In this week's InfoSec.Watch Podcast, we dive into the latest high-impact threats targeting enterprise security choke points.

Key stories include:

• A sophisticated campaign against Cisco Secure Email appliances, with essential guidance on hardening management interfaces and proactive threat hunting.
• Chainalysis' alarming report on North Korea-linked actors stealing a record $2.02 billion in cryptocurrency in 2025 through fewer, more targeted attacks.
• Ongoing disruption of municipal services, underscoring the urgent need for OT/IT segmentation and manual failover planning.

The Vulnerability Spotlight focuses on two actively exploited Apple WebKit zero-days (now added to CISA's KEV catalog), emphasizing rapid patching via MDM and broader attack surface awareness.

Also covered: FBI warnings on AI-generated voice deepfakes in impersonation scams, a new security tool called Proximity for scanning AI agent MCP servers, and practical defenses against evolving social engineering.

The Actionable Defense Move of the Week: Build a pre-prepared one-hour containment checklist for critical edge and admin systems to enable fast, decisive incident response.

Wrap-up theme: Attackers are zeroing in on high-leverage assets—make "time-to-mitigate" a core KPI for resilience in 2026 and beyond.

Subscribe at infosec.watch for deeper analysis and daily updates. Stay secure!