Polymorphic Extensions

This week, we discuss a recent cascading supply chain attack involving multiple Github actions workflows that nearly succeeded in compromising a popular Coinbase application. Before that, we discuss a novel way to download malware onto an endpoint by abusing a web browser's caching feature. Additionally, we cover an FBI alert on file converter malware scams.

This week on the podcast, we discuss a research post by SquareX that invents a new way to impersonate any extension installed on a victim's web browser. Before that, we cover the latest supply chain attack attempts from Lazarus, as well as a malvertising campaign that managed to infect 1 million endpoints.

This week on the podcast, we discuss a recent update from Microsoft's Threat Intelligence Center describing the latest tactics from Silk Typhoon, a Chinese nation state threat actor focusing in espionage. Before that, we cover the recent 0day vulnerabilities in VMware ESXi, Workstation and Fusion. We also analyze a report by S-RM on an Akira ransomware attack that leveraged IoT devices to hide from EDR tools.

This week on the podcast, we cover the largest cryptocurrency heist ever (for now). Before that, we cover Apple's decision to disable Advanced Data Protection (ADP) for its UK customers. We end the episode with a review of Wiz's State of Code Security report for 2025.

This week on the podcast, we cover a video game that delivered malware through the Steam marketplace before diving into an analysis of a recent Palo Alto authentication bypass vulnerability. We end the podcast by covering the recent activity from the Department of Government Efficiency (DOGE) and the security impact to US federal agencies.

This week on the podcast, we cover a recent report that highlights a drop in ransomware payments in 2024. After that, we discuss a recent attack targeting ASP.NET web servers before ending with a report on sensitive data leakage caused by AI model use.

This week on the podcast, we discuss the Common Vulnerability Scoring System or CVSS and why one popular developer thinks its completely broken. After that, we cover Lumen's Black Lotus Labs' research into a Juniper backdoor malware. We end with the latest car hacking research and an admin portal with possibly the worst MFA implementation ever.

This week on the podcast, we cover security researcher Eaton Zveare's recent blog post on a trove of vulnerabilities they found in McDonalds India's McDelivery web application. Before that, we give an update on Salt Typhoon's latest US government victim and discus an attack involving hijacked Google Chrome extensions.

This week on the podcast, we dive in to the WatchGuard Threat Lab's 2025 security predictions. We'll cover each of the predictions and explain the trends that drove us to making them for the coming year.

This week on the podcast, we cover the first ever UEFI bootkit targeting Linux systems and what it means for evasive malware. After that, we give an update on whats being called "the worst telecom hack in US history" before ending with our analysis of a research post showing the latest phishing evasion techniques for malicious office documents.