Cybersecurity Today

A major open source Python tool was hijacked in a supply chain attack, exposing developer credentials, cloud secrets, and crypto wallets. Meanwhile, the FTC says Americans lost more than $2.1 billion to scams that began on social media, with Facebook leading reported losses.
Cybersecurity Today thanks Meter for supporting this podcast. Meter delivers a complete networking stack — wired, wireless, and cellular — in one integrated solution built for performance and scale. Learn more at Meter.com/cst.
Also in today's Cyber Security Today:
Brazilian hackers return with fake Minecraft cheat downloads carrying credential-stealing malware
A new ransomware strain destroys victim files so badly even paying the ransom may not help
North Korean threat actors target crypto executives using fake Zoom and Teams meetings powered by AI deception tactics
If you work in IT, cybersecurity, finance, or simply want to stay safe online, this episode breaks down what matters and what to watch next.
Stories covered in this episode are based on reporting summarized in the show transcript.
 
#cybersecurity #ransomware #scams #python #hacking #northkorea #cryptocurrency #malware #technews

A rogue cyber weapon drove through Toronto blasting scam texts to thousands of phones. A major U.S. critical infrastructure provider confirms a cyberattack. And researchers reveal that Stuxnet may not have been the first cyber weapon after all.
In today's Cybersecurity Today with David Shipley:
• First known SMS blaster case in Canada uncovered in Toronto
• Itron, a major utility technology supplier, discloses cyber intrusion
• Researchers say a 2005 malware campaign predates Stuxnet
• Venezuela energy sector attack reveals destructive "Lotus Wiper" malware
• Why AI-powered attacks may change critical infrastructure risk forever
If you care about cybersecurity, nation-state threats, infrastructure risk, and real-world attacks, this episode is essential listening.
Hosted by David Shipley.
Cybersecurity Today thanks Meter for supporting this podcast. Meter delivers a complete networking stack — wired, wireless, and cellular — in one integrated solution built for performance and scale. Learn more at Meter.com/cst.
Chapters
00:00 Intro
00:36 Toronto SMS Cyber Weapon
05:12 Critical Infrastructure Supplier Hit
09:28 Stuxnet History Rewritten
14:32 Venezuela Energy Sector Attack
19:05 Final Thoughts
#Cybersecurity #Stuxnet #CyberAttack #Toronto #CriticalInfrastructure #Hacking #Itron #CyberNews #DavidShipley

📍 again, we'd like to thank Meter for their support in bringing you this podcast Meter delivers full stack networking infrastructure, wired, wireless, and cellular to leading enterprises. Working with their partners, meter designs, deploys and manages everything required to get performant, reliable and secure connectivity in a space.
They design the hardware, the firmware, they build the software, they manage deployments, and they run support. It's a single integrated solution that scales from branch offices to warehouses and large campuses to data centers. Book a demo at meter.com/htt. That's METE r.com/htt. If you're around on the weekend, join us for Project Synapse as we will go through the weak in ai.
We'll be going through the climate crisis, the Mythos escape, and. The, we'll be going through the new image generation, the climate crisis, the Mythos escape, and probably a lot more. And if you're not around on the weekend, we'll catch you Monday morning, and if you're not around on the weekend, I'll be back with the tech news on Monday morning.

Inside the Vercel Breach: Highlighting OAuth Token Risk 
In a special edition of Cybersecurity Today, host Jim Love and guest Jamie Blasco (CTO, Nudge Security) discuss Vercel, a major developer hosting platform, and a breach tied to OAuth grants and shadow AI. Reporting shared by Contrast Security's David Lindner describes how a Context AI employee downloaded Roblox AutoFarm scripts, got infected with an info stealer, and attackers harvested credentials, compromised Context AI, then used an over-permissioned OAuth token from a Vercel employee who had signed up to Context AI with an enterprise account and clicked "allow all," with Vercel working with Mandiant on a breach allegedly being sold for $2 million. The episode emphasizes that MFA may not mitigate OAuth abuse, urges admin-managed consent, continuous inventory and auditing of OAuth grants, and better visibility into risky third-party app access across Google Workspace and Microsoft 365.
Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst
00:00 Special Edition Intro
00:14 Sponsor Message Meter
00:33 Supply Chain Hack Setup
01:16 Breach Seen In Wild
02:36 Meet Jamie Blasko
02:56 Who Is Vercel
04:34 How The Breach Happened
05:58 Context AI And Shadow IT
07:58 OAuth Controls And Audits
09:11 Impact And Open Questions
11:24 Why MFA Falls Short
12:22 Where To Get Help
14:07 Host Takeaways OAuth Risk
14:53 What To Do Next
16:06 Wrap Up And Feedback
16:42 Sponsor Close Meter
17:24 Final Sign Off

Vercel Supply-Chain Breach via AI Tool, Meta Sued Over Scam Ads, and Ransomware Surges with "The Gentleman"
David Shipley covers new details on the Vercel breach, which began when an employee used the third-party AI tool Context AI; after Context AI was breached, attackers leveraged Google OAuth access to pivot into Vercel systems and enumerate unencrypted "non-sensitive" environment variables that contained usable secrets, with a hacker claiming Vercel data and source code and demanding $2M, while Vercel says Next.js and other open-source projects are safe and shares Google OAuth indicators of compromise. The episode also discusses a proposed class-action lawsuit alleging Meta misled users about scam ads and profited from them, noting Meta's claim it removed 159M scam ads and shut down nearly 11M criminal accounts. Finally, it cites ZeroFox data showing ransomware incidents holding steady at 2,059 in Q1 2026 and highlights Check Point research indicating "The Gentleman" has a much larger victim footprint and uses tactics like disabling Defender, re-enabling SMB1, abusing GPO, and targeting VMware environments.
Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst
00:00 Headlines and Sponsor
00:46 Vercel AI Supply Chain Breach
02:50 Meta Sued Over Scam Ads
04:55 Ransomware Numbers Q1 2026
06:46 Gentlemen Crew Exposed
08:56 Wrap Up and Thanks
09:42 Sponsor Message Meter