🎙️ Good Morning Security Gang!
This week on the CyberHub Podcast, we dove deep into the breaches, backdoors, botnets, and big wins of the cybersecurity world. From luxury fashion hacks to AI discovering zero-days, from fake journalists to federal fraud fines, it’s been a week of harsh lessons and some hopeful wins. I’m James Azar, and here’s your no-fluff, straight-up digest of what went down in cybersecurity this week.

💥 Top Incidents & Breaches

• Belk Hit by DragonForce: Ransomware exposed SSNs and PII. One-year identity theft protection feels like a Band-Aid on a bullet wound.

• Louis Vuitton Breach: Multi-country customer data exposure with a month-long attacker dwell time. No financials leaked — for now.

• McHire Chatbot Breach: Login creds were literally “123456.” Sixty-four million applicant chats exposed. Can’t make this up.

• GMX Crypto Breach: $42M stolen and returned — attacker walks with $5M bounty. A legal gray area wrapped in a crypto flex.

• Wing FTP 0-Day: Used by critical systems like the Air Force and Reuters — it’s being actively exploited. Patch deadline: Aug 4.

• Train Brake CVE: A 13-year-old unpatched flaw could trigger remote train braking. Not fiction, just infrastructure neglect.

• Co-op UK Breach: 6.5M member records gone. Shelves were literally empty. A ransomware punch across the grocery, funeral, and insurance sectors.

• United Natural Foods: A June cyberattack is costing them nearly $400M in net sales. If that doesn’t spark a board conversation, nothing will.

🧠 AI & Nation-State Moves

• Google’s Big Sleep AI: Flagged a zero-day in SQLite before threat actors could. AI finally earned its badge.

• Volt Typhoon (China): Their attack on U.S. critical infrastructure failed — but only because defenders were paying attention. Intent remains crystal clear.

• Salt Typhoon Breaches National Guard: CVEs from 2018 let China sit inside the Guard’s systems for 9 months. Not great.

• Meta Faces $8B Lawsuit: Shareholders say Zuck & co ignored risk disclosure duties. Privacy sins don’t expire.

🛡️ Infrastructure & Vendor Warnings

• Cisco & Fortinet: New 10.0 CVEs in ISE and FortiWeb. Patch now or get enlisted into someone’s botnet army.

• Oracle Patch Spree: 309 patches, 127 remotely exploitable. If you run Oracle, your weekend just got busy.

• Cloudflare DNS Outage: Not an attack, just human error. Reminder: redundancy is key. Incompetence is a threat vector.

  “Never underestimate incompetence. Conspiracy's fun… but incompetence is significant, folks.” — James Azar on the Cloudflare outage

• Australia Adopts OT Standard: IEC 62443 is now official. G'day to long-overdue ICS protection down under.

🕵️‍♂️ Threat Actor Updates

• Russia’s Fake Journalist Ops: Storm-1516 mimics journalists to spread disinfo. The headlines are fake, but the influence is real.

• North Korea’s NPM Malware: 17,000+ devs downloaded poisoned packages. DevSecOps hygiene is mission-critical.

• Kyber Phantom AT&T Hack: Former soldier hacked telecoms and leaked presidential call logs. Moral of the story: secure your Snowflake instances.

• UNC-6148 Targets SonicWall: New malware, long campaign. Attribution unclear — but effects are brutal.

🚨 Enforcement & Legislation

• Hill Associates Fined $14.75M: Lied about their cyber capabilities on federal contracts. DOJ came knocking.

• Cambodia Arrests 1,000 Cybercriminals: Five provinces, 1,000 arrests. Cybercrime enforcement can work — with the right push.

• Senate Intel Committee Pushes Minimum Security Standards: Telecom and intelligence sectors finally getting mandated hygiene.

Share

✅ Action List for Security Teams

• Patch Wing FTP and Chrome zero-days (CVE-2025-47812, CVE-2025-6558)

• Audit access on chatbots and AI summarizers — IDOR and prompt injection risks are real

• Review legacy OT systems and patch long-lived CVEs (looking at you, rail)

• Lock down NAS devices — even ransomware gangs know they’re easy targets

• Train your teams on phishing techniques using job scams and fake journalists

• Push for board alignment — use United Foods & Co-op incidents as ammo

• Segment edge devices (Cisco, Palo Alto) and validate MFA everywhere

🧠 James Azar’s CISO Take

On Legacy Neglect & AI Momentum
This week felt like a constant reminder that we're living in a house with cracked foundations, and yet somehow celebrating when the roof holds. Legacy systems like unpatched train protocols and chatbots with laughable passwords are proof that technical debt is no longer theoretical — it’s operational risk. But amidst all that noise, Google’s Big Sleep AI catching a zero-day before it could be weaponized is a huge signal. When we align AI with intelligent detection and human judgment, we unlock new defense frontiers.

On Boardroom Momentum & Budget Justification
We’re not pitching “maybe” anymore. With United Natural Foods taking a $400M hit and Co-op publicly bleeding members, we now have real-world dollar figures to support our cybersecurity strategies. The time for fear-based slide decks is over. This is a business continuity issue. And if CISOs don’t seize this moment to influence board priorities, we’ll have no one to blame but ourselves. Risk is now visible. Use it to build resilience.

Stay Cyber Safe, Security Gang!
Catch us live every weekday at 9 AM Eastern — coffee in hand, no hoodies required.