Podcasts

A three-CVE chain targeting Cisco SD-WAN vManage has compromised thousands of utility clients — CISA says full rebuilds, not patches. Moderate-confidence PRC attribution frames this as strategic pre-positioning, not crime. Plus: a CVSS 10.0 AI agent RCE, a thirteen-year-old ActiveMQ bug with public exploit code, and the SharePoint spoofing flaw whose federal deadline expires today. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

The afternoon session delivers a significant correction: the LAPSUS$ corporate breach claim against Checkmarx is unconfirmed and single-sourced, downgrading the morning's supply-chain crisis framing. Meanwhile, a live Signal phishing campaign targeting over 300 German government officials — attributed to Russia at moderate confidence — forces the panel to debate whether this is strategic pre-positioning or opportunistic espionage using seven-dollar-a-hundred tooling. Plus: patch priorities narrowed to two same-day actions, and GDPR notification clocks are running. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

ShinyHunters has a 48-hour deadline, a confirmed supply chain feeder in TeamPCP, and over a hundred million records across nine victims — with five-and-a-half to eleven billion dollars in aggregate exposure. Microsoft's Patch Tuesday priorities are wrong: CVE 2026-33824 and BlueHammer are the real emergencies. Plus, Apple's iOS purge claim is forensically unverified, and KelpDAO's bailout just proved DeFi isn't decentralized. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

TeamPCP's Bitwarden CLI compromise introduces worm-like self-propagation that turns every infected developer into a cascade infection vector — and for the first time, AI agent configurations are a first-class target. Plus: a CVSS 9.8 sits unpatched in 911 infrastructure with no federal mandate to fix it, and fifteen nations declare static IP blocklists dead. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

A self-propagating npm worm from Namastex Labs marks a step-function escalation in supply chain attacks — no social engineering, just code abusing code, exponential spread, and C2 infrastructure that cannot be sinkholed. Meanwhile, France's ANTS breach of 19 million government-verified identity records triggers an EU-wide fraud cascade and a textbook GDPR enforcement failure. Plus: trusted-platform C2 abuse via Microsoft Graph API and Hugging Face is eroding detection fundamentals. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Anthropic's Claude Mythos — an AI that autonomously executes 32-step cyberattack chains — was accessed by unauthorized researchers through a contractor compromise. We break down what the breach means for AI governance, cover five coordinated supply chain attacks hitting AI dev tools in 14 days, and triage the Cisco SD-WAN exploit chain and Quest KACE CVSS 10.0 emergency alongside the Microsoft April patch load. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Three operationally urgent threats dominate today's panel: a trivially exploitable Cisco SD-WAN CVE chain with a live CISA emergency directive, the confirmed Roblox-to-enterprise breach path behind the Vercel compromise, and France's third government identity system falling in a single quarter. Plus: why the Lazarus attribution on KelpDAO is being walked back. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Three concurrent crises — the Vercel OAuth breach, the $292M KelpDAO DeFi exploit, and Anthropic's Mythos triggering a five-central-bank regulatory storm — share one thread: attackers aren't breaking locks, they're walking through doors we left open. Halil and the panel break down what happened, who did it, and what you need to do before tomorrow morning. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

The KelpDAO LayerZero bridge exploit has left $177–200M in unrecoverable bad debt inside Aave — and our panel confirms it's a trust-model failure that puts every similar DeFi protocol at risk today. Plus: Anthropic's Mythos AI is finding zero-days at machine speed, iOS exploit kits are hitting 270 million current devices not legacy phones, and we correct a critical briefing error live on air. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

A verified zero-day turns Microsoft Defender into the attack chain — no patch, SYSTEM access, confirmed in the wild. We also pressure-test Claude Mythos's AI exploit claims, track Iranian hackers targeting U.S. water infrastructure, and break down what a $25 million hospital breach really costs. A structural acceleration in attacker advantage is underway. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

