Sign up to save your podcasts
Or
Share Legacy Exploits, Poisoned Packages, and Password Hijacks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Legacy Exploits, Poisoned Packages, and Password Hijacks
## 🎙️ Hosts
- Professor CyberRisk
- Cyber Cowboy
---
## 🌐 Live Cyber Maps
- Bitdefender Threat Map: https://threatmap.bitdefender.com/
- Check Point Threat Map: https://threatmap.checkpoint.com/
- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/
- Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam
---
## 📢 Episode Information
**Title:** _Legacy Exploits, Poisoned Packages, and Password Hijacks
**Episode Number:** 3x20
---
## 🧠 Overview
This week, Professor CyberRisk and Cyber Cowboy dissect the latest wave of cyber threats—from Russian espionage campaigns targeting unpatched Cisco gear to stealthy clickjacking attacks on password managers. Whether you're an enterprise defender or a solo dev, these stories will make you rethink your patching strategy, supply chain hygiene, and user awareness training.
---
## 🎤 Guest Information
None this episode
---
## 🧵 Topics Covered
- Russian state-sponsored exploitation of legacy Cisco vulnerabilities
- DOM-based clickjacking targeting browser password managers
- Apple’s emergency patch for zero-day CVE-2025-43300
- Malicious PyPI packages infiltrating developer environments
- AsyncRAT delivered via fake verification prompts
---
## 🚨 Top Stories
**FBI Warns of Russian Espionage via Unpatched Cisco Devices**
Summary: Russian group Static Tundra exploits CVE-2018-0171 in Cisco IOS/IOS XE.
Why it Matters: Legacy vulnerabilities still pose major risks.
What You Should Be Doing: Audit Cisco gear, patch or disable Smart Install, monitor traffic.
Cited link: [The Hacker News](https://thehackernews.com/)
---
## 🧩 Additional Cybersecurity News – Titles and URLs
**DOM-Based Clickjacking Targets Password Managers**
https://thehackernews.com/
**Apple Patches Zero-Day CVE-2025-43300**
https://thehackernews.com/
**Weaponized PyPI Packages Target Developers**
https://cybersecuritynews.com/weekly-cybersecurity-news-recap/
**AsyncRAT Delivered via Fake Verification Prompts**
https://cybersecuritynews.com/weekly-cybersecurity-news-recap/
---
## 📚 Resources & Links
None this episode
---
## 📣 Call to Action
- **Subscribe:** Stay updated on cybersecurity threats.
- **Leave a Review:** Let us know what you think.
- **Join the Conversation:** Follow our community and ask questions.
---
## 💼 Sponsor (if applicable)
No sponsors this episode
---
## 🌐 Podcast Socials & Website
- Website: https://www.youvealreadybeenhacked.com
- X: [@professorcyberrisk](https://twitter.com/professorcyberrisk)
- YouTube: https://www.youtube.com/@YABHPodcast
- Discord/Community: https://discord.gg/cz3xdsrqAE
View all episodes
By Professor CyberRisk
5
44 ratings
## 🎙️ Hosts
- Professor CyberRisk
- Cyber Cowboy
---
## 🌐 Live Cyber Maps
- Bitdefender Threat Map: https://threatmap.bitdefender.com/
- Check Point Threat Map: https://threatmap.checkpoint.com/
- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/
- Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam
---
## 📢 Episode Information
**Title:** _Legacy Exploits, Poisoned Packages, and Password Hijacks
**Episode Number:** 3x20
---
## 🧠 Overview
This week, Professor CyberRisk and Cyber Cowboy dissect the latest wave of cyber threats—from Russian espionage campaigns targeting unpatched Cisco gear to stealthy clickjacking attacks on password managers. Whether you're an enterprise defender or a solo dev, these stories will make you rethink your patching strategy, supply chain hygiene, and user awareness training.
---
## 🎤 Guest Information
None this episode
---
## 🧵 Topics Covered
- Russian state-sponsored exploitation of legacy Cisco vulnerabilities
- DOM-based clickjacking targeting browser password managers
- Apple’s emergency patch for zero-day CVE-2025-43300
- Malicious PyPI packages infiltrating developer environments
- AsyncRAT delivered via fake verification prompts
---
## 🚨 Top Stories
**FBI Warns of Russian Espionage via Unpatched Cisco Devices**
Summary: Russian group Static Tundra exploits CVE-2018-0171 in Cisco IOS/IOS XE.
Why it Matters: Legacy vulnerabilities still pose major risks.
What You Should Be Doing: Audit Cisco gear, patch or disable Smart Install, monitor traffic.
Cited link: [The Hacker News](https://thehackernews.com/)
---
## 🧩 Additional Cybersecurity News – Titles and URLs
**DOM-Based Clickjacking Targets Password Managers**
https://thehackernews.com/
**Apple Patches Zero-Day CVE-2025-43300**
https://thehackernews.com/
**Weaponized PyPI Packages Target Developers**
https://cybersecuritynews.com/weekly-cybersecurity-news-recap/
**AsyncRAT Delivered via Fake Verification Prompts**
https://cybersecuritynews.com/weekly-cybersecurity-news-recap/
---
## 📚 Resources & Links
None this episode
---
## 📣 Call to Action
- **Subscribe:** Stay updated on cybersecurity threats.
- **Leave a Review:** Let us know what you think.
- **Join the Conversation:** Follow our community and ask questions.
---
## 💼 Sponsor (if applicable)
No sponsors this episode
---
## 🌐 Podcast Socials & Website
- Website: https://www.youvealreadybeenhacked.com
- X: [@professorcyberrisk](https://twitter.com/professorcyberrisk)
- YouTube: https://www.youtube.com/@YABHPodcast
- Discord/Community: https://discord.gg/cz3xdsrqAE