CISO Talk by James Azar

CISO Talk by James Azar

Home
Notes
Chat
Sponsors
CyberHub Podcast
Goodbye Privacy
Archive
Newsletters
About

Sitemap - 2026 - CISO Talk by James Azar

Google Detects First AI-Generated Zero-Day Exploit, New Dirty Frag Linux Vulnerability Gives Root on Every Major Distro, UK Water Company Had Hackers Lurking in Systems for Years

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks, Dragos Reveals Hackers Used Claude AI to Target OT Assets, Poland Reports ICS Breaches at Five Water Treatment

This Week in Cybersecurity #51

Critical PAN-OS Zero-Day CVE-2026-0300 Exploited to Hack Palo Alto Firewalls, Iran's MuddyWater Runs False Flag Chaos Ransomware Attack, Oracle Shifts to Monthly Critical Security Patch

Bleeding Llama Exposes 300K AI Servers, AiTM Campaign, North Korea BirdCall Android, Fiserv Ransomware

MOVEit Automation Authentication Bypass Allows Full Admin Takeover, DigiCert Support Portal Hacked via Screensaver File, Ransomware Publishes 108 GB of Alleged Liberty Mutual Insurance Policyholder

Critical cPanel Zero-Day Mass-Exploited in Sorry Ransomware Attacks, Linux Copy Fail Gives Root on Every Major Distro Since 2017 With a 732-Byte Script, Trellix Confirms Source Code Repository Breach

The Vulnerability Management Shift Left Moment Is Here

This Week in Cybersecurity #50

Iran-Linked Handala Sends Threatening WhatsApp Messages to US Troops in Bahrain, TeamPCP's Mini Shai-Hulud Compromises SAP npm Packages, NSA Chief Warns Foreign Adversaries Likely to Target Midterm

Critical GitHub RCE Vulnerability Allows Full Server Compromise With a Single Git Push, VECT 2.0 Ransomware Revealed as Accidental Data Wiper, ShinyHunters Breach Vimeo

🎙️ Pre-Stuxnet Malware Resurfaces Amid Tensions | Windows Zero-Click Risk Grows | $2.1B Scam Surge 🚨

Cisco IOS XE "Firestarter" Hits KEV, ADT 10M-Record Leak, Gen. Haugh's Iran Escalation Warning, what defenders need to do today.

This Week in Cybersecurity #49

France Titres (ANTS) Breach Exposes Identity Records, Microsoft Ships Out-of-Band ASP.NET Core Emergency Patch, 'CanisterSprawl' npm Worm Hits pgserve, Cohere Terrarium AI Sandbox Cracked Open

Cisco SD-WAN KEV Federal Deadline, MOVEit WAF Critical RCE Patches, Vercel Breached Via AI OAuth

Defender 0-Days Exploited, Anthropic MCP RCE Flaw, Lazarus Drains $290M From KelpDAO

ZionSiphon ICS Malware Targets Water Plants, Vercel Breached, NHS Still Suffering from Ransomware Attack

This Week in Cybersecurity #48

AgingFly Malware Hits Ukraine Hospitals, NGINX UI 0-Day Exploited, Sweden Blames Russia for Hack

Patch Tuesday: 167 Microsoft Fixes, SharePoint 0-Day, Kraken Extorted, Mythos AI Threat Warning

OpenAI Hit by North Korea Axios Hack, Booking.com Breach, CPUID Serves Trojanized Downloads

Stryker Warns of Earnings Hit From Iran Attack, Adobe Reader 0-Day Patched, 4K US ICS Devices Exposed

The Space Between Joy and Grief

Stepping Away to Step Into What Matters

Cisco Source Code Stolen via Trivy Attack, Axios npm Compromised, Stryker Restores Manufacturing

F5 BIG-IP RCE Exploited in Wild, Fortinet EMS Flaw Attacked, Apple Blocks ClickFix on macOS

Handala Hacks FBI Director Patel's Email, EU Commission AWS Breach 350GB, RedLine Dev Extradited

