Restrictions on US Frontier AI models
US Loosens Anthropic Claude Mythos Access, Unpatchable iPhone Exploit Emerges, and CISO Burnout Drives Fractional Shift
Malware that gaslights AI
Mac Malware Gaslights AI, Major Info-Stealer Takedown, OpenAI’s Patch the Planet, and FortiBleed Fallout.
Beauceron CEO David Shipley dives into these stories and more in this episode of Cybersecurity Today.
Fortibleed: Fortinet says it’s not a bug
In the latest Cybersecurity Today episode, host David Shipley talks about Fortibleed. Plus a healthcare AI firm loses 1.4 million people's data to a single phishing email, a trading bot built to prey on others gets played for $15 million, and LastPass lands back on a breach list it didn't cause.
Stolen OAuth Tokens Hit Security Firms, AryStinger Router Botnet Emerges, AI Deepfake Cyberstalking
In the latest Cybersecurity Today episode, host David Shipley talks about a reach at market intelligence platform Klue allowed attackers to steal OAuth tokens linking Clue to customers’ Salesforce environments, enabling quiet API-driven data extraction from firms including Huntress, Recorded Future, Tanium, and Jamf.
AI Worms, Hacks, and Insurance Shifts
In the latest Cybersecurity Today episode, host David Shipley delves into the Instagram AI support hack, the ‘Hades’ AI worm, and a critical Chrome patch.
Notorious Hacker Group "The Comm," Operation Synergia Takedown, Stryker Cyberattack Update & More
Beauceron CEO David Shipley talks about Notorious Hacker Group "The Comm," Operation Synergia Takedown, Stryker Cyberattack Update & More
Fake Claude Code Installs, Arpa Phishing, Iranian and Russian Teams Mount Cyber Retaliation
Beauceron CEO David Shipley talks about Fake Claude Code Installs, Arpa Phishing, Zombie ZIP Malware Evasion, and Iran/Israel Cyber Retaliation.
Coruna iOS Exploit Kit Goes Mass-Market
Beauceron CEO David Shipley talks about Coruna iOS exploit kit going mass-market, FBI probes breach of wiretap system, New Windows Terminal ClickFix attack, and Iran War cyber escalation
AI-powered modern warfare
Beauceron CEO David Shipley talks about AI-Driven Warfare, Open-Source Attack Tooling, CISA Leadership Shakeups, Healthcare Ransomware, and GPS Jamming Risks
Amazon Kiro Prod Disruption, Claude Code Security, Salt Typhoon Warning, and Youth Radicalization
Beauceron CEO David Shipley talks about a Russian-speaking hacker leveraging AI automation to breach over 600 Fortinet FortiGate firewalls in 55 countries, an Amazon Kiro AI coding tool incident that caused a 13-hour AWS service disruption, and the launch of Anthropic’s AI-powered Claude Code Security tool for identifying software vulnerabilities.
He also discusses the FBI’s warning about China’s Salt Typhoon threat, which has targeted unpatched systems in over 80 countries, as well as the growing concern over youth radicalization in Canada, including the role of Big Tech including social media and AI tools.
Beyond Trust RCE and Click Fix attacks evolve
Beauceron CEO David Shipley covers an actively exploited BeyondTrust remote access vulnerability that enables pre-authentication remote code execution. David also dives into Microsoft’s warning about the evolution of the ClickFix social engineering technique and a new malware campaign targeting developers with fake coding tests designed to infect their systems.
OpenClaw partners with VirusTotal, violent home invasion tied to cryptocurrency and terrorism peace bond after youth radicalization in Canada
Beauceron CEO David Shipley covers Google's disruption of the massive residential proxy network IP Idea, the hijacking vulnerability of AI agent platform OpenClaw, and attackers abusing single sign-on platforms. He also delves into the coordinated cyber attack on Poland's energy sector by Russian state-linked actors and the misuse of eScan antivirus updates to deliver malware.
Google's Proxy Network Takedown, AI Agent Hijack and attack on Poland’s Energy Grid
Beauceron CEO David Shipley covers Google's disruption of the massive residential proxy network IP Idea, the hijacking vulnerability of AI agent platform OpenClaw, and attackers abusing single sign-on platforms. He also delves into the coordinated cyber attack on Poland's energy sector by Russian state-linked actors and the misuse of eScan antivirus updates to deliver malware.
Wiz finds massive AWS vulnerability and more Fortinet Zero Days cause headaches
Beauceron CEO David Shipley covers the continued exploitation of Fortinet flaws despite recent patches, Windows 11 systems failing to boot after January updates, a thwarted cyber attack on Poland's energy sector by the Sandworm group, a sophisticated phishing campaign targeting the energy sector, and a critical AWS vulnerability that posed a significant risk to cloud security globally.
Cisco and Fortinet security issues and AI coding experiment reveals unexpected behavior
Beauceron CEO David Shipley covers critical vulnerabilities in Cisco’s Async and Fortinet’s FortiSiem platforms, spear-phishing campaign uses US attack on Venezuela in lure and changes to an LLM to study bad code creation sends it off the rails in other, unexpected ways.
FBI Warns of QR Code Phishing & Europol's Major Cybercrime Crackdown
Beauceron CEO David Shipley covers the FBI's warning about North Korean state-sponsored QR code phishing campaigns targeting U.S. organizations. Additionally, he discusses Europol's arrest of 34 individuals in Spain tied to an infamous crime syndicate and the uncertainty surrounding CISA's pre-ransomware notification initiative after the departure of its lead staffer.
Venezuela attack may have involved cyber: US gov’t
Beauceron CEO David Shipley covers hints by President Donald Trump regarding the use of cyber tactics in a U.S. operation that resulted in a power outage in Venezuela. The episode also delves into the April 2025 data breach at Nova Scotia Power. Lastly, it updates listeners on the Trust Wallet compromise linked to the SHA1-Hulud supply chain attack.
MongoDB vulnerability drops on Christmas Day
Beauceron CEO David Shipley covers the 'Mongo Bleed' vulnerability in MongoDB that was disclosed and then publicly exploited on Christmas Day, leading to potential data leaks. Ubisoft's Rainbow Six Siege faced a breach enabling attackers to manipulate in-game functions and distribute billions worth of in-game currency for free. Trust Wallet's browser extension was compromised, resulting in a loss of approximately $7 million in cryptocurrency. Finally, a phishing scam using a legitimate GrubHub subdomain to promise fake Bitcoin rewards was also discussed.
Major phishing service platform bust
Beauceron CEO David Shipley talks about how Nigerian police arrested three suspects linked to a Microsoft 365 phishing platform known as Raccoon O365. U.S. prosecutors charged 54 individuals in an ATM malware scheme tied to a Venezuelan criminal organization. Two incident responders pleaded guilty to conducting ransomware attacks while employed to help victims of such attacks. Denmark officially blames Russia for a cyber attack on a water utility, exacerbating geopolitical tensions
Season’s Breaching
Beauceron CEO David Shipley covers warning for Cisco customers about a zero-day flaw in the Async OS affecting email security infrastructure, attributed to an advanced persistent threat from China. Additionally, French authorities have arrested a Latvian national for attempting to install remote control malware on an Italian ferry, highlighting significant physical and geopolitical cyber risks. Lastly, the ClOP ransomware gang is actively targeting Gladinet Center Stack file servers in an ongoing data theft and extortion campaign.