Send us Fan Mail

We track how trust boundaries fail across the modern stack, from CI/CD supply chain compromise to phishing-driven account takeover and remote assistance abuse. We also break down actively exploited vulnerabilities and a practical tier 0 validation loop that treats patching like incident response, not routine maintenance.
• supply chain compromise risk when trusted CI/CD tooling is abused for credential theft
• behavior-based hunting on build systems, including anomalous execution and network egress
• phishing campaigns against Signal and WhatsApp framed as identity compromise at scale
• Microsoft Teams social engineering path to Quick Assist remote access and intrusion expansion
• vulnerability triage for active exploitation, including Cisco FMC CVE-2026-20131 and rapid weaponization of new disclosures
• mobile exploit kit reporting and why device takeover belongs in tier 0 thinking
• IoT botnet disruption as a prompt to inventory unmanaged devices and validate network visibility
• one-week tier 0 validation loop: verify versions, remove exposure, review logs, rotate secrets
Follow the show on X, Facebook, and LinkedIn, and subscribe at https://infosec.watch.

Support the show

Send us Fan Mail

We track how attackers keep turning trusted channels into reliable intrusion paths, from extension marketplaces to chat platforms and developer dependencies. We also lay out what defenders should patch first and how to validate fixes so security work actually reduces risk.
• Glasswarm escalation against Open VSX using a modular loader for stealthier propagation
• Why defenders need full intrusion chain telemetry across execution, persistence and C2
• Microsoft Teams phishing that impersonates IT and abuses Quick Assist for remote access
• Living off the land detection focused on behaviors rather than specific malware files
• Astronata backdooring React Native packages to steal crypto wallets and developer credentials
• Software supply chain hygiene through provenance checks and dependency trust path reviews
• Chrome vulnerabilities exploited in the wild and why pre-patch hunting matters
• Veeam critical flaws and treating backup infrastructure as a tier zero asset
• VPN credential theft campaigns and enforcing MFA across every authentication path
• Post-patching rigor with version checks, exposure validation, log review and secret rotation

Support the show

Send a text

We track a clear theme across this week’s security headlines: everything is getting bigger, faster, and harder to manage, from AI-generated malware to massive patch waves. We focus on cutting blast radius with risk-based patching, resilience-first strategy, and automation that can keep up with machine-scale attacks.

• AI-assisted malware as a volume play that strains signature-based detection
• CISA KEV additions affecting physical security tech and industrial OT environments
• Cisco firewall patch surge and why perfect-10 bugs demand rapid edge triage
• Risk-based prioritization starting with the most exposed internet-facing devices
• VMware ARIA Operations auth bypass as a high-impact management-plane risk
• Nginx UI remote code execution as a supply chain style weak link
• Resilience mindset built on detection, response, and rehearsed incident response plans
• Automated sandboxing and modern EDR to counter high-volume malware
• Continuous security awareness training that teaches and builds security culture

Don't forget to follow us on X, Facebook, or LinkedIn, and be sure to subscribe to our newsletter at infosec.watch for the latest updates.

Support the show