Cybersecurity Headlines

CPanel, WHM release fixes for three new vulnerabilities
Official JDownloader site serves malware to Windows and Linux users
Sen. Schumer seeks DHS plan on AI cyber coordination
Get the show notes here: https://cisoseries.com/cybersecurity-news-new-cpanel-vulnerabilities-jdownloader-delivers-malware-schumer-pushes-dhs/
Huge thanks to our episode sponsor, Doppel

Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.
 
But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.
 
We fight relentlessly to protect your business, brand, and people.
 
Doppel. Outpacing what's next in social engineering.
 
Learn more at doppel.com.

Link to the episode
This week's Department of Know is hosted by Rich Stroffolino, with guests Jonathan Waldrop, CISO, Acoustic, and Jason Elrod, CISO, MultiCare Health System.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Huge thanks to our sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

PAN-OS RCE exploit under active use enabling root access and espionage
Polish intelligence says hackers attacked water treatment control systems
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Get the show notes here: https://cisoseries.com/cybersecurity-news-pan-os-rce-exploit-poland-water-hacks-ivanti-epmm-flaw/
Thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Google Chrome installs 4GB AI model on devices
Daemon Tools disk app backdoored in supply-chain attack
Crypto's 'decentralised finance' sector hit by investor exodus
Get the show notes here:
Thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Video game platform hit by supply chain attack
Bleeding Llama could expose your data
US gets more early LLM access
Get the show notes here: https://cisoseries.com/cybersecurity-news-video-game-supply-chain-attack-bleeding-llama-us-gets-early-llm-access/ 
Thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.