Sign up to save your podcasts
Or
Share 129 - Quick Assist, Slow Panic
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
129 - Quick Assist, Slow Panic
Send us Fan Mail
We track how attackers keep turning trusted channels into reliable intrusion paths, from extension marketplaces to chat platforms and developer dependencies. We also lay out what defenders should patch first and how to validate fixes so security work actually reduces risk.
• Glasswarm escalation against Open VSX using a modular loader for stealthier propagation
• Why defenders need full intrusion chain telemetry across execution, persistence and C2
• Microsoft Teams phishing that impersonates IT and abuses Quick Assist for remote access
• Living off the land detection focused on behaviors rather than specific malware files
• Astronata backdooring React Native packages to steal crypto wallets and developer credentials
• Software supply chain hygiene through provenance checks and dependency trust path reviews
• Chrome vulnerabilities exploited in the wild and why pre-patch hunting matters
• Veeam critical flaws and treating backup infrastructure as a tier zero asset
• VPN credential theft campaigns and enforcing MFA across every authentication path
• Post-patching rigor with version checks, exposure validation, log review and secret rotation
Support the show
Thanks for listening to InfoSec.Watch!Subscribe to our newsletter for in-depth analysis: https://infosec.watch
Follow us for daily updates:
- X (Twitter)
- LinkedIn
- Facebook -
Stay secure out there!
View all episodes
By Infosec.WatchSend us Fan Mail
We track how attackers keep turning trusted channels into reliable intrusion paths, from extension marketplaces to chat platforms and developer dependencies. We also lay out what defenders should patch first and how to validate fixes so security work actually reduces risk.
• Glasswarm escalation against Open VSX using a modular loader for stealthier propagation
• Why defenders need full intrusion chain telemetry across execution, persistence and C2
• Microsoft Teams phishing that impersonates IT and abuses Quick Assist for remote access
• Living off the land detection focused on behaviors rather than specific malware files
• Astronata backdooring React Native packages to steal crypto wallets and developer credentials
• Software supply chain hygiene through provenance checks and dependency trust path reviews
• Chrome vulnerabilities exploited in the wild and why pre-patch hunting matters
• Veeam critical flaws and treating backup infrastructure as a tier zero asset
• VPN credential theft campaigns and enforcing MFA across every authentication path
• Post-patching rigor with version checks, exposure validation, log review and secret rotation
Support the show
Thanks for listening to InfoSec.Watch!Subscribe to our newsletter for in-depth analysis: https://infosec.watch
Follow us for daily updates:
- X (Twitter)
- LinkedIn
- Facebook -
Stay secure out there!