Roblox cheats at work lead to a full corporate breach. Half a million people's health data listed for sale on Alibaba by the researchers trusted to protect it. A $5 Bluetooth tracker in a postcard tracks a NATO warship for 24 hours. The UK government officially says passkeys should replace passwords.

In this episode we break down the Vercel breach, the UK Biobank scandal, a Bluetooth tracker that exposed a $585 million warship, the NCSC's official passkey guidance ahead of World Password Day, plus Rituals Cosmetics, GCHQ's SilentGlass, Claude Desktop's silent browser hooks, a Grafana-branded sextortion scam, and Bitwarden's CLI getting hijacked.

Chapters

00:00 Intro
01:18 Vercel Breach: Roblox Cheats to Customer Data Exposure
06:38 Rituals Cosmetics Loyalty Programme Breach
09:46 UK Biobank Health Data Sold on Alibaba
13:41 GCHQ SilentGlass: Blocking Malware Over HDMI
16:25 Claude Desktop Silently Installs Browser Hooks
24:03 Sextortion Scam Disguised as Grafana Alert
29:15 Bitwarden CLI Hijacked in Supply Chain Attack
31:52 $5 Bluetooth Tracker Exposes NATO Warship
35:44 NCSC: Passkeys Should Replace Passwords
42:50 Security Socials: The HR Hot Take
46:08 Security Socials: Spam Caller Rick Astley Script
48:09 Security Socials: iPhone 17 Pro Stolen
51:56 Security Socials: My Cocoon Airplane Privacy
54:19 Security Socials: GPT Image 2 AI Generation
58:57 Outro

Subscribe to the newsletter for links to every story we discuss:

LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/

Our Intro and Outro Song © 16 by Falling Forever — Bandcamp: https://fallingforever.bandcamp.com/track/16 — Licence: https://creativecommons.org/licenses/by/4.0/

Nearly 800 Hungarian government passwords found in breach databases — including one from a colonel in charge of information security who used "FrankLampard". We break down how it happened, why it keeps happening, and what it means for anyone responsible for security culture at work.

Also this week: Rockstar Games hacked for the second time in three years through a third-party supplier. Basic-Fit gym breach exposes bank details of around one million members across Europe. Booking.com customers scammed using their own stolen reservation data before the company even told them about the breach.

On the news side: Microsoft's biggest ever Patch Tuesday with 165 fixes including an actively exploited SharePoint flaw, France ditching Windows across government, a UK energy company loses £700,000 in a payment redirection attack, Google cracking down on back button hijacking, and an emergency Adobe Acrobat patch for a flaw being quietly exploited since December.

Cybersecurity news explained in plain English. No jargon. Just the stories that matter and why they matter to real people.

New episodes every week. Subscribe wherever you listen.

Spotify
Apple Podcasts
LinkedIn Newsletter
YouTube
Instagram
TikTok

Our Intro and Outro Song © 16 by Falling Forever — https://fallingforever.bandcamp.com/track/16

This week: attackers are sending fake missile alert emails exploiting real Iran-US-Israel tensions to steal Microsoft credentials via QR code. We also cover a massive leak of sensitive LAPD police documents, an AI model that autonomously finds and exploits thousands of zero-days, and a Windows exploit that went public after a researcher fell out with Microsoft.

This week on The Awareness Angle:

Hackers steal 7.7TB of sensitive LAPD police documents including officer files, internal affairs investigations, and unredacted witness identities, via a third-party storage system. World Leaks (formerly Hunters International) are behind it.

Anthropic's Claude Mythos autonomously discovers and exploits thousands of zero-day flaws across major systems. The same capability that speeds up defence also speeds up attack. We break down what this means for security teams.

GrafanaGhost: a vulnerability in the popular monitoring platform Grafana that allows silent data exfiltration via AI prompt injection. Grafana disputes the severity. We give both sides.

Fake missile alert emails are landing in inboxes right now, exploiting real Iran-US-Israel tensions. They use QR codes to bypass email filters and redirect victims to a fake Microsoft login page. Urgency is the mechanism.

BlueHammer: a Windows local privilege escalation zero-day leaked publicly by a disgruntled researcher after a falling-out with Microsoft's security response team. No patch available. Functional exploit on GitHub.

