Instructure discloses breach amid leak threats

DigiCert revokes certificates

Silver Fox targets Indian and Russian orgs

Get the show notes here:

Thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Telegram Mini Apps deliver Android malware

CISA orders Federal agencies to patch cPanel bug by Sunday

British cyber agency warns of looming 'patch wave' due to speedy AI flaw discovery

Get the show notes here: https://cisoseries.com/cybersecurity-news-telegram-mini-apps-malware-cpanel-is-sorry-patch-wave-warning/

Thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

This week's Department of Know is hosted by Rich Stroffolino, with guests Janet Heins, CISO, ChenMed, and TC Niedzialkowski, Head of IT & Security, Opendoor.

Missed the live show? Check it out on YouTube.

The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.

Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/

Thanks to our episode sponsor, Guardsqaure

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.

Critical cPanel and WHM bug exploited as zero-day

Swiss police arrest suspected members of Black Axe group

HHS ponders government posture for protecting data centers

Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/

Thanks to our episode sponsor, Guardsqaure

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.

Hackers arrested for selling Roblox accounts

Microsoft's patch for a 0-day falls short

US & China partner on Dubai scam takedown

Get the show notes here: https://cisoseries.com/cybersecurity-news-roblox-hackers-arrested-microsoft-0-day-falls-short-dubai-scam-takedown/

Thanks to our episode sponsor, Guardsqaure

AI is speeding up development, but at what cost? While ninety-six percent of teams now use AI tools, eighty-one percent report that AI-generated code has introduced new vulnerabilities into their mobile apps. In a world with automated threats, you need multi-layered, polymorphic security to stay ahead of the curve. Learn more at Guardsquare.com.

FIDO Alliance working on securing AI agent payments

Germany suspects Russia in Signal phishing

RCE flaw in open-source robotics platform

Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/

Thanks to our episode sponsor, Guardsqaure

Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern secuirty risks. Learn more at Guardsquare.com.

PhantomRPC flaw enables privilege escalation

Checkmarx confirms GitHub data hit dark web

PyPI package hacked to push infostealer

Get the show notes here: https://cisoseries.com/cybersecurity-news-phantomrpc-flaw-checkmarx-github-dark-web-data-pypi-package-infostealer/

Thanks to our episode sponsor, Guardsqaure

Your backend is only as secure as your frontend. Research shows that client-side compromise is now a primary driver of API risk. With sixty-three percent of leaders detecting mobile app tampering or cloning last year, don't leave your mobile app security to chance. Get multilayered protection for your entire mobile app ecosystem from the outside in. Learn more at Guardsquare.com.

ADT says customer data stolen in cyberattack

SMS blasting comes to Toronto

Researchers find pre-Stuxnet malware targeting engineering software

Get the show notes here: https://cisoseries.com/cybersecurity-news-adt-data-breach-toronto-sms-blasting-pre-stuxnet-malware-discovery/

Thanks to our episode sponsor, Guardsquare

Mobile app security isn't just a tech issue; it's a revenue issue. A recent global study found that seventy-two percent of organizations experienced a mobile app security incident last year. Even worse? Sixty-five percent saw customer churn or uninstalls as a result. Protect your brand and your bottom line with layered mobile app protection. Learn more at Guardsquare.com.