Cybersecurity Today: New Threats from AI and Code Extensions

In today's episode, host Jim Love discusses the discovery of the 'Glass Worm,' a self-spreading malware hidden in Visual Studio Code extensions downloaded over 35,000 times. The worm, hiding its malicious JavaScript in invisible unicode characters, steals developer credentials and drains crypto wallets. He also covers the security flaws in AI-powered IDEs like Cursor and Windsurf, leaving 1.8 million developers vulnerable. Lastly, a new survey from ISACA reveals that AI-driven attacks are now the top cybersecurity concern for 2026, overtaking ransomware and insider threats. Love advises how developers and security teams can mitigate these threats. 00:00 Introduction and Shoutout 01:10 Cybersecurity Headlines 01:46 Glass Worm Malware in Visual Studio Code 04:06 AI-Powered IDEs with Security Flaws 06:00 AI-Driven Cybersecurity Threats 07:50 Conclusion and Contact Information

In this episode of Cybersecurity Today, your host Jim Love discusses Microsoft’s latest findings on how ransomware and extortion account for over half of all cyber attacks globally, highlighting the shift toward financially driven crimes. Learn about the breach at the Kansas City National Security Campus due to a SharePoint vulnerability and how Anthropic's new open-source sandbox aims to make AI coding safer. Additionally, discover how AI tools can help spot scams as Jim shares his personal experience and practical tips. Stay informed on the latest cybersecurity trends and essential defense strategies. 00:00 Introduction and Headlines 00:26 Ransomware Dominates Cyber Attacks 02:12 Nuclear Facility Breach via SharePoint Flaw 04:27 Anthropic's AI Code Sandbox 06:01 Using AI to Spot Scams 07:27 Conclusion and Viewer Engagement

In this episode of Cybersecurity Today, host David Shipley covers the latest developments in cyber threats and law enforcement victories. Topics include: cybercriminals using TikTok videos to disseminate malware through click-fix attacks, Europol shutting down a massive SIM farm powering 49 million fake online accounts, and Microsoft's emergency patch release for a critical ASP.NET Core vulnerability rated 9.9 in severity. The episode also highlights community efforts in raising cybersecurity awareness. 00:00 Introduction and Headlines 00:23 TikTok Malware Campaign 03:43 Europol's Major SIM Farm Bust 07:45 Microsoft's Critical ASP.NET Core Vulnerability 11:55 Community Shoutouts and Conclusion

In this episode, Jim Love interviews David Décary-Hétu, a criminologist at the Universite´de Montréal, discussing the dark web and its impact on criminal activity and cybersecurity. They delve into what the dark web is, how it operates, its primary users, and its role in cybercrime. They also explore the dynamics of online criminal networks, challenges faced by law enforcement, and the surprising aspects of online illicit activities. The importance of monitoring online conversations and understanding cyber threats is emphasized, with insights into the use of cryptocurrencies and the evolution of cybercrime tactics. 00:00 Introduction to Cybercrime and the Dark Web 00:45 Meet David Décary-Hétu: Criminology Researcher and Dark Web Expert 01:06 Understanding the Basics of the Dark Web 05:34 The Technology Behind the Dark Web 20:40 Law Enforcement Challenges and Trust Building 26:03 Cultural Differences in Hacking Communities 26:28 Training Police Officers vs. Research Approaches 26:40 Impact of Technology on Crime 28:09 International Networks and Language Barriers 30:26 Law Enforcement Strategies and Challenges 38:46 The Role of Cryptocurrency in Cybercrime 40:31 Legal and Ethical Considerations in Cybersecurity 42:55 Advice for Policymakers and Corporations 47:48 Educational Resources and Conferences 50:06 Conclusion and Final Thoughts

This episode of Cybersecurity Today, hosted by Jim Love, covers several critical topics in the realm of cybersecurity. Researchers found that unencrypted data from satellites is accessible with cheap equipment, leading to potential eavesdropping on sensitive information worldwide. A new botnet campaign is aggressively scanning for unsecured RDP services, posing a significant threat of ransomware and data theft. Canadian Tire Corporation experienced a data breach affecting customer information. An Android vulnerability allows hackers to steal two-factor authentication codes, prompting discussions on the need for faster security patch rollouts. Lastly, two brothers on trial for a $25 million crypto heist argue that their actions are legal within the blockchain's rules, raising questions about the future of crypto regulation. 00:00 Introduction to Cybersecurity News 00:26 Eavesdropping on Satellite Data 02:02 Massive Botnet Targeting RDP Services 03:58 Canadian Tire Data Breach 05:40 Android Vulnerability: Pick Napping 08:09 Crypto Heist: The Perra Bueno Brothers 10:06 Conclusion and Sign Off

