Cybersecurity Daily — daily news briefing covering the most important cybersecurity events from the past 24 hours. Data breaches, vulnerability disclosures, ransomware, nation-state attacks, zero-days, regulatory actions, and enterprise security news. 6-10 stories per episode. Factual, technical where necessary, accessible to security professionals and informed non-specialists. Global scope.
Cybersecurity Daily: News & Threats
Claim This Podcastby YesOui
46 episodes
Updated Daily
Accepts GuestsHas SponsorsLocation 🇺🇸
Podcast Overview
Cybersecurity Daily — daily news briefing covering the most important cybersecurity events from the past 24 hours. Data breaches, vulnerability disclosures, ransomware, nation-state attacks, zero-days, regulatory actions, and enterprise security news. 6-10 stories per episode. Factual, technical where necessary, accessible to security professionals and informed non-specialists. Global scope.
Language
🇺🇲
Publishing Since
5/8/2026
1 verified contact email on file for Cybersecurity Daily: News & Threats
Pitch yourself as a guest, propose sponsorships, or reach out directly to the host.
Recent Episodes
June 24, 2026
Space Surge, Icarus OAuth & Chrome Zero-Day CVE-2026-11645
(00:00:00) Space Surge, Icarus OAuth & Chrome Zero-Day CVE-2026-11645<br /> (00:00:51) Klue Breach Hits Security Vendors<br /> (00:01:51) Bajaj Auto Ransomware Disclosed<br /> (00:02:37) FortiBleed Automated Domain Takeover<br /> (00:03:13) Five Eyes AI Warning and GPT-5.5-Cyber<br /> (00:04:13) Chrome Zero-Day CVE-2026-11645<br /> <br /> Today's cybersecurity briefing opens with the sharpest signal in weeks: a 400% surge in cyberattacks against space infrastructure, timed to the escalation of U.S. and Israeli military operations against Iran. The attacks blend nation-state sophistication with hacktivist volume, targeting defense contractors, aerospace operators, and satellite systems in what appears to be large-scale reconnaissance — or pre-positioning for future disruption.<br /><br />The Icarus OAuth breach is the day's defining supply chain story. A newly attributed extortion group stole OAuth tokens via a compromised Klue-Salesforce integration, exposing CRM data at Huntress, Recorded Future, Tanium, Jamf, HackerOne, Snyk, and others. The victims are security vendors — companies whose core business is protecting others. The vector was a trusted third-party connector, not a direct attack. That's exactly what makes it so effective.<br /><br />India's Bajaj Auto confirmed a ransomware attack on June 23rd affecting parent systems and subsidiary BATL. Containment is ongoing; exfiltration is unconfirmed. For a manufacturer at this scale, the operational risk extends well beyond data loss into production disruption and supply chain exposure.<br /><br />The FortiBleed campaign demonstrates what AI-assisted exploitation looks like at scale: GPU-powered credential cracking, OpenFortiVPN pivoting, and an automated AI penetration agent achieving full domain compromise across thousands of networks. The Five Eyes alliance issued a coordinated warning the same day, flagging that frontier AI models are compressing the window from vulnerability discovery to active exploitation from years to months.<br /><br />Finally, a Chrome V8 zero-day — CVE-2026-11645 — is being actively exploited in the wild. Patch status is unconfirmed as of this recording. Enterprise browser policy teams should treat this as a priority item today.<br /><br />This episode includes AI-generated content.
