The Mandos Brief gives you a quick, 3-minute rundown of the week's top cybersecurity updates. It's your go-to source for staying informed and cyber-aware, fast.
Week 15: State-sponsored attackers exploit Palo Alto Networks zero-day, cybercrime group uses AI-generated scripts to load malware, CISOs face burnout, and the importance of mentorship.
Week 14: Severe HTTP/2 vulnerabilities enable DoS attacks, new Latrodectus malware emerges, and the US Cyber Safety Board reports on a preventable Microsoft Exchange breach.
Week 13: UK's NHS suffers ransomware attack, critical backdoor found in XZ Utils, and PyPI suspends new projects after malicious package uploads.
Week 12: Hackers win $1.13M at Pwn2Own, critical Apple M-chip vulnerability exposed, and 19 million plaintext passwords leaked from Firebase.
Week 11: ChatGPT plugin vulnerabilities exposed, Roku suffers a credential stuffing breach impacting 15,000, and Tor Project unveils WebTunnel.
Google AI trade secrets theft, Microsoft source code breach, Apple zero-days, QNAP vulnerabilities, RA World ransomware targeting healthcare and finance.
Ad fraud campaign using 8k+ domains, Lazarus Group's Windows zero-day exploit, and Russian hackers' Ubiquiti routers hijack.
US pharmacies hit by nation-state cyberattack, Apple Shortcuts vulnerability, Microsoft's PyRIT for AI security, SSH-Snake exploited, LockBit disrupted.
Week's focus: iOS Trojan GoldPickaxe targeting APAC, Akira ransomware exploits Cisco vulnerability. Plus, Exchange Server risk and state-sponsored attacks.