The Defensive Line Podcast

The Defensive Line Weekly Podcast 019


Listen Later

Story 1: Developer Supply Chains Under Sustained Assault

* OX Security — TeamPCP / GitHub breach

* StepSecurity — Nx Console VS Code extension

* GitHub Security Blog — Investigating unauthorised access

* SafeDep — Megalodon mass GitHub repo backdooring

* StepSecurity — Megalodon CI/CD secrets exfiltration

* Aikido Security — Laravel-Lang supply chain attack

* Snyk — Laravel-Lang supply chain advisory

* The Hacker News — Packagist supply chain attack

* Socket — TrapDoor cross-ecosystem campaign

Story 2: Kali365 — FBI Warns of oh-auth Token Theft Platform

* FBI IC3 Public Service Announcement

* Arctic Wolf — Kali365 token and session theft

* The Record — FBI warns of Kali365

* Microsoft — Protect against consent phishing

* Microsoft — Configure user consent

* Microsoft — Block device-code flow with Conditional Access

Story 3: A Zombie Account Hands Over the Water Supply

* The Register — Zombie user account let hackers control the city’s water

Honourable Mentions

* Check Point Research — Nimbus Manticore operations during the Iranian conflict

* Microsoft Security Blog — Fox Tempest malware-signing service

* Malwarebytes — NYC Health + Hospitals breach

* Aikido Security — Google API key 23-minute deletion window

* MSRC — Microsoft Defender CVE-2026-41091

* Dark Reading — Microsoft Exchange OWA zero-day



This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit thedefensiveline.substack.com
...more
View all episodesView all episodes
Download on the App Store

The Defensive Line PodcastBy The Defensive Line