The Defensive Line Podcast
The Defensive Line Weekly — Episode 24, covering 21–28 June 2026. A weekly briefing for blue teamers and security leaders: the biggest stories of the week, why they matter, and what to do next. 🤖 Voices are AI-generated. Story curation and analysis is human. Sources Cisco Catalyst SD-WAN zero-day exploited for months * Mandiant / Google Cloud — zero-day exploitation of Cisco Catalyst SD-WAN Manager [https://cloud.google.com/blog/topics/threat-intelligence/zero-day-exploitation-cisco-catalyst-sd-wan-manager] * Cisco Security Advisory — SD-WAN Manager privilege escalation [https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx] * The Hacker News [https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html] * SecurityWeek [https://www.securityweek.com/cisco-sd-wan-zero-day-exploited-months-before-patching/] Amazon Q Developer flaw — malicious repos and cloud credential theft * Wiz — Amazon Q vulnerability [https://www.wiz.io/blog/amazon-q-vulnerability] * AWS Security Bulletin [https://aws.amazon.com/security/security-bulletins/2026-047-aws/] * The Hacker News [https://thehackernews.com/2026/06/amazon-q-developer-flaw-could-let.html] * SecurityWeek [https://www.securityweek.com/amazon-q-flaw-enabled-cloud-credential-theft-via-malicious-repositories/] “BadBlocker” — 11M-install ad blocker that can run code anywhere * Island — BadBlocker research [https://www.island.io/blog/badblocker-11-million-users-one-server-call-away-from-compromise] * The Hacker News [https://thehackernews.com/2026/06/chrome-ad-blocker-with-10m-installs.html] Russian intelligence targeting Signal backup recovery keys * FBI / IC3 Public Service Announcement [https://www.ic3.gov/PSA/2026/PSA260626] * CISA advisory [https://www.cisa.gov/resources-tools/resources/russian-intelligence-services-continue-target-commercial-messaging-applications] * The Hacker News [https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html] * The Record [https://therecord.media/russia-ukraine-social-engineering-messaging-accounts] Operation Endgame — SocGholish, Amadey and StealC takedown * Europol [https://www.europol.europa.eu/media-press/newsroom/news/global-cyber-strike-disrupts-socgholish-amadey-and-stealc-malware-networks] * Microsoft Security Blog [https://www.microsoft.com/en-us/security/blog/2026/06/24/stealc-and-amadey-breaking-down-infostealers-and-the-cybercrime-services-that-deliver-them/] * The Hacker News [https://thehackernews.com/2026/06/amadey-and-stealc-malware-network.html] * Wired — LastPass user data stolen again [https://www.wired.com/story/security-news-this-week-lastpass-users-had-their-data-stolen-again/] Honourable mentions & vulnerability roundup * The Register — “Miasma” npm supply-chain campaign [https://www.theregister.com/security/2026/06/26/miasma_campaign_npm/] * Novee Security — “Cordyceps” CI/CD weakness [https://novee.security/blog/cordyceps/] * The Hacker News — Cordyceps exposes 300+ GitHub repos [https://thehackernews.com/2026/06/cordyceps-cicd-flaws-expose-300-github.html] * Microsoft — photo-zip campaign targeting hospitality [https://www.microsoft.com/en-us/security/blog/2026/06/25/photo-zip-campaign-targeting-hospitality/] * The Hacker News — “Gaslight” macOS stealer with prompt injection [https://thehackernews.com/2026/06/new-gaslight-macos-malware-uses-prompt.html] * BleepingComputer — CISA deadline for exploited Cisco CUCM flaw [https://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/] * Dark Reading — attackers weaponise Cisco CUCM flaw [https://www.darkreading.com/cyberattacks-data-breaches/less-than-24-hours-attackers-weaponize-cisco-cucm-flaw] * The Hacker News — CISA adds exploited PTC Windchill RCE [https://thehackernews.com/2026/06/cisa-adds-exploited-ptc-windchill-rce.html] * The Hacker News — “DirtyClone” Linux kernel flaw [https://thehackernews.com/2026/06/new-dirtyclone-linux-kernel-flaw-lets.html] * The Hacker News — Linux “pedit” copy-on-write exploit [https://thehackernews.com/2026/06/new-linux-pedit-cow-exploit-enables.html] This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit thedefensiveline.substack.com [https://thedefensiveline.substack.com?utm_medium=podcast&utm_campaign=CTA_1]
25 Folgen
Kommentare
0Sei die erste Person, die kommentiert
Melde dich jetzt an und werde Teil der The Defensive Line Podcast-Community!