The White House is proposing a $707 million cut to CISA, the agency that coordinates national cyber defence. A third of staff already left in the first months of Trump's second term.

Phish of the Week (from Hoxhunt): a WhatsApp/Meta impersonation email targeting business accounts that captures your login credentials and your MFA code in real time.

Plus: a North Korean hacker gets caught mid-interview, a job candidate accidentally receives a recording of his interviewers criticising him after he dropped off the call, and TikTok Lite appearing on Android phones after a carrier update.

00:00 Introduction

01:03 Breach of the Week: LAPD Police Documents Stolen and Leaked

03:18 Wynn Resorts - 21,000 Employees Hit by ShinyHunters

05:21 ChipSoft Ransomware Attack Disrupts Dutch Hospitals

06:51 Jones Day Law Firm Confirms Breach - Silent Ransom Group

09:48 Anthropic Project Glasswing: AI Finds Thousands of Zero-Days

13:42 GrafanaGhost: Data Theft via AI Prompt Injection

17:53 Missile Alert Phishing - Fake Civil Defence Emails Steal Microsoft Logins

22:49 BlueHammer: Windows Zero-Day Leaked on GitHub

26:55 White House Proposes $707M Cut to CISA

30:10 Phish of the Week: WhatsApp Meta Impersonation

35:34 Security Socials

Subscribe to the newsletter: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/

Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6

Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196

TikTok: https://www.tiktok.com/@infosecantInstagram: https://www.instagram.com/riskycreative

YouTube: https://www.youtube.com/@riskycreative

Our Intro and Outro Song © 16 by Falling Forever

Bandcamp: https://fallingforever.bandcamp.com/track/16

Licence: https://creativecommons.org/licenses/by/4.0/

Chinese hackers just broke into the system the FBI uses to track its own surveillance targets. The White House released an app that security researchers took apart and didn't like what they found. LinkedIn has been secretly scanning your browser extensions without telling you. And a Carnegie Mellon professor says app privacy labels are the nutrition labels of the internet — which tells you everything.

This week on The Awareness Angle: cybersecurity news explained in plain English, no jargon, no technical degree required. Anthony and Luke break down the biggest cyber stories of the week including a major FBI data breach, WhatsApp malware targeting Windows users, Google Drive's new ransomware protection, Apple blocking ClickFix attacks, and why AI-generated slop is quietly making all of us easier to scam.

New episode every week. Subscribe so you don't miss one.

Chapters

00:00 Intro
01:40 Breach of the Week: Chinese Hackers Breach the FBI's Wiretap System
07:15 Trivy Supply Chain Attack Hits the European Commission
11:45 The White House App Security Concerns Explained
18:15 Apple Blocks ClickFix Paste Attacks in macOS
23:35 App Privacy Labels vs Food Nutrition Labels
28:40 Google Drive Ransomware Detection Now Available
35:51 LinkedIn Secretly Scanning Your Browser Extensions
41:11 WhatsApp Used to Deliver Malware to Windows PCs
44:54 Phish of the Week: QR Code Salary Scam and Device Code Phishing
50:42 SMS Delivery Scam in the Wild
57:06 Sloppypasta and Why AI Content Is a Security Risk
1:02:04 Artemis II Has Two Broken Instances of Outlook in Space
1:03:54 Artemis II is Running Microsoft 365 in Space
1:04:43 Artemis II Astronaut Enters PIN on Live Stream
1:06:43 Apple Passwords App Ad
1:09:58 Nice Looking TikTok Video

📩 New episode every week. Get the newsletter at riskycreative.com

🌐 Website: https://www.riskycreative.com
🎙️ Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6
🍎 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196
💼 LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
🎵 TikTok: @infosecant
📸 Instagram: https://www.instagram.com/riskycreative
▶️ YouTube: https://www.youtube.com/@riskycreative

🎵 Intro/outro music: "16" by Falling Forever -- Licensed under Creative Commons Attribution 4.0 International (CC BY 4.0).
Track: https://fallingforever.bandcamp.com/track/16
License: https://creativecommons.org/licenses/by/4.0/

Episode 81 of The Awareness Angle.

