Please consider supporting the DefSec podcast here.

Links to this week’s stories:

• https://www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrialized
• https://www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/
• https://www.bleepingcomputer.com/news/security/google-new-unc6783-hackers-steal-corporate-zendesk-support-tickets/
• https://www.darkreading.com/vulnerabilities-threats/bluehammer-windows-exploit-microsoft-bug-disclosure-issues
• https://www.businessinsider.com/mercor-lawsuits-data-breach-2026-4

Please consider supporting the DefSec podcast here.

Links to stories:

• https://www.computerweekly.com/news/366640648/Emergency-Microsoft-Oracle-patches-point-to-wider-cyber-issues
• https://www.theregister.com/2026/03/27/security_boffins_harvest_bumper_crop/
• https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html?m=1
• https://www.theregister.com/2026/03/24/trivy_compromise_litellm/
• https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html?m=1

Please consider supporting the DefSec podcast here.

Here are the links we discuss this week:

• https://www.darkreading.com/identity-access-management-security/more-attackers-logging-in-not-breaking-in
• https://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/
• https://www.csoonline.com/article/4147833/cisa-urges-it-to-harden-endpoint-management-systems-after-cyberattack-by-pro-iranian-group.html
• https://arstechnica.com/security/2026/03/widely-used-trivy-scanner-compromised-in-ongoing-supply-chain-attack/
• https://techcrunch.com/2026/03/21/delve-accused-of-misleading-customers-with-fake-compliance/