In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.
• Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.
• China’s pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.
• A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet’s FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.

Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.

This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.