M365 Creds Stolen, $17.7B Robbed in US, AI Dominates RSAC, Axios Supply Chain Hack

Universities & Manufacturing Attacked, Microsoft's AI Agent Protection, Fortinet RCE

Microsoft just patched 120 vulnerabilities across Windows and Office, while at the same time attackers are quietly poisoning the software supply chain to steal developer credentials at scale. A ransomware gang just disrupted Foxconn factories and claims to have stolen terabytes of sensitive data. And researchers are now confirming something many feared—AI is actively being used to discover zero-days and automate real-world cyberattacks. ★ Support this podcast on Patreon ★ [https://www.patreon.com/kramernow]

SharePoint Zero-Day, Manga Piracy, Apple App Store Scam, Bomgar Vulnerability

Today’s threat landscape is a perfect storm of destructive malware, mass credential theft, and attackers abusing the very tools defenders trust most. We’ve got a new data wiper hammering critical infrastructure in Venezuela, over 1,300 SharePoint servers still exposed to an actively exploited zero-day, and attackers turning Microsoft Defender itself into part of the attack chain. And if that wasn’t enough, fake crypto wallet apps slipped into Apple’s App Store while AI-assisted exploitation campaigns quietly harvested credentials from hundreds of targets. ★ Support this podcast on Patreon ★ [https://www.patreon.com/kramernow]

Rockstar Games Leaked, Booking.com Breached, McGraw-Hill Hit + Microsoft Zero-Days

Rockstar Games, Booking.com, and McGraw-Hill are all in today’s breach headlines, while a new warning says the quantum threat to encryption is no longer something organizations can afford to ignore. We’re also covering Microsoft zero-days, a dangerous Adobe PDF exploit, and over 100 malicious Chrome extensions stealing accounts straight from users’ browsers. ★ Support this podcast on Patreon ★ [https://www.patreon.com/kramernow]

M365 Creds Stolen, $17.7B Robbed in US, AI Dominates RSAC, Axios Supply Chain Hack

This week’s biggest cyber stories all point to the same hard truth: attackers are scaling faster than defenders, using automation, stolen tokens, and software supply chains to hit everything from Next.js apps and npm packages to routers, PLCs, and AI tools. And in several of these cases, they didn’t even need malware to cause serious damage. ★ Support this podcast on Patreon ★ [https://www.patreon.com/kramernow]

$10M Music Scam, iPhone Crypto Theft, Intune Wipe Attack, Cisco 0-Day, Trivy Supply Chain Hack

This week’s cyber stories are a reminder that attackers are no longer just stealing data—they’re hijacking the tools we trust most, from Microsoft Intune and Azure alerts to GitHub Actions and iPhones. We’ve got a massive medical-device breach, a major software supply-chain compromise, active ransomware zero-days, and phishing campaigns that bypass even encrypted messaging protections. ★ Support this podcast on Patreon ★ [https://www.patreon.com/kramernow]