Cybersecurity Today host David Shipley covers how a newly unsealed U.S. complaint tied an alleged Scattered Spider member to a luxury retailer intrusion using a persistent Windows device ID, with prosecutors alleging help-desk social engineering, admin account takeover, data exfiltration, and an $8 million ransom demand; the episode also notes additional Scattered Spider-related guilty pleas in the U.K. and U.S. The show reports Google patched "Rogue Agent," a Dialogflow CX permission-boundary issue involving Python code blocks in Cloud Run that could enable data theft or credential prompts across agents in a shared project. It details "Janus Escape" (CVE-2026-53359), a 16-year-old Linux KVM use-after-free enabling guest-to-host escapes in cloud environments, patched in June. The show explores Apple's shift to out-of-band security updates due to AI-accelerated exploitation, and a multi-platform redirect phishing campaign using fake job interviews and browser-in-browser Google login prompts targeting marketers' Google accounts. 00:00 Sponsor NordLayer 00:36 Headlines Intro 01:03 Scattered Spider Traced 03:16 More Spider Arrests 04:31 Google Rogue Agent 06:24 Linux Janus Escape 08:04 Apple Patching Shift 10:04 Marketer Phish Chain 12:17 Wrap Up Thanks 12:53 Sponsor Message