Legacy Exploits, Poisoned Packages, and Password Hijacks

https://is1-ssl.mzstatic.com/image/thumb/Podcasts124/v4/d4/83/7f/d4837fde-2ae4-220f-e4d9-ed9296f4a5ae/mza_11743321888039662568.jpg/600x600bb.jpg

You've Already Been Hacked

Professor CyberRisk

97 episodes

3 days ago

A Cybersecurity Podcast for the Rest of Us In a world of evolving cyber threats, You’ve Already Been Hacked breaks down cybersecurity for everyone—from experts to everyday users. Hosted by Professor CyberRisk and Cyber Cowboy, we tackle major cyber attacks, emerging threats, and real-world security strategies. Each episode offers expert analysis, case studies, and actionable tips to help listeners stay ahead of hackers and digital risks.

Technology

RSS

All content for You've Already Been Hacked is the property of Professor CyberRisk and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded/6322878/6322878-1593961948748-3f2e264965a88.jpg

Legacy Exploits, Poisoned Packages, and Password Hijacks

You've Already Been Hacked

24 minutes 48 seconds

2 months ago

Legacy Exploits, Poisoned Packages, and Password Hijacks

## 🎙️ Hosts

- Professor CyberRisk

- Cyber Cowboy

---

## 🌐 Live Cyber Maps

- Bitdefender Threat Map: https://threatmap.bitdefender.com/

- Check Point Threat Map: https://threatmap.checkpoint.com/

- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

- Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam

---

## 📢 Episode Information

**Title:** _Legacy Exploits, Poisoned Packages, and Password Hijacks

**Episode Number:** 3x20

---

## 🧠 Overview

This week, Professor CyberRisk and Cyber Cowboy dissect the latest wave of cyber threats—from Russian espionage campaigns targeting unpatched Cisco gear to stealthy clickjacking attacks on password managers. Whether you're an enterprise defender or a solo dev, these stories will make you rethink your patching strategy, supply chain hygiene, and user awareness training.

---

## 🎤 Guest Information

None this episode

---

## 🧵 Topics Covered

- Russian state-sponsored exploitation of legacy Cisco vulnerabilities

- DOM-based clickjacking targeting browser password managers

- Apple’s emergency patch for zero-day CVE-2025-43300

- Malicious PyPI packages infiltrating developer environments

- AsyncRAT delivered via fake verification prompts

---

## 🚨 Top Stories

**FBI Warns of Russian Espionage via Unpatched Cisco Devices**

Summary: Russian group Static Tundra exploits CVE-2018-0171 in Cisco IOS/IOS XE.

Why it Matters: Legacy vulnerabilities still pose major risks.

What You Should Be Doing: Audit Cisco gear, patch or disable Smart Install, monitor traffic.

Cited link: [The Hacker News](https://thehackernews.com/)

---

## 🧩 Additional Cybersecurity News – Titles and URLs

**DOM-Based Clickjacking Targets Password Managers**

https://thehackernews.com/

**Apple Patches Zero-Day CVE-2025-43300**

https://thehackernews.com/

**Weaponized PyPI Packages Target Developers**

https://cybersecuritynews.com/weekly-cybersecurity-news-recap/

**AsyncRAT Delivered via Fake Verification Prompts**

https://cybersecuritynews.com/weekly-cybersecurity-news-recap/

---

## 📚 Resources & Links

None this episode

---

## 📣 Call to Action

- **Subscribe:** Stay updated on cybersecurity threats.

- **Leave a Review:** Let us know what you think.

- **Join the Conversation:** Follow our community and ask questions.

---

## 💼 Sponsor (if applicable)

No sponsors this episode

---

## 🌐 Podcast Socials & Website

- Website: https://www.youvealreadybeenhacked.com

- X: [@professorcyberrisk](https://twitter.com/professorcyberrisk)

- YouTube: https://www.youtube.com/@YABHPodcast

- Discord/Community: https://discord.gg/cz3xdsrqAE