Cybersecurity Headlines

Drift says exploit was North Korean intelligence operation
GitHub used in multi-stage attacks targeting South Korea
Data leak threatened after Die Linke attack
Check out our show notes here: https://cisoseries.com/cybersecurity-news-drift-blames-exploit-on-north-korea-github-attacks-target-south-korea-die-linke-breach-threatens-data-leak/
Huge thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Link to episode page
This week's Department of Know is hosted by Sarah Lane, with guests Jack Kufahl, CISO, Michigan Medicine, and Adam Palmer, CISO, First Hawaiian Bank.
Missed the live show? Check it out on YouTube.
Huge thanks to our sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

36 Malicious npm packages exploited to deploy persistent implants
Hundreds of millions to be cut from CISA in proposed budget
Hackers exploit React2Shell in automated credential theft campaign
Check out our show notes here: https://cisoseries.com/cybersecurity-news-malicious-npm-packages-cisa-budget-cuts-hackers-exploit-react2shell/
Huge thanks to our episode sponsor, Vanta
Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

250,000 affected by data Breach at Texas hospital
CISA says, "patch Citrix NetScaler bug by Thursday"
Researchers uncover mining operation using ISO lures 
Get the show notes here: https://cisoseries.com/cybersecurity-news-texas-hospital-breach-cisa-orders-netscaler-patch-iso-file-rat-warning/
Huge thanks to our sponsor, ThreatLocker

Security controls fail when they break the business. Successful teams phase in protections gradually — starting with visibility, then moving to enforcement. That approach allows organizations to reduce risk without overwhelming IT teams or disrupting critical workflows. Learn more at ThreatLocker.com

Apple pushes new patches over DarkSword
FBI: US surveillance hack is major incident
Cisco code stolen in Trivy-linked breach
Get the show notes here: https://cisoseries.com/cybersecurity-news-apple-pushes-new-patches-over-darksword-fbi-us-surveillance-hack-is-major-incident-cisco-code-stolen-in-trivy-linked-breach/
Huge thanks to our sponsor, ThreatLocker

Detection-based security assumes you'll catch an attack in time. Control-based security assumes you won't. That mindset shift is driving more organizations to focus on preventative controls — stopping unknown execution and unauthorized privilege elevation instead of relying solely on alerts after the fact. Learn more at ThreatLocker.com