Cybersecurity Headlines

This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Jason Thomas, senior director, technology security, governance, and risk, Cystic Fibrosis Foundation.

Missed the live show? Check it out on YouTube.

The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.

Huge thanks to our episode sponsor, Doppel

Cybercriminals don't respect your security silos. They use one connected attack chain to hit your brand externally, infiltrate your inbox, and manipulate your team. Stop playing whack-a-mole with fragmented tools. Doppel unifies Digital Risk Protection, Human Risk Management, and Email Security into one unified platform. One attack chain. Three pillars of defense. Zero blind spots. Secure your enterprise relentlessly at doppel.com.

Fortinet patches a new critical FortiSandbox flaw
GitHub to disable npm install scripts by default to stop supply chain attacks
Nottingham University announces data breach
Get the show notes here: https://cisoseries.com/cybersecurity-news-fortinet-patches-fortisandbox-github-disables-npm-scripts-nottingham-university-breach/
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Patch Tuesday for the books
'Nightmare Eclipse' drops Windows 0-day
Claude Fable restricted at Microsoft
Get the show notes here: https://cisoseries.com/cybersecurity-news-big-patch-tuesday-nightmare-eclipse-drops-windows-0-day-claude-fable-restricted-at-microsoft/
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Anthropic releases Claude Fable 5
French government messaging service breached
CISA rethinking risk evaluations
Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-fable-5-tchap-hacked-cisa-priorities/ 
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Microsoft malware hits Claude and Gemini users
Mythos can exploit new flaws in hours
AI tool abuse behind Instagram hacks
Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-gemini-malware-mythos-sneaky-flaws-instagram-ai-abuse/
Thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.