Cybersecurity Headlines

FBI confirms theft of director's personal emails
Lloyds customer data exposed in IT glitch
Hundreds of valid API keys discovered on the Web 
Get the show notes here: https://cisoseries.com/cybersecurity-news-fbi-email-theft-lloyds-bank-glitch-api-keys-running-loose/
Huge thanks to our sponsor, ThreatLocker

Most breaches don't start with a zero-day — they start because something unexpected was allowed to run. One way organizations reduce risk is by shrinking the attack surface: deciding what software should be allowed to execute and blocking everything else by default. Fewer unknowns means fewer opportunities for attackers. Learn more at ThreatLocker.com

Alleged RedLine dev extradited to US
Red Menshen uses BPFDoor to spy
Former NSA chiefs worry US cybersecurity is slipping
Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-alleged-redline-dev-extradited-red-menshen-spies-with-bpfdoor-is-us-cybersecurity-slipping/
Huge thanks to our sponsor, ThreatLocker

Security controls fail when they break the business. Successful teams phase in protections gradually — starting with visibility, then moving to enforcement. That approach allows organizations to reduce risk without overwhelming IT teams or disrupting critical workflows. Learn more at ThreatLocker.com

Torg Grabber targets crypto wallets
TeamPCP backdoors LiteLLM
GitHub adds AI security bug detection
Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-torg-grabber-targets-crypto-teampcp-backdoors-litellm-github-ai-bug-detection/
Huge thanks to our sponsor, ThreatLocker

Detection-based security assumes you'll catch an attack in time. Control-based security assumes you won't. That mindset shift is driving more organizations to focus on preventative controls — stopping unknown execution and unauthorized privilege elevation instead of relying solely on alerts after the fact. Learn more at ThreatLocker.com

FCC bans foreign routers
Drone activity disrupts AWS region
Crunchyroll confirmed data leak
Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-fcc-router-ban-drone-hit-aws-crunchroll-leak/
Huge thanks to our sponsor, ThreatLocker

Least privilege isn't about distrusting users — it's about limiting blast radius. Many attacks succeed because malware inherits excessive permissions. Enforcing least privilege helps ensure that even if something goes wrong, attackers can't easily escalate access or move laterally across the environment. Learn more at ThreatLocker.com

New DarkSword exploit hits GitHub
Gemini AI agents scour the dark web
Trivy supply chain attack expands
Check out our show notes for all story links: https://cisoseries.com/cybersecurity-news-darksword-exploit-hits-github-gemini-ai-agents-scour-dark-web-trivy-supply-chain-attack-expands/
Huge thanks to our sponsor, ThreatLocker

Ransomware doesn't need to be sophisticated if it's allowed to execute. A growing number of security teams are shifting focus from detecting ransomware to preventing execution in the first place — controlling applications, scripts, and installers so unauthorized code never gets the chance to run. Learn more at ThreatLocker.com