
Sign up to save your podcasts
Or


The Defensive Line Weekly — Episode 24, covering 21–28 June 2026. A weekly briefing for blue teamers and security leaders: the biggest stories of the week, why they matter, and what to do next.
🤖 Voices are AI-generated. Story curation and analysis is human.
Sources
Cisco Catalyst SD-WAN zero-day exploited for months
* Mandiant / Google Cloud — zero-day exploitation of Cisco Catalyst SD-WAN Manager
* Cisco Security Advisory — SD-WAN Manager privilege escalation
* The Hacker News
* SecurityWeek
Amazon Q Developer flaw — malicious repos and cloud credential theft
* Wiz — Amazon Q vulnerability
* AWS Security Bulletin
* The Hacker News
* SecurityWeek
“BadBlocker” — 11M-install ad blocker that can run code anywhere
* Island — BadBlocker research
* The Hacker News
Russian intelligence targeting Signal backup recovery keys
* FBI / IC3 Public Service Announcement
* CISA advisory
* The Hacker News
* The Record
Operation Endgame — SocGholish, Amadey and StealC takedown
* Europol
* Microsoft Security Blog
* The Hacker News
* Wired — LastPass user data stolen again
Honourable mentions & vulnerability roundup
* The Register — “Miasma” npm supply-chain campaign
* Novee Security — “Cordyceps” CI/CD weakness
* The Hacker News — Cordyceps exposes 300+ GitHub repos
* Microsoft — photo-zip campaign targeting hospitality
* The Hacker News — “Gaslight” macOS stealer with prompt injection
* BleepingComputer — CISA deadline for exploited Cisco CUCM flaw
* Dark Reading — attackers weaponise Cisco CUCM flaw
* The Hacker News — CISA adds exploited PTC Windchill RCE
* The Hacker News — “DirtyClone” Linux kernel flaw
* The Hacker News — Linux “pedit” copy-on-write exploit
By The Defensive LineThe Defensive Line Weekly — Episode 24, covering 21–28 June 2026. A weekly briefing for blue teamers and security leaders: the biggest stories of the week, why they matter, and what to do next.
🤖 Voices are AI-generated. Story curation and analysis is human.
Sources
Cisco Catalyst SD-WAN zero-day exploited for months
* Mandiant / Google Cloud — zero-day exploitation of Cisco Catalyst SD-WAN Manager
* Cisco Security Advisory — SD-WAN Manager privilege escalation
* