migrating away from cloud, RSAC interviews with Cyera and Blumira - Rob Allen, Matthew Warner, Yotam Segev - ESW #411 1:19:04

20h ago1:19:04

1:19:04

Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry’s…

1
Washington Post hacked, WestJet suffers cyberattack, Texas DoT breach 8:25

4h ago8:25

8:25

Washington Post investigates hacking incident on journalists’ emails Canadian airline WestJet is containing a cyberattack Crash records stolen from Texas DOT Huge thanks to our sponsor, Adaptive Security — OpenAI’s first cybersecurity investment As deepfake scams and GenAI phishing evolve, Adaptive equips security teams with AI-powered phishing sim…

1
CYBER UNCUT: Hacker furries, Global ransomware targets Aussie healthcare organisations, and cyber security for farmers 33:04

1d ago33:04

33:04

In this episode of the Cyber Uncut podcast, David Hollingworth and Daniel Croft talk about furry hacking collectives, a spree of ransomware attacks targeting Australian healthcare organisations, and good news for farmers. Hollingworth and Croft start their chat by catching up on a defacement campaign targeting a website administered by the US Depar…

1
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras 49:37

1d ago49:37

49:37

In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic of China—as a cyber weapon against U.S. critical infrastructure. Drawing from recent DHS intelligence briefings and independent cybersecurity analyse…

1
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists 1:10:32

1d ago1:10:32

1:10:32

In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a “responsible alternative” to the NSO Group’s Pegasus, Graphite is now implicated in the surveillance of journalists, humanitarian activists, and civil society figures—contrary to the ve…

1
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security 51:51

2d ago51:51

51:51

zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means for the future of supply chain security, and why investors are betting on open hardware to fix vulnerabilities baked into modern chips. We explore how geopolitical tension, forced labor en…

1
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions 34:42

3d ago34:42

34:42

The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports detailing a relentless rise in cyberattacks targeting banks and financial institutions across the globe. We examine the surge in sophisticated attacks that blend legitimate to…

1
$200,000 Zoom Call, Microsoft, Zero-Click, China & HD With $649 million of Bitcoin - SWN #485 28:38

3d ago28:38

28:38

This week we have, $200,000 Zoom Call, Microsoft Teams, INTERPOL, Zero-Click, Junk Food, China & Hard Drive With $649 million of Bitcoin. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-485

1
9.8 Severity and Counting: Inside Trend Micro’s Latest Security Emergency 32:08

4d ago32:08

32:08

In this episode, we break down Trend Micro’s urgent June 10th security update that patched ten high- and critical-severity vulnerabilities—some with CVSSv3.1 scores as high as 9.8—across Apex Central and Endpoint Encryption PolicyServer (TMEE). While no active exploitation has been observed, the risks are too severe to ignore. We spotlight the most…

1
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks 12:27

4d ago12:27

12:27

In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws in the wild. Recently, security researchers uncovered a trio of dangerous vulnerabilities, including CVE-2024-35286 (a SQL injection flaw), CVE-2024-41713 (an authentic…

1
The Info-Stealer Sting: A Deep Dive into INTERPOL's Operation Secure 14:39

4d ago14:39

14:39

Join us for a gripping discussion on "Operation Secure," a landmark international crackdown that reverberated through the dark corners of the cybercriminal world between January and April 2025. Led by INTERPOL and involving law enforcement from 26 countries, primarily across the Asia-Pacific region, this massive coordinated effort, bolstered by cri…

1
Microsoft Entra attack, Thursday’s Cloud outages, Mark Green retires 8:10

3d ago8:10

8:10

Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta.…

1
UEFI Vulnerabilities Galore - PSW #878 2:10:48

4d ago2:10:48

2:10:48

This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor namin…

1
PTR Ep 478 Prepper Game NIght When The Grid Goes Down 55:24

5d ago55:24

55:24

Support the show! https://preppertalkradio.com/goodlife Support the show, grab some merch! https://preppertalkradio.com/store Use Code PrepperTalk10 for 10% off https://www.survivalfrog.com/ Get Paris' Ebook https://pariscluff.com/preppertalkradio https://preppertalkradio.com/recommendations Click E1 App to download. Get your Patriot Packs 10% off …

1
CoPilot zero-click, Operation Secure, FIN6 targets recruiters 7:43

4d ago7:43

7:43

Zero-click data leak flaw in Copilot Operation Secure targets infostealer operations FIN6 targets recruiters Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening yo…