June 23, 2026
Icarus OAuth Attack, Council of Europe Breach & AryStinger Botnet
(00:00:00) Icarus OAuth Attack, Council of Europe Breach & AryStinger Botnet<br /> (00:01:13) Oracle PeopleSoft Zero-Day, 100+ Victims<br /> (00:01:48) ShinyHunters Publishes Council of Europe Data<br /> (00:02:43) AryStinger Botnet Hijacks D-Link Routers<br /> (00:03:34) The Signal That Connects All Three<br /> <br /> Three major incidents dominated the past twenty-four hours, and they share a single underlying pattern: attackers exploiting the gap between trusted access and monitored access.<br /><br />The Icarus group compromised legacy credentials at Klue, a competitive intelligence platform, converting them into OAuth tokens that granted silent access to Salesforce data across nine cybersecurity firms — including HackerOne, Recorded Future, Snyk, and Jamf. Automated Python scripts queried the API continuously for twenty-four hours, blending into normal integration traffic. A ransom deadline of June 17th has already passed with no disclosed resolution.<br /><br />In a connected development, a critical Oracle PeopleSoft zero-day has been exploited across more than one hundred organisations. Attacks mimicked legitimate user sessions, bypassing anomaly detection entirely. The Council of Europe is among confirmed victims — and that breach escalated sharply when ShinyHunters published 297 gigabytes of stolen data after the Council declined to pay. The leaked files include payroll records, medical files, and bank details for approximately ten thousand employees. ShinyHunters deployed permanent torrent mirrors, explicitly framing the release as lasting until the end of time. That shift fundamentally changes the extortion calculus for every future victim: payment no longer removes the threat.<br /><br />Rounding out today's briefing, the AryStinger botnet has quietly compromised over 4,300 end-of-life D-Link routers — models the manufacturer abandoned — installing a Dropbear SSH backdoor for infrastructure reconnaissance rather than DDoS. Detection rates in mainstream security engines are near zero.<br /><br />Oracle's patch timeline remains undefined. Klue's full breach scope is unconfirmed. Affected Council of Europe employees are still awaiting notification. This is Cybersecurity Daily.<br /><br />This episode includes AI-generated content.
June 22, 2026
208 CVEs, Qilin Hits Telecom & GentleKiller EDR Bypass
(00:00:00) 208 CVEs, Qilin Hits Telecom & GentleKiller EDR Bypass<br /> (00:00:56) Qilin Claims Q Link Wireless<br /> (00:01:37) GentleKiller EDR Bypass Toolkit<br /> (00:02:24) Microsoft Teams Abused for C2<br /> (00:02:53) DORA and CIRCIA Tighten Rules<br /> (00:03:37) Key Watchpoints This Cycle<br /> <br /> This episode covers six critical cybersecurity developments from the past 24 hours — from a Windows regression shipping inside Microsoft's own security patches, to ransomware hitting U.S. telecom infrastructure.<br /><br />Microsoft's latest Patch Tuesday addressed 208 vulnerabilities, but the same update introduced a Recycle Bin display bug exposing internal filenames across every supported Windows version — from Windows 10 through Server 2012. No rollback timeline has been issued, leaving enterprise administrators without clear remediation guidance.<br /><br />The Qilin ransomware group publicly claimed responsibility for breaching Q Link Wireless, a major U.S. telecom provider, in a move that signals a deliberate shift toward high-visibility critical infrastructure targets. Details on data exfiltrated and ransom demands remain undisclosed.<br /><br />A May 2026 internal leak exposed GentleKiller, a professionally maintained toolkit that disables over 400 EDR processes by exploiting signed but vulnerable drivers — bypassing kernel-level protections without triggering standard detection logic. The leak has made its operational details publicly available, raising urgent questions about active affiliate campaigns.<br /><br />A ransomware group also abused Microsoft Teams relay infrastructure between June 14–20 to hide command-and-control traffic inside legitimate enterprise application activity — a technique that defeats standard perimeter controls.<br /><br />On the regulatory front, EU financial regulators published their first DORA ICT incident overview, marking a shift from expectation to active enforcement. In the U.S., CISA continued public consultations to finalise the federal cyber incident reporting rule under CIRCIA.<br /><br />This podcast was built using AI technology. A YesWee production.<br /><br />This episode includes AI-generated content.
46 total episodes available
Deep-dive analytics for Cybersecurity Daily: News & Threats
Frequently asked questions
Have a different question and can't find the answer you're looking for? Reach out to our support team by sending us an email and we'll get back to you as soon as we can.
- What is Cybersecurity Daily: News & Threats?
- How often does this podcast release new episodes?
This podcast updates daily.
- Where can I listen to this podcast?
This podcast is available on 4 platforms including Apple Podcasts, Spotify, and more. You can also use the RSS feed directly.
- Does this podcast accept guests?
No, this podcast does not typically feature guests.
Legal Disclaimer
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at hey@podengine.ai for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.