This week in Cybersecurity #47

LeakBase Admin Arrested in 14-Country Takedown, Device Code Phishing Hits 340 Orgs, TP-Link Flaw

Pro-Iran Hackers Claim Lockheed Martin Breach, HackerOne Data Stolen, FCC Bans Chinese Routers

FBI: Iran Hackers Use Telegram as C2, Crunchyroll Probes 6.8M Breach, Tycoon 2FA Back Online

FBI Seizes Handala Websites and DOJ Accuses Iran's MOIS Behind Stryker Wiper Attack, Oracle Pushes Emergency Fix for Critical Identity Manager RCE, Navia Data Breach Impacts 2.7 Million People

AI Hype Isn’t New — But the Stakes Are

This Week in Cybersecurity #46

Aura Breached by ShinyHunters Exposing 900K Records, Treasury Sanctions North Korea IT Worker Network That Generated $800M Funding WMD Programs, DarkSword iOS Exploit Kit Used by State Hackers

Iran Hackers Hold US Network Footholds, GlassWorm Hits 400+ Repos, EU Sanctions China and Iran

Stryker Hack Used Intune to Wipe 200K Devices, China Espionage Hits Asian Militaries, Wing FTP 0-Day

Emergency Chrome 146 Update Patches Two Exploited Zero-Days, INTERPOL Operation Synergia III Sinkholes 45K Malicious Ips, Poland Nuclear Research Centre Targeted by Cyberattack

When Destruction Becomes the Objective

This Week in Cybersecurity #45

Iran Hackers Wipe 200K Stryker Devices, FBI Epstein Files Hacked, Wiz Joins Google Cloud

Patch Tuesday: 83 Microsoft Fixes, Rudd Confirmed NSA Chief, US-Built iPhone Exploits Hit Russia

Trump Releases Cyber Strategy, Russia Phishing Signal & WhatsApp, MuddyWater Hits US Networks

FBI Wiretap Systems Hacked, Israel Bombs Iran Cyber HQ, Claude Finds 22 Firefox Vulnerabilities

This Week in Cybersecurity #44

FBI Takes Down LeakBase Forum, Hacked Traffic Cams Aided Iran War, Cisco Max Severity Flaws

Iranian Drones Hit AWS Data Centers, LexisNexis Breached, Pro-Russia Hackers Join Iran Cyber War

Cyber Command Disrupts Iran Comms, DHS Warns of Retaliatory Attacks, New CISA Director Named

Cyber Ops Strike Iran Amid US-Israeli Attacks, Canadian Tire 38M Breach, Intellexa Gets 8 Years

This Week in Cybersecurity #43

Cisco SD-WAN CVSS 10 Zero-Day Since 2023, Claude AI Hacks Mexico Government, China Spies on 42 Countries

US Sanctions Russian Exploit Broker Operation Zero, Lazarus Deploys Medusa, ShinyHunters Strikes Again

Chinese AI Labs Steal Claude with 16M Exchanges, Ukraine Hacks Guide Missile Strikes, Conduent 25M Victims

AI Hacker Breaches 600 Firewalls in 5 Weeks, Hospital Ransomware Closes 35 Clinics, Volt Typhoon Still Embedded

Feature, Product, or Platform? The Identity Crisis Killing Cybersecurity Startups

This Week in Cybersecurity #42

Texas Sues TP-Link Over China Ties, AI Used as Malware C2, Poland Bans Chinese Cars at Bases, Ivanti EPMM Zeroday

Chinese Hackers Exploit Dell Zero-Day, Android Firmware Backdoor, Spain Orders VPN Block

Russia Loses Starlink on Battlefield, CISA at 38% in DHS Shutdown, First Chrome Zero-Day of 2026

300+ Chrome Extensions Steal Data from 3.7M Users, LVMH Brands Fined $25M, 6M Dutch Records Stolen

From Cost Center to Capital Strategy

This Week in Cybersecurity #41

Apple Patches Exploited Zero-Day, $2K Spyware Hacks Any Phone, First Malicious Outlook Add-In Discovered

