Cybersecurity Headlines

Vercel confirms breach, stolen data for sale
ZionSiphon targets water infrastructure
Bluesky blames outage on DDoS
Get the show notes here: https://cisoseries.com/cybersecurity-news-vercel-breach-zionsiphon-targets-water-infrastructure-bluesky-ddos/
Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

London hospitals continue to suffer from 2024 ransomware attack
Four arrested in PowerOFF takedown
Microsoft Defender "RedSun" zero-day 
Get the show notes here: https://cisoseries.com/cybersecurity-news-london-hospital-ransomware-legacy-poweroff-takedown-microsoft-redsun-zero-day/
Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

Link to episode page
This week's Department of Know is hosted by Rich Stroffolino, with guests Andrew Storms, security engineering, Kilo Code, and Eduardo Ortiz-Romeu, VP, global head of cybersecurity, Techtronic Industries. 
Missed the live show? Check it out on YouTube.
Huge thanks to our sponsor, Conveyor

Happy Friday. Hope there isn't a fresh security questionnaire sitting in your inbox right now.
If there is, here's something worth knowing. The teams that have fully automated their customer security reviews didn't just get a better trust center. They switched to an AI platform built for the whole workflow. Conveyor handles trust center, questionnaire automation, and self-serve for sales, all in one place, with AI keeping the knowledge base current so answers are always accurate.
Learn why enterprise SaaS teams choose Conveyor at conveyor.com.

Cisco posts urgent Webex Services warning
Splunk issues fixes for Enterprise vulnerability
Git identity spoof tricks Claude into approving bad code
Get the show notes here: https://cisoseries.com/cybersecurity-news-cisco-webex-warning-splunks-enterprise-fix-git-spoof-tricks-claude/
Huge thanks to our sponsor, Conveyor

Happy Friday. Hope there isn't a fresh security questionnaire sitting in your inbox right now. If there is, here's something worth knowing. 
The teams that have fully automated their customer security reviews didn't just get a better trust center.
They switched to an AI platform built for the whole workflow.
Conveyor handles trust center, questionnaire automation, and self-serve for sales, all in one place, with AI keeping the knowledge base current so answers are always accurate. Learn why enterprise SaaS teams choose Conveyor at conveyor.com.

OpenAI rolls out GPT-5.4-Cyber
McGraw Hill breach due to Salesforce misconfig
Signed adware operation disables antivirus
Get the show notes here: https://cisoseries.com/cybersecurity-news-openais-gpt-5-4-cyber-mcgraw-hill-blames-salesforce-for-breach-signed-adware-disables-antivirus/
Huge thanks to our sponsor, Conveyor

At some point, every fast-growing SaaS team hits the same wall.
The trust center is live. The SOC 2 is published. And somehow the security questionnaires just keep piling up.
That's when teams realize a static trust center isn't the finish line. Conveyor is what comes next. AI that completes questionnaires automatically. A trust center customers can actually self-serve. And a knowledge base that updates itself with AI.
Companies like Atlassian and Zapier are already there. See what's possible at conveyor.com.