1
Direct from Australian Space Summit & Exhibition 2025, with Vasyl Myroshnychenko 23:36

5d ago23:36

23:36

In this Australian Space Summit & Exhibition 2025 episode of the Defence Connect Podcast, senior journalist Robert Dougherty is joined by ambassador of Ukraine to Australia, Vasyl Myroshnychenko. The pair discuss: Myroshnychenko’s perspectives on the ongoing conflict in Ukraine and critical support being provided by Australia to assist against Russ…

1
Tomcat Manager Attacks: 400 IPs in Coordinated Brute-Force Attack 34:49

6d ago34:49

34:49

On June 5, 2025, GreyNoise flagged a massive spike in coordinated brute-force login attempts targeting Apache Tomcat Manager interfaces. Nearly 400 unique IP addresses, many traced back to DigitalOcean infrastructure, were involved in a widespread and opportunistic campaign. In this episode, we dissect the attack pattern, what makes Apache Tomcat a…

1
TxDOT Data Leak: 423,391 Texans Exposed 44:32

6d ago44:32

44:32

On May 12, 2025, the Texas Department of Transportation (TxDOT) disclosed a significant data breach that compromised crash reports containing personal data of over 423,000 individuals. In this episode, we take a forensic look at what went wrong, how one compromised account enabled unauthorized downloads of sensitive crash data, and what this means …

1
Ghost Students and AI Scams: How Identity Theft is Gutting Financial Aid 43:49

6d ago43:49

43:49

What happens when hundreds of thousands of college applications are submitted—not by hopeful students, but by bots using stolen identities? In this episode, we dive deep into the alarming rise of financial aid fraud in U.S. higher education, driven by "ghost students" and increasingly sophisticated scams powered by AI. From fraud rings applying for…

1
Security Money: The Index is Up, CISOs Need to Get Out, and Are You Burning Out? - BSW #399 56:27

5d ago56:27

56:27

This week, it’s time for security money. The index is up, but the previous quarterly results were brutal. In the leadership and communications segment, Get out of the audit committee: Why CISOs need dedicated board time, Quietly Burning Out? What To Do When Your Leadership Starts Lacking, How to rethink leadership to energize disengaged employees, …

1
40K IoT cameras stream secrets to browsers, Marks & Spencer taking online orders post-cyberattack, PoC Code escalates Roundcube Vuln threat 8:04

5d ago8:04

8:04

CISA, Microsoft warn of Windows zero-day used in attack on ‘major’ Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more effic…

1
Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more... - SWN #484 32:23

6d ago32:23

32:23

Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-484

1
Inside the React Native NPM Supply Chain Breach: 16 Packages, 1 Million+ Downloads, and a RAT in the Code 41:15

7d ago41:15

41:15

In this episode, we break down the massive supply chain attack that rocked the React Native ecosystem beginning on June 6, 2025. Over 16 NPM packages, collectively downloaded over one million times per week, were silently weaponized with a Remote Access Trojan (RAT) embedded in obfuscated code. The attack, linked to the same threat actor behind the…

1
Mirai Strikes Again: Spring4Shell, Wazuh, and TBK DVRs Exploited in Live Campaigns 43:52

7d ago43:52

43:52

In this episode, we dive into the latest wave of active Mirai botnet campaigns exploiting high-severity remote code execution (RCE) vulnerabilities in critical enterprise and IoT systems. The Mirai malware—still evolving nearly a decade after its first appearance—has adapted its tactics to weaponize recent CVEs with CVSS scores of 9.8 and 9.9, impa…

1
UNFI Breach: How One Cyberattack Shook the North American Food Supply 36:53

7d ago36:53

36:53

On June 5, 2025, United Natural Foods Inc. (UNFI)—North America's largest publicly traded wholesale food distributor and primary supplier for Whole Foods—was struck by a major cyberattack that forced the company to shut down key IT systems. The result: widespread delivery disruptions to over 30,000 locations across the U.S. and Canada, eerily empty…

1
PTR Ep 477 Prepper Skills You Must Have To Survive! 48:17

7d ago48:17

48:17

Support the show! https://preppertalkradio.com/goodlife Support the show, grab some merch! https://preppertalkradio.com/store Use Code PrepperTalk10 for 10% off https://www.survivalfrog.com/ Get Paris' Ebook https://pariscluff.com/preppertalkradio https://preppertalkradio.com/recommendations Click E1 App to download. Get your Patriot Packs 10% off …

1
Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334 1:09:09

6d ago1:09:09

1:09:09

CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements o…

1
Cybersecurity News: Brute forcing Google accounts, Guardian's Secure Messaging, UNFI cyberattack 8:13

7d ago8:13

8:13

Brute forcing phone numbers linked to Google accounts The Guardian launches Secure Messaging service United Natural Foods hit by cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. ea…

