CISA issued urgent warnings, adding exploited VMware and XWiki flaws to the KEV catalog and requiring federal agencies to patch immediately. We break down the Chinese threat actor exploiting an unpatched Windows shortcut vulnerability targeting European diplomats and examine the active exploitation of the critical Windows WSUS flaw.

We dive into two major software supply chain campaigns, including the "PhantomRaven" operation, which delivered infostealers via 136 malicious NPM packages downloaded 100,000 times. Then, we look at why vetting dependencies is no longer enough and examine the shocking case of a US defense contractor executive who sold $35 million in cyber trade secrets to a Russian exploit broker.

Today we dive into critical industrial cyber threats as CISA warns of active exploitation in DELMIA factory software. We also examine Google's move to make HTTPS the default for all public sites and review the massive lawsuit alleging Microsoft tricked millions of users into pricey Copilot subscriptions.

Today we dive into the inevitability of prompt injection as agentic AI takes over enterprise functions, and reviews massive credential theft data circulating online. Plus, learn why industrial giants are falling victim to Oracle EBS exploits and how a $60 mod is killing privacy protections on smart glasses.

Today, we dive into critical AI browser vulnerabilities, including a trick that weaponizes the OpenAI Atlas omnibox, and analyze the spectacular flop of a promised $1 million WhatsApp exploit at Pwn2Own. Plus, we cover active exploitation of a critical Windows Server WSUS vulnerability and the shifting economics of ransomware.

Today we dive into critical updates for BIND against high-severity cache poisoning flaws, the zero-day exploitation of Lanscope Endpoint Manager that requires immediate federal attention, and the serious governance concerns raised by "vibe coding" and AI-generated code's lack of judgment. We also examine Verizon’s latest Mobile Security Index, highlighting soaring mobile device attacks and the alarming rise of AI-powered threats like deepfakes and SMS phishing.

CISA is ringing the alarm on actively exploited Windows SMB flaws while Chinese threat actors leverage a recently patched SharePoint vulnerability for espionage. We also detail how the Russian APT Star Blizzard rapidly changed tactics after researchers exposed their prior malware, and review critical vulnerabilities affecting TP-Link Omada Gateways.

CISA confirms multiple zero-day exploits, including a critical Oracle EBS vulnerability being leveraged by groups tied to Cl0p, necessitating immediate action from federal agencies and private enterprises. Meanwhile, we examine how threat actors are distributing global malware disguised as legitimate AI productivity tools and explore a highly sophisticated supply chain attack using the Solana blockchain for an untakeable command-and-control infrastructure.

Today. we unpack the fallout from a massive Oracle E-Business Suite hack that targeted American Airlines subsidiary Envoy Air, exposing business information from the regional carrier. We also dive into high-stakes cyberwarfare, covering China's accusation that the US attacked its critical National Time Center and Microsoft's report on how foreign adversaries are weaponizing AI.

Today we dive into the industrial scale of cybercrime, discussing the seizure of $15 billion in crypto assets linked to forced-labor scam networks and the staggering 17.6 million accounts impacted by the Prosper data breach. Plus, we analyze urgent patches for exploited zero-days in CentreStack and critical DoS flaws in industrial UPS devices.

Today, we dive into Operation ZeroDisco, where threat actors deployed rootkits onto older Cisco routers by exploiting a recent zero-day. We also analyze the consequences of the Discord breach, F5's revelation of a nation-state attack that stole source code, and the massive crypto "pig butchering" scam that led to the seizure of over $14 billion in Bitcoin.

Today, we unpack the massive October 2025 Patch Tuesday, covering exploited Windows zero-days, critical vulnerabilities in Adobe Connect and major ICS vendors like Red Lion, Siemens, and Rockwell. Plus, a deep dive into why enterprise organizations must ditch synced passkeys for device-bound credentials to prevent sophisticated authentication downgrade attacks.

This morning, we dive deep into major zero-day exploitation, including the Cl0p campaign targeting Oracle EBS, which has claimed Harvard University as a victim. We also dissect the new Pixnapping attack stealing 2FA codes from Android phones and examine the urgent implications of the RMPocalypse flaw affecting AMD's confidential computing.

Host Mike Housch dissects Apple's massive $2 million bug bounty expansion, focusing on incentives for finding zero-click RCEs, and analyzes the high-stakes Salesforce customer data leaks claimed by the Scattered LAPSUS$ Hunters extortion group. We also cover critical warnings about the "Payroll Pirate" university salary attacks and the dismantling of the global GXC Team Crime-as-a-Service operation.

Today we dive into the staggering 2 billion cryptocurrency heist linked to North Korea and explore how sophisticated threat groups are abusing trusted corporate platforms like Microsoft Teams for financial extortion. We also look at the massive pushback against the E.U.'s controversial "Chat Control" proposal and unveil a new, almost unbelievable attack that turns your standard optical mouse into a covert listening device.

This week on Cyber Scoops & Digital Shenanigans, host Mike Housch delves into the recent credential stuffing campaign targeting DraftKings users and the sophisticated exploitation of a critical Oracle E-Business Suite zero-day flaw. We also examine breaches at military radio manufacturer BK Technologies and beer giant Asahi, emphasizing how even essential and everyday businesses are prime targets for skilled threat actors.

In this episode of Cyber Scoops & Digital Shenanigans, host Mike Housch unpacks the week’s most critical cyber incidents shaking enterprises worldwide, from SharePoint zero-days and AI-powered phishing campaigns to rising healthcare ransomware, industrial control system breaches, and mobile malware stealing bank credentials. With billions in crypto losses and attackers outpacing EDR defenses, Mike dives into how state-sponsored actors, misconfigured containers, and compromised supply chai...

Mike and Angela break down a massive Motility dealership software breach impacting 766,000 people, a wiretap-style attack that cracks Intel’s SGX, hackers raiding Oracle ERP customers, and a critical Red Hat OpenShift AI bug. They also dig into cybercriminals bragging about 28,000 new victims and why detection gaps still leave organizations blind. Real stories, real impact, and a few laughs along the way.

Autonomous AI is crashing against the rocks of reality, stalled by a massive trust crisis and fears over governance, while chip giants brush off a $50 hardware hack that breaks their confidential computing promises. We also dissect Broadcom's zero-day silence and the never-ending nightmare of identity theft for major corporations like WestJet.

The feds are nuking essential threat sharing programs just as core security legislation lapses, leaving state and local governments scrambling for defenses and exposed to novel threats. Plus, we explore a critical Sudo flaw exploited in the wild, and ask why international brewing giant Asahi couldn't keep its production lines—and its delicious beer—safe from digital shenanigans.