In this episode of Cybersecurity Today, host David Shipley discusses several major events, including the FBI's takedown of the Breach Forums portal. This site was associated with a significant Salesforce data breach and extortion campaign led by groups like Shiny Hunters and Scattered Lapses Hunters. Oracle users are also warned about a new critical vulnerability in the E-Business Suite, which could allow unauthorized data access without requiring login credentials. Additionally, the resurgence of the Asuru botnet, leveraging compromised IoT devices to execute large-scale DDoS attacks, raises concerns. The episode emphasizes the need for immediate patching and robust security measures by organizations and consumers alike. A positive note highlights a cybersecurity awareness initiative by the Indiana Toll Road. 00:00 FBI Takes Down Breach Forums 03:42 Oracle E-Business Suite Vulnerability 07:39 Massive Botnet Threatening US Networks 11:04 Community Cybersecurity Awareness 11:47 Conclusion and Sign-Off

In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience. They discuss the evolution and significance of the vCISO role, Taylor's career path, and the founding of his company, Cyber Hoot, which provides cybersecurity education and vCISO services. Taylor shares insights into why companies, especially SMBs, opt for vCISO services due to budget constraints and the scarcity of cybersecurity professionals. He also talks about the common challenges faced by vCISOs, such as managing burnout and ensuring client adherence to security recommendations. The conversation delves into the importance of cybersecurity culture, the need for effective education, and the integration of cybersecurity in business practices. Taylor offers practical advice on hiring the right vCISO and highlights the benefits his company provides. The episode concludes with a discussion on the psychology behind successful cybersecurity practices and Taylor's thoughts on the future of the industry. 00:00 Introduction to Cybersecurity Today 00:04 Meet Craig Taylor: The Virtual CISO 00:47 The Early Days of Virtual CISOs 02:15 Building a Cybersecurity Company 03:40 The Rise of Virtual CISO Services 05:01 Challenges and Realities of Cybersecurity 06:42 The Importance of Cyber Literacy 20:38 Managing Cybersecurity Risks 28:05 Understanding Administrative Risks in Onboarding and Offboarding 28:39 Challenges with MSPs and Cybersecurity 29:27 The Importance of Basic Security Measures 31:52 Dealing with Technology Debt 32:52 Balancing Budget and Security Needs 35:13 Real-Life Cybersecurity Incidents 40:17 The Role of Education in Cybersecurity 46:12 Hiring the Right VCISO 51:33 Conclusion and Final Thoughts

Cybersecurity Today: Teenage Ransomware Arrests, GoAnywhere Critical Flaw, and Google AI Vulnerability In this episode of Cybersecurity Today, hosted by Jim Love, two teenagers were arrested in London for a ransomware attack on Kiddo International preschools, involving child data extortion. The show discusses a critical vulnerability in GoAnywhere MFT servers actively exploited by ransomware operators, emphasizing the need for immediate patching. It also highlights an urgent warning from CSA about a 2021 Windows flaw now under active attack. Additionally, researchers have found a new method to exploit Google's Gemini AI through invisible unicode characters, with Google declining to patch the issue. The episode concludes with security recommendations and a note on the show's upcoming special weekend edition for Canadian Thanksgiving. 00:00 Introduction and Headlines 00:28 Teenagers Arrested for Preschool Ransomware Attack 01:57 Critical Vulnerability in Go Anywhere MFT Servers 03:21 Urgent Alert for 2021 Windows Flaw 04:32 Google Gemini AI's Invisible Prompt Flaw 06:16 Conclusion and Sign-Off

North Korean Hackers Target Crypto Wealth, LinkedIn Fights Data Scraping, and AI Tools Leak Corporate Data In this episode of Cybersecurity Today, host Jim Love covers the latest cybersecurity headlines including North Korean hackers targeting wealthy crypto investors, LinkedIn suing a firm for creating fake accounts to scrape user data, a massive ransomware campaign by the CIOp gang targeting Oracle’s E-Business Suite, and new research highlighting AI tools as the top channel for corporate data leaks. Listen in for insights and key takeaways to protect your digital assets and corporate data. 00:00 North Korean Hackers Target Wealthy Crypto Holders 02:09 LinkedIn Sues Over 1 Million Fake Accounts 03:46 Ransomware Attack on Oracle's E-Business Suite 05:42 AI Tools: The New Channel for Corporate Data Leaks 07:53 Conclusion and Contact Information

AI Browsers Turn Rogue, Discord Data Breach, and Surge in Palo Alto Scans In this episode of Cybersecurity Today, host David Shipley discusses several significant cybersecurity concerns. Firstly, researchers at Layer X have uncovered a flaw in the Perplexity Comet AI browser that allows malicious prompts to turn the browser into a data thief with just a single click. Additionally, Discord has disclosed a data breach affecting users' personal information due to a third-party customer service provider compromise. Cybersecurity researchers have also reported a massive surge in scans targeting Palo Alto Network's login portals, suggesting potential reconnaissance for future attacks. Finally, the US Department of Defense has opted to reduce its mandatory cybersecurity training to allow military personnel to focus on their core missions, a move that has raised concerns given the intertwined nature of cyber and kinetic warfare. 00:00 Introduction and Headlines 00:32 AI Browser Security Flaw: Comet Jacking 03:11 Discord Data Breach: What Happened? 05:59 Surge in Scans Targeting Palo Alto Devices 08:07 US Department of Defense Cuts Cybersecurity Training 10:23 Conclusion and Viewer Engagement