This week: a hack at Ajax Amsterdam let attackers steal season tickets and quietly lift stadium bans. A security scanner got compromised and was used to backdoor LiteLLM, a tool downloaded 3.4 million times a day. OpenAI shuts down Sora and Disney walks away from its $1 billion deal. Meta launches new AI anti-scam features across WhatsApp, Facebook and Messenger. And Lloyds Banking reveals the full picture of its March 12 app glitch, where nearly half a million customers briefly saw each other's transactions.

We've also got Apple's new age verification rollout for UK iPhone users, a phishing campaign targeting TikTok for Business accounts that can bypass 2FA, and the ChatGPT fake invoice phish doing the rounds.

In the Security Socials: a great child online safety poster worth sharing with parents, a free phishing game for kids called The Phisherman, a viral deepfake detection trick, a personalised smishing campaign in France, and what happens when a French soldier goes for a Strava run on a ship.

Chapters

00:00 Intro01:31 Breach of the Week: Ajax Amsterdam04:37 Meta anti-scam tools10:08 OpenAI Sora and Disney14:23 LiteLLM supply chain attack21:43 Apple age verification UK26:33 TikTok for Business phishing32:26 Lloyds Banking app glitch37:26 Phish of the Week: ChatGPT fake invoice42:57 Security Socials48:32 Anthony's Security Social1:00:47 Luke's Security Social

Subscribe to the newsletter at riskycreative.com

🌐 Website: https://riskycreative.com

🎧 Spotify: https://open.spotify.com/show/theawarenessangle

🍎 Apple Podcasts: https://podcasts.apple.com/podcast/the-awareness-angle

💼 LinkedIn: https://www.linkedin.com/company/risky-creative

🎵 TikTok: https://www.tiktok.com/@theawarenessangle

📸 Instagram: https://www.instagram.com/theawarenessangle

▶️ YouTube: https://www.youtube.com/@theawarenessangle

Our Intro and Outro Song © 16 by Falling Foreverhttps://fallingforever.bandcamp.com/track/16

License https://creativecommons.org/licenses/by/4.0/

This week's human cybersecurity news . A US general leaves classified military documents on a train, over 8 million anonymous crime tips are exposed in a major data breach, and a Chrome extension with a million users and Google's Featured badge was silently hijacking shopping commissions for months. This week's cyber news explained in plain English.

Also covered this week: the FBI seizes websites belonging to Handala, the Iran-linked hacker group behind the devastating Stryker wiper attack that wiped 200,000 devices and shut down hospitals. Companies House exposes UK company directors' home addresses, email addresses and dates of birth for five months, through a bug that required nothing more than pressing the browser back button. A new Android malware called Perseus hides inside IPTV streaming apps and targets your notes app to steal passwords, financial details and account recovery phrases. And Japan officially legalises offensive cyber operations, or "proactive cyber defence", from October 2026, a major shift away from its post-war defensive-only stance.

This week's phishing example: a convincing Emirates loyalty reward scam sent through legitimate Eventbrite infrastructure to bypass email security filters, and how to spot it.

We're The Awareness Angle, a weekly cybersecurity podcast and newsletter that explains the biggest cyber threats, data breaches and online scams in plain English, with a focus on the human side of security. No jargon. No technical background needed.

New episode every week. Get the newsletter at riskycreative.com

Full episode on YouTube: https://youtu.be/9n-ewD0zZuU

Chapters

0:00 Intro
1:47 Breach of the Week: US General leaves classified maps on a train
7:23 Crime Stoppers data breach: 8 million anonymous tips exposed
12:22 Android malware Perseus: hiding in streaming apps, targeting your notes
17:29 Handala update: FBI seizes hacker websites after Stryker attack
20:58 Marquis ransomware: 672,000 bank customers' data stolen
26:37 Companies House: five months of exposed director data, fixed with a back button
31:34 Chrome extension malware: Save Image as Type removed after stealing commissions
38:18 Phish of the Week: Emirates loyalty scam via Eventbrite
43:05 SANS Security Awareness Summit 2026: call for presentations
45:18 Topics: Idris Elba's wax model unlocks his iPhone
46:30 Pete Tong reads out a URL like it's 1995
48:40 Tinder wants to scan your camera roll with AI
50:07 Japan legalises hacking back

Find Us

Website
Spotify
Apple Podcasts
LinkedIn
TikTok
Instagram
YouTube

Music

Intro/outro music: "16" by Falling Forever, licensed under Creative Commons Attribution 4.0 International (CC BY 4.0).
Track: https://fallingforever.bandcamp.com/track/16
License: https://creativecommons.org/licenses/by/4.0/

This week it's a busy one. We've got stories about hackers targeting your phone, your bank account, and even your doctor's equipment. There's a nasty trick doing the rounds that looks just like a Google Meet update, a massive data leak from the US government, and some alarming news for anyone who banks with Lloyds, Halifax or Bank of Scotland. All that, plus why you really need to update your iPhone this week. Let's get into it.

