The Defensive Line Podcast
The Defensive Line Weekly podcast is the audio version of the weekly Defensive Line Substack intelligence summary. Written by humans but read by AI. It turns the week’s key cyber stories into a practical conversation between Carter and Lizzie. FortiBleed and edge credential exposure * CISA — CISA urges hardening Fortinet devices after reports of credential exposure [https://www.cisa.gov/news-events/alerts/2026/06/18/cisa-urges-hardening-fortinet-devices-after-reports-credential-exposure] * NCSC — Advice following global targeting of Fortinet firewalls and VPN gateways [https://www.ncsc.gov.uk/news/advice-following-global-targeting-of-fortinet-firewalls-and-vpn-gateways] * The Hacker News — CISA warns Fortinet customers as compromised credentials leak [https://thehackernews.com/2026/06/cisa-warns-fortinet-customers-as.html] Klue, OAuth tokens and SaaS integration risk * Huntress — Klue breach investigation [https://www.huntress.com/blog/klue-breach-investigation] * Klue — Update on recent Klue security incident [https://klue.com/blog/an-update-on-recent-klue-security-incident] * The Hacker News — Salesforce disables Klue app [https://thehackernews.com/2026/06/salesforce-disables-klue-app.html] * BleepingComputer — Klue OAuth breach linked to Icarus Salesforce data theft attacks [https://www.bleepingcomputer.com/news/security/klue-oauth-breach-linked-to-icarus-salesforce-data-theft-attacks/] Mastra, AutoJack and trusted tooling * Microsoft Threat Intelligence — Postinstall payload inside Mastra npm supply chain compromise [https://www.microsoft.com/en-us/security/blog/2026/06/17/postinstall-payload-inside-mastra-npm-supply-chain-compromise/] * Microsoft Defender Security Research — AutoJack: single-page RCE on host running AI agent [https://www.microsoft.com/en-us/security/blog/2026/06/18/autojack-single-page-rce-host-running-ai-agent/] * BleepingComputer — Microsoft links Mastra AI supply-chain attack to North Korean hackers [https://www.bleepingcomputer.com/news/security/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/] * The Hacker News — 144 Mastra npm packages compromised [https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html] * The Hacker News — AutoJack attack lets one web page execute code [https://thehackernews.com/2026/06/autojack-attack-lets-one-web-page.html] * BleepingComputer — Microsoft fixes AutoGen Studio flaw [https://www.bleepingcomputer.com/news/security/microsoft-fixes-autogen-studio-flaw-that-enabled-code-execution/] Honourable mentions * ESET Research — Killing me gently: inside Gentlemen’s EDR killer framework [https://www.welivesecurity.com/en/eset-research/killing-me-gently-inside-gentlemens-edr-killer-framework/] * The Hacker News — F5 patches two critical NGINX Open Source flaws [https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html] * The Hacker News — Hackers exploit Gravity SMTP WordPress plugin [https://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html] * Dark Reading — Novo Nordisk breach exposes dev pipeline risk [https://www.darkreading.com/cyber-risk/novo-nordisk-breach-exposes-dev-pipeline-risk] * The Hacker News — Operation Endgame disrupts SocGholish [https://thehackernews.com/2026/06/operation-endgame-disrupts-socgholish.html] * The Hacker News — AryStinger malware infects legacy D-Link routers [https://thehackernews.com/2026/06/arystinger-malware-infects-4300-legacy.html] This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit thedefensiveline.substack.com [https://thedefensiveline.substack.com?utm_medium=podcast&utm_campaign=CTA_1]
25 episodes
Comments
0Be the first to comment
Sign up now and become a member of the The Defensive Line Podcast community!