
Sign up to save your podcasts
Or


Today's episode covers the takedown of a major SIM-swapping gang in Poland, which exploited telecom vulnerabilities to steal millions in cryptocurrency. This incident underscores the persistent risk of carrier-level breaches. We also examine "Gaslight," new macOS malware designed to evade AI analysis tools by injecting misleading data, highlighting the evolving challenge of AI-aware adversaries. The "Bluekit" phishing-as-a-service platform shows a dangerous escalation with nearly 70 new hostnames and browser-in-the-middle capabilities, making real-time session interception a growing threat.
On a broader scale, we discuss the Akrites.org initiative, emphasizing the collective responsibility to secure the open-source supply chain. For those leveraging AI, we touch on Google Cloud Tech's resources for developing AI agents and integrating AI-native databases, alongside a cautionary note about vetting new open-source AI tools like OpenKnowledge. Key takeaways include reviewing open-source dependencies, strengthening SIM-swapping defenses with MFA and carrier locks, and educating teams about sophisticated phishing techniques.
By CyberCloudAI.techToday's episode covers the takedown of a major SIM-swapping gang in Poland, which exploited telecom vulnerabilities to steal millions in cryptocurrency. This incident underscores the persistent risk of carrier-level breaches. We also examine "Gaslight," new macOS malware designed to evade AI analysis tools by injecting misleading data, highlighting the evolving challenge of AI-aware adversaries. The "Bluekit" phishing-as-a-service platform shows a dangerous escalation with nearly 70 new hostnames and browser-in-the-middle capabilities, making real-time session interception a growing threat.
On a broader scale, we discuss the Akrites.org initiative, emphasizing the collective responsibility to secure the open-source supply chain. For those leveraging AI, we touch on Google Cloud Tech's resources for developing AI agents and integrating AI-native databases, alongside a cautionary note about vetting new open-source AI tools like OpenKnowledge. Key takeaways include reviewing open-source dependencies, strengthening SIM-swapping defenses with MFA and carrier locks, and educating teams about sophisticated phishing techniques.