Microsoft Patches 6 Zero-Days, China Hacks Singapore Telecoms, North Korea Deepfake Mac Malware

SmarterTools Hacked By Own Software, Ivanti Zero-Days Hit EU, China Rehearses Cyber Attacks Against Neighbors

BridgePay Ransomware Attack Outage, Spain Ministry of Science Breach, State Actor Targets 155 Countries in Global Espionage Campaign

Locked Up: Lessons from the Ransomware Frontline with Zach Lewis

This Week in Cybersecurity #40

Harvard and UPenn Data Leaked by Shiny Hunters, CISA Flags SolarWinds RCE Exploit, and VMware ESXi Zero-Day Drives Ransomware

Step Finance $40M Crypto Theft via Exec Device Compromise, Iron Mountain Data Breach, and React Native Zero-Day Actively Exploited

Notepad++ Supply Chain Hack by China, Panera Bread 5.1M Breach, and APT28 Zero-Day Exploit Discovered

Bumble and Match Dating Apps Data Breaches, Marquee Blames SonicWall Cloud Backup, and $158B Illicit Crypto Flows Hit Record

Infiltrated From Within

This Week in Cybersecurity #39

Poland Grid Cyberattack Hits 30 Facilities, eScan Breached with Malicious Update, and FBI Seizes RAMP Cybercrime Forum

Shiny Hunters Targets 100+ Organizations, Russia's Delta Security Cyberattack, and 800K Telnet Servers Exposed

China Hacked Downing Street Phones for Years, Nova Ransomware Hits KPMG Netherlands, and Microsoft Office Zero-Day Actively Exploited

Crunchbase Data Breach Confirmed, Nike Probes Hack, and Fortinet FortiCloud Authentication Bypass Not Fully Patched

When National Interest Becomes the Attack Surface

This Week in Cybersecurity #38

Manufacturing Giant Luxshare Data Leak, Oracle's 337-Patch Mega-Bundle, and Already-Patched FortiGate Firewalls Exploited

McDonald's India Hit by Everest Ransomware, EU Plans China Telecom Phase-Out, and NK Hackers Target Workday Users

Ingram Micro Ransomware Impacts 42K, 4 in 5 Small Businesses Hit by Cyberscams, and Jen Easterly Named RSAC CEO

Cybersecurity Firms React to China Ban, Iranian State TV Hacked with Anti-Regime Messages, and Black Basta Police Raids

The End of the Illusion: China’s Cybersecurity Ban and the Strategy Behind It

This Week in Cybersecurity #37

South Korean Giant Kyowon Confirms Ransomware Data Theft, Poland Attributes Grid Attack to Russia, and Beijing Bans U.S. and Israeli Security Tools

Belgian Hospital Cyberattack Shuts Down Servers, Microsoft Patch Tuesday Fixes 3 Zero-Days, and 40+ Countries Hit by North Korean IT Worker Schemes

University of Hawaii Cancer Center Hit by Ransomware, Spanish Energy Giant Endesa Breach, and Target Dev Server Drama Over Source Code Theft

Instagram Denies 17M Account Breach, $26M Crypto Stolen from Truebit, and BreachForums Database Leaked Exposing 324K Users

2026: New Threats, New Rules

This Week in Cybersecurity #36

Spanish Airline Attributes Breach to November Incident, Illinois Agency Exposes 700K Records, and UK Cyber Action Plan Deep Dive

Jaguar Land Rover Sales Plunge 43% After Cyberattack, UK Unveils Cyber Action Plan, and Taiwan Energy Attacks Surge 10x

Brightspeed Investigating Cyberattack, Ledger Hit Through Third-Party Breach, and NordVPN Denies Breach Claims

Sedgwick Confirms Trident Locker Ransomware Attack, Trump Orders $2.9M Chip Deal Divestment, and 10K Fortinet Firewalls Still Exposed to 5-Year-Old MFA Bypass

2025’s Defining Cybersecurity Stories

This Week in Cybersecurity #35

© 2026 James Azar · PrivacyTermsCollection notice
Start your SubstackGet the app
Substack is the home for great culture