
Sign up to save your podcasts
Or


The Defensive Line Weekly is a podcast version of our weekly Substack intelligence summary — the security stories that matter most for blue teamers and security leaders, with clear implications and practical defensive actions. AI voices are used, but the content is human curated and written with the support of AI.
Topic 1: Helpdesk Impersonation Continues to Succeed
* CrowdStrike — Cordial Spider adversary profile
* CrowdStrike — Snarky Spider adversary profile
* Google / Mandiant GTIG — Expansion of ShinyHunters SaaS data theft
* Unit 42 / RH-ISAC — Extortion in the enterprise: defending against BlackFile attacks
* CyberScoop — CrowdStrike names Cordial Spider and Snarky Spider
Topic 2: cPanel & WHM and CopyFail
cPanel / WHM CVE-2026-41940
* watchTowr Labs — cPanel WHM authentication bypass
* cPanel vendor advisory — 28 April 2026
* Censys — The cPanel situation
* Help Net Security — cPanel zero-day exploited
* Rapid7 — CVE-2026-41940 ETR
CopyFail CVE-2026-31431
* Wiz Research — CopyFail Linux privilege escalation
* Ubuntu security advisory
* AlmaLinux blog
* Red Hat CVE advisory
* Microsoft Security Blog — CopyFail cloud and Kubernetes impact
* CERT-EU SA 2026-005
Topic 3: Three Supply Chain Attacks in One Week
* SentinelOne — Week 18 supply chain roundup
* Aikido Security — PyTorch Lightning PyPI compromise
* Socket — PyTorch Lightning compromised
* The Hacker News — Poisoned Ruby gems and Go modules
* The Hacker News — PyTorch Lightning supply chain
* The Register — SAP npm supply chain
Honourable Mentions
* TRM Labs — North Korea 2026 crypto theft
* Arctic Wolf — BlueNoroff ClickFix and AI-generated Zoom lures
* NCSC — AI-driven patch wave warning
* Fortinet PSIRT FG-IR-26-100
* Fortinet PSIRT FG-IR-26-112
* The Register — Gemini CLI critical RCE
By The Defensive LineThe Defensive Line Weekly is a podcast version of our weekly Substack intelligence summary — the security stories that matter most for blue teamers and security leaders, with clear implications and practical defensive actions. AI voices are used, but the content is human curated and written with the support of AI.
Topic 1: Helpdesk Impersonation Continues to Succeed
* CrowdStrike — Cordial Spider adversary profile
* CrowdStrike — Snarky Spider adversary profile
* Google / Mandiant GTIG — Expansion of ShinyHunters SaaS data theft
* Unit 42 / RH-ISAC — Extortion in the enterprise: defending against BlackFile attacks
* CyberScoop — CrowdStrike names Cordial Spider and Snarky Spider
Topic 2: cPanel & WHM and CopyFail
cPanel / WHM CVE-2026-41940
* watchTowr Labs — cPanel WHM authentication bypass
* cPanel vendor advisory — 28 April 2026
* Censys — The cPanel situation
* Help Net Security — cPanel zero-day exploited
* Rapid7 — CVE-2026-41940 ETR
CopyFail CVE-2026-31431
* Wiz Research — CopyFail Linux privilege escalation
* Ubuntu security advisory
* AlmaLinux blog
* Red Hat CVE advisory
* Microsoft Security Blog — CopyFail cloud and Kubernetes impact
* CERT-EU SA 2026-005
Topic 3: Three Supply Chain Attacks in One Week
* SentinelOne — Week 18 supply chain roundup
* Aikido Security — PyTorch Lightning PyPI compromise
* Socket — PyTorch Lightning compromised
* The Hacker News — Poisoned Ruby gems and Go modules
* The Hacker News — PyTorch Lightning supply chain
* The Register — SAP npm supply chain
Honourable Mentions
* TRM Labs — North Korea 2026 crypto theft
* Arctic Wolf — BlueNoroff ClickFix and AI-generated Zoom lures
* NCSC — AI-driven patch wave warning
* Fortinet PSIRT FG-IR-26-100
* Fortinet PSIRT FG-IR-26-112
* The Register — Gemini CLI critical RCE