North Korea's UNC1069 weaponized an 83-million-download npm package to reach OpenAI's code-signing certificates. Iran is pre-positioning in U.S. water and energy PLCs. And Anthropic quietly shelved an AI that found zero-days faster than any human team. Today's panel breaks down what it all means — and what you need to do in the next 48 hours. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Anthropic's withheld Mythos AI model can autonomously compromise entire networks in hours — and that's just the headline. Today: TeamPCP's credential harvesting empire hits five ecosystems in five days, AI coding agents leak your secrets through prompt injection, a WordPress backdoor runs on Ethereum smart contracts, and CareCloud's healthcare breach puts 8 million patients at risk. The throughline? Credentials. It's always credentials. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

North Korea backdoored one of the most downloaded JavaScript packages on the planet. Fortinet's own sandbox became an attack surface. And Microsoft dropped 167 CVEs — including preview-pane RCEs that require zero clicks. Today the panel tears apart all three and tells you what to do before the weekend. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

A DPRK supply chain attack on npm's most-downloaded HTTP library cascaded into OpenAI's code-signing infrastructure. ShinyHunters leaked 78.6 million Rockstar Games records via a SaaS monitoring tool. And a WordPress plugin is burning through unpatched sites at 312,000 blocked attempts. It's April 14, 2026 — and the threat board is full. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Iranian state actors are inside nearly four thousand US industrial controllers — no exploits needed, just an open port and legitimate software. Plus: a fourteen-billion-dollar supply chain cascade, AI that finds exploits faster than humans can patch, and a critical correction to the briefing everyone else got wrong. This is a heavy one. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Anthropic's Mythos AI can weaponize a zero-day in under 24 hours for less than two thousand dollars — and that's just what's been verified. Today the panel debates what's real versus hype, unpacks a four-month-old Adobe Reader zero-day with no patch in sight, traces a six-hour supply chain attack that may have cost over a billion dollars, and confronts the governance vacuum around AI-powered offensive cyber. It's a heavy one. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Adobe Reader has been silently exploited by Russian APT Sandworm since December — and there's still no patch. Iran's Handala just wiped 200,000 devices without deploying a single line of malware. And a leaked AI model called Claude Mythos can find and exploit vulnerabilities autonomously. Today's roundtable covers all three, plus the LiteLLM supply chain breach that may still be open right now. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Five simultaneous high-impact threats — a CVSS 10.0 AI platform zero-day, MFA-bypassing OAuth phishing-as-a-service, Iranian actors manipulating water and energy PLCs, a new APT28 malware suite, and an AI that autonomously finds zero-days for twenty thousand dollars — converge on April 9, 2026 with a combined financial exposure exceeding four point six billion dollars. The CyberDaily Threatcast panel breaks down every threat, every disagreement, and every action item. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

An AI model autonomously chains zero-days with a 72.4% success rate. Iranian hackers are disrupting U.S. water and energy systems using nothing but legitimate software. The FBI remotely patched thousands of privately owned routers without consent. Today's CyberDaily Threatcast panel breaks down a structural inflection point across every domain of cybersecurity. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

A confirmed kill chain from Fortinet zero-day to BYOVD ransomware could flatten a hospital in under two hours. North Korea just stole two hundred eighty-five million dollars with a six-month con. And a supply chain attack already hit the European Commission. Today's panel war-games the convergence — and builds the seventy-two hour response plan. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

The 2026 Iran war has rewritten the rules of cyber conflict. We examine the Stryker attack — 200,000 devices wiped with zero malware — Iran's three-tier cyber warfare machine, drone strikes on Amazon and Oracle data centers, and what all of it means for every enterprise running cloud infrastructure today. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Five major threats, one terrifying pattern: state actors and criminal groups independently adopting identical tradecraft — synthetic identities, long-horizon infiltration, credential-based access — faster than defenders can adapt. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

North Korean operatives spent six months shaking hands at conferences before stealing $285 million from Drift Protocol. We break down the industrialization of DPRK crypto theft, a telnetd zero-day on fifty thousand exposed assets, and npm supply chain under siege. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.

Two North Korean cyber units hit crypto and software supply chains simultaneously. Fortinet's FortiClient EMS is bleeding through two pre-auth vulnerabilities. Combined financial exposure: four point nine billion dollars in seventy-two hours. Disclosure: This episode is AI-generated. The script, narration, and voices are generated by AI from structured Cyber Threatcast roundtable analysis curated by Halil Öztürkci.