1
SPOTLIGHT: Managing dislocated design teams in a defence environment, with Stantec’s Tony Rogers and Louisa Bloomer 31:01

7d ago31:01

31:01

In this episode of the Defence Connect Spotlight podcast, host Liam Garman is joined by Tony Rogers, market leader - defence, and Louisa Bloomer, director of digital technology (Asia-Pacific) at Stantec, to discuss the complexities of managing dislocated design teams in classified defence settings. The conversation begins with a deep dive into data…

1
The enterprise security news, more secure by removing credentials, & RSAC interviews - Marty Momdjian, Amit Saha, Dr. Tina Srivastava - ESW #410 1:38:02

8d ago1:38:02

1:38:02

Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, Acquisitions potential IPOs Terminator Salvation in real life First $1B one-employee business? Mikko puts in his notice Pitch Black in real life, and more! Segment 2 - Interview with Dr. Tina Srivastava The #1 cause of data breaches is stolen credentials. …

1
The enterprise security news, more secure by removing credentials, & RSAC interviews - Marty Momdjian, Amit Saha, Dr. Tina Srivastava - ESW #410 1:38:02

8d ago1:38:02

1:38:02

Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, Acquisitions potential IPOs Terminator Salvation in real life First $1B one-employee business? Mikko puts in his notice Pitch Black in real life, and more! Segment 2 - Interview with Dr. Tina Srivastava The #1 cause of data breaches is stolen credentials. …

1
Cyber executive order, Neuberger’s infrastructure warning, Mirai botnet warning 8:42

8d ago8:42

8:42

Presidential cyber executive order signed Neuberger warns of U.S. infrastructure’s cyberattack weakness Mirai botnet infects TBK DVR devices Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. ea…

1
CYBER UNCUT: Military artificial intelligence, Ukraine hacks Russia, local hacks surge, and the name game 39:43

8d ago39:43

39:43

In this episode of the Cyber Uncut podcast, David Hollingworth and Daniel Croft are joined by special guest Robert Dougherty of Defence Connect to talk about a Ukrainian hacking operation, ransomware attacks on Australian companies surge after a quiet spot, and a popular hacking forum returns. Hollingworth and Croft kick things off with Dougherty a…

1
Malware-as-Code: The Rise of DaaS on GitHub and the Collapse of Open-Source Trust 39:46

10d ago39:46

39:46

In this episode, we dissect one of the most sophisticated ongoing cybercrime trends—malware campaigns weaponizing GitHub repositories to compromise developers, gamers, and even rival hackers. By abusing GitHub’s search functionality and reputation signals, threat actors are pushing backdoored code under the guise of popular tools, game cheats, and …

1
Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More... - SWN #483 34:00

10d ago34:00

34:00

Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-483

1
Week in Review: Senators’ CSRB bid, Deepfakes dodge detection, Microsoft-CrowdStrike collaboration 27:43

10d ago27:43

27:43

Link to episode page This week’s Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Rusty Waldron, chief business security officer, ADP Thanks to our show sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don’t have time for are close beh…

1
Kettering data published, Reddit sues Anthropic, North Face breached 7:27

11d ago7:27

7:27

Stolen Kettering Health data published Reddit sues Anthropic for scraping North Face website customer accounts breached Huge thanks to our sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don’t have time for are close behind. What are you going to do? Here’s a better q…

1
ClickFix: How Fake Browser Errors Became the Internet’s Most Dangerous Trap 47:15

11d ago47:15

47:15

In this episode, we dive deep into ClickFix, also tracked as ClearFix or ClearFake—a highly effective and deceptive malware delivery tactic that emerged in early 2024. ClickFix exploits the human tendency to trust browser prompts by using fake error messages, CAPTCHA pages, and verification requests to convince users to execute malicious PowerShell…

1
Updating & Protecting Linux Systems - PSW #877 1:05:23

11d ago1:05:23

1:05:23

Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems *…

1
Exposed and Extorted: The ViLE Hackers and the Legal Gaps Enabling Doxing 47:31

12d ago47:31

47:31

Cybercrime is rapidly evolving—and so are its tactics. In this episode, we dissect the findings of SoSafe’s Cybercrime Trends 2025 report and explore the six key trends reshaping the global threat landscape, including AI as an attack surface, multichannel intrusions, and the rising exploitation of personal identities. But we don’t stop at theory. W…

Podcasts Worth a Listen

Cyber Security Week In Review Podcasts

Podcasts Worth a Listen

Quick Reference Guide