Chapters

00:01 Intro
01:50 Breach of the Week: Starbucks
06:06 Stryker hit by Iran-linked wiper attack
11:03 Lloyds, Halifax and Bank of Scotland banking glitch
16:09 Fake Google Meet update hands attackers control of your PC
20:19 Google Messages to get SMS blaster protection
27:02 Live: Anthony calls the SMS blaster scammer
34:51 DOGE staffer allegedly walked out with Americans' Social Security data
38:16 Apple patches older iPhones against Coruna exploit kit
43:32 Phish of the Week: Google recovery notification callback scam (Hoxhunt)
48:09 Topics: ClickFix evolves again
51:03 Topics: Darren Jones MP accidentally shares his passcode on camera
53:06 Topics: Tricking an AI scam caller
56:29 Topics: Apple MacBook Neo Touch ID ad
1:01:02 Outro

Subscribe to the weekly newsletter at riskycreative.com or find us as The Awareness Angle on LinkedIn, TikTok, Instagram, YouTube, Spotify and Apple Podcasts.

Got a story for us? Drop us a line at [email protected]

A hacker didn't need a team of experts. They just needed to convince an AI chatbot they were a penetration tester. What followed was the systematic breach of ten Mexican government agencies, 150GB of stolen data, and records touching 195 million people — more than the entire population of Mexico. That's just one of the stories this week on The Awareness Angle — the weekly cyber news podcast that focuses on the human side of security.

This week we also cover:

• The LastPass phishing campaign that doesn't ask for your password — it warns you someone else is stealing it, then harvests it anyway
• How the TfL hack in 2024 actually affected 10 million people, despite "some customers" being the official line for over a year
• The Odido data breach that triggered AI-voiced compensation scams within days of the data going public
• Why Meta Ray-Ban glasses may have captured intimate moments that ended up reviewed by contractors in Kenya
• How North Korea is using voice changers, Face Swap and AI-generated CVs to get hired by Western companies
• A QR code phishing email so well crafted it uses your company logo and a unique code tied to your email address

Timestamps

00:00:00 Intro
00:01:01 Podcast Intro
00:02:15 Breach of the Week – Star Citizen Data Breach
00:06:28 Hackers Use Claude AI to Breach Mexican Government
00:11:32 Fake LastPass Support Email Phishing Campaign
00:17:33 TfL Hack Affected 10 Million People
00:22:57 Odido Breach Triggers AI Scam Calls
00:27:57 Meta Ray-Ban Glasses Contractor Review
00:36:48 North Korea Using AI to Fake Job Interviews
00:40:51 Phish of the Week – QR Code Unlogged Work Hours
00:45:48 The Admin Password That Wasn't
00:47:22 Free PDF Converters and the 637 Cookies You Didn't Agree To
00:52:36 Dunning-Kruger and Why Users Click
00:55:26 The PayPal Two-Step Scam

More information
https://riskycreative.com

Listen on the go

Spotify
https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6

Apple Podcasts
https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196

Follow us

LinkedIn
https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/

TikTok
https://www.tiktok.com/@infosecant

Instagram
https://www.instagram.com/riskycreative

YouTube
https://www.youtube.com/@riskycreative

Our Intro and Outro Song © 16 by falling forever
https://fallingforever.bandcamp.com/track/16

License
https://creativecommons.org/licenses/by/4.0/

This week on The Awareness Angle, attackers ditch malware and pick up the phone, fake QR codes hit real parking meters, and even your weather app might be quietly fingerprinting you.

We start with Breach of the Week, as Optimizely confirms a data breach following a vishing attack. Impersonated IT support calls led to compromised internal systems and stolen CRM contact data. No ransomware, no exploit chain, just social engineering and misplaced trust.

