React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach

Cybersecurity Today17 Des 2025

React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach

In this episode of Cybersecurity Today, host Jim Love discusses a range of pressing cybersecurity threats. The show covers the escalating React2Shell vulnerability, which has led to widespread automated exploitation campaigns involving crypto miners and back doors. Additionally, Jim reports on the Black Force phishing kit, which bypasses multifactor authentication and is gaining traction among cybercriminals. Microsoft OAuth consent attacks are also highlighted, with users being tricked into granting access to their accounts. Finally, the episode touches on PornHub's data breach involving the Shiny Hunters cybercrime group and the importance of patching vulnerabilities and being cautious during the holiday season.

00:00 Introduction and Sponsor Message
00:22 React2Shell Vulnerability Deep Dive
03:46 Black Force Phishing Toolkit
05:44 Microsoft OAuth Consent Phishing
07:29 PornHub Data Breach by Shiny Hunters
10:21 Holiday Cybersecurity Tips and Final Thoughts

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(100)

Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas

Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas

Host David Shipley speaks with cybersecurity professional Cheryl Biswas about her journey into the industry and why she believes Arctic sovereignty must be viewed as a cybersecurity challenge as much ...

29 Mai 29min

CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill

CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill

CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, afte...

27 Mai 10min

AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

Is AI about to trigger a cybersecurity vulnerability explosion? In this episode of Cybersecurity Today, David Shipley examines what some researchers are calling the early signs of a "vulnerability apo...

25 Mai 13min

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

The episode recounts how GitGuardian security researcher Guillaume Valadon, while monitoring public GitHub for leaked secrets, discovered a publicly accessible repository labeled "CISA-Private" contai...

23 Mai 26min

GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill

GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill

GitHub confirms a major supply chain breach after a malicious Visual Studio Code extension reportedly gave attackers linked to TeamPCP access to roughly 3,800 internal repositories. The bigger issue: ...

22 Mai 9min

Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today

Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today

A serious new Windows 11 BitLocker vulnerability, open-sourced offensive malware tools, a suspected Iranian cyber campaign targeting U.S. fuel infrastructure, and malware that appears designed to inte...

20 Mai 13min

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

A dangerous new Microsoft Exchange zero-day is being actively exploited, ransomware gangs are adopting nation-state-style tactics, two fired contractors were caught deleting U.S. government databases ...

19 Mai 12min

Inside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity Force

Inside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity Force

David Shipley interviews Jon Ferguson, VP at CIRA, about how the Canadian Internet Registration Authority evolved from early paper-based .ca registrations at UBC into a 142-person, member-based not-fo...

16 Mai 53min

Reklamefrie Premium-podkaster

Hør populære podkaster som Storefri med Mikkel og Herman, Ida med hjertet i hånden, Krimpodden og mye mye mer

Skap din egen podkastboble

I appen skaper du ditt eget bibliotek med favoritter, og vi gir deg også anbefalinger til podkaster du ikke kan gå glipp av.

Prøv 14 dager gratis

Dersom du er ny Podme-bruker får du 14 dager gratis prøveperiode når du oppretter abonnement

Populært innen Politikk og nyheter

giver-og-gjengen-vg

aftenpodden-usa

fotballpodden-2

rss-espen-lee-usensurert

rss-gukild-johaug

hanna-de-heldige

det-store-bildet

dine-penger-pengeradet

lydartikler-fra-aftenposten

rss-dannet-uten-piano

bt-dokumentar-2

rss-penger-polser-og-politikk

Historiene og stemmene du vil høre

Ubegrenset tilgang til alle dine favorittpodkaster og lydbøker