Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week’s briefing covers: North Korean Fake Workers Expand to European Organizations Kroll has previously reported on the growing scale of the DPRK IT worker fraud scheme where the U.S. was a key focus, with some Southeast Asian countries also seeing fraudulent activity. It has since been reported that an increase in active operations in Europe has been observed—a notable expansion since its beginnings in 2024.

This week on, Corey and Marc discuss a recent cascading supply chain attack involving multiple Github actions workflows that nearly succeeded in compromising a popular Coinbase application. Before that, they discuss a novel way to download malware onto an endpoint by abusing a web browser's caching feature. Additionally, they cover an FBI alert on file converter malware scams.

This week on the podcast, we discuss a recent threat intelligence report on the Chinese Phishing-as-a-Service platform Lucid. Before that, we cover the alleged Oracle Cloud breach before reviewing the Singapore Shared Responsibility Framework, designed to combat financial scams.

SIM swapping is a dangerous scam that can give cybercriminals access to your phone, accounts and personal data. In this video, we explain how SIM swapping works and the simple steps you can take to stay protected.

How to EASILY identify Vulnerabilities.

Tailor your message to your audience. Stefania Chaplin shares a simple framework for getting the message right—from seven words for execs to full context for developers.

Are YOU impacted by this Next.js Vulnerability?

Phishing emails use social engineering tactics to steal your personal information, but you can stop them in their tracks. In under 90 seconds, learn how to spot the red flags of phishing emails, including urgent language, suspicious email addresses and unsolicited links.

In rare cases, you can get a virus by visiting a website. This is possible through exploit kits and drive-by downloads. Learn more about how you can get viruses from visiting a website and what to do if you ever get infected.

Privileged Access Management (PAM) secures access to privileged accounts to minimize security risks and ensure compliance. In this short video, learn how PAM strengthens organizations’ security and protects sensitive data.