In the news, fraudsters place fake QR stickers on 75 parking meters in Kelowna, turning everyday convenience into credential theft. New research reveals Samsung’s pre-installed weather app may create a persistent device fingerprint using hashed location identifiers. The UK’s ICO fines Reddit £14.47 million for unlawfully processing children’s data, raising fresh questions around age verification and platform responsibility.

We also cover security flaws across Android mental health apps with 14.7 million installs, exposing sensitive therapy data to potential risk, Instagram rolling out parental alerts for teen self-harm searches, and a researcher who accidentally gained control of nearly 7,000 robot vacuums worldwide.

In Awareness, we explore how AI tools like Gemini can be used to rapidly build interactive learning content, from phishing simulators to gamified modules, and what that means for the future of security awareness.

Plus, we touch on the viral Dacia Sandman campervan that never existed, the growing wave of ClickFix social engineering pop-ups, Samsung’s new privacy screen display tech, and a fresh warning about Google Ads phishing targeting Ahrefs users.

If you like your cyber news grounded in reality, focused on people, and just a little bit sceptical, you’re in the right place.

Timestamps
00:00:00 Intro
00:01:20 Breach of the Week – Optimizely Vishing Attack
00:03:40 Fake QR Codes on 75 Parking Meters
00:08:10 Samsung Weather App Fingerprinting Research
00:13:00 UK Fines Reddit £14.47M Over Children’s Data
00:17:30 Android Mental Health Apps Security Flaws
00:23:43 Instagram Parental Alerts for Self-Harm Searches
00:29:00 7,000 Robot Vacuums Remotely Accessible
00:35:00 Building Interactive Security Training with Gemini
00:46:40 The Dacia Sandman That Never Existed
00:51:43 ClickFix Pop-Ups in the Wild
00:54:43 Samsung Privacy Display Feature
00:58:17 Ahrefs Google Ads Phishing Warning

More Information
https://riskycreative.com

Follow us
LinkedIn
https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/

TikTok
https://www.tiktok.com/@infosecant

Instagram
https://www.instagram.com/riskycreative

YouTube
https://www.youtube.com/@riskycreative

Our Intro and Outro Song © 16 by falling forever
https://fallingforever.bandcamp.com/track/16

License
https://creativecommons.org/licenses/by/4.0/

This week on The Awareness Angle, Breach Watch is busy.

We cover 73,000 patients hit in an Arizona healthcare breach, stolen Eurail traveller data now up for sale, a phishing led incident at fintech firm Figure, 600,000 Canada Goose customer records leaked, and fresh claims from ShinyHunters around CarGurus.

In the news, we unpack the US plan for a freedom.gov portal designed to bypass content bans in Europe and elsewhere, plus new research finding vulnerabilities in popular password managers, and the first real world case of infostealer malware targeting OpenClaw AI agent secrets.

In Awareness, we talk about why AI generated passwords might not be as random as they look, why “strong looking” does not always mean secure, and what to do instead. We also end on a strong discussion point, online review blackmail, and why reputation is now part of your attack surface.

If you want cyber news explained with clarity, context, and a few strong opinions along the way, you are in the right place.

Timestamps

00:02:03 73,000 Patients Hit in Arizona Urology Data Breach
00:06:51 Eurail Traveller Data for Sale on the Dark Web
00:11:28 Fintech Firm Figure Breach After Phishing Attack
00:14:17 Canada Goose 600,000 Customer Records Leaked
00:18:25 ShinyHunters Claims CarGurus Breach
00:18:44 US “freedom.gov” Portal to Bypass Content Bans
00:22:50 Password Manager Vulnerabilities Exposed
00:26:21 Infostealer Malware Targeting OpenClaw AI Agents
00:32:44 AI Generated Passwords May Be Predictable
00:39:15 The 90 Day Password Rule Regret
00:44:30 Online Review Blackmail Scam
00:49:18 SSD Destruction Fail

More Information
riskycreative.com

Follow us
LinkedIn: The Awareness Angle Newsletter
TikTok: @infosecant
Instagram: @riskycreative
YouTube: @riskycreative

Listen on the go
Spotify: The Awareness Angle on Spotify
Apple Podcasts: The Awareness Angle on Apple Podcasts

Music
Intro and Outro Song © 16 by falling forever
Track link
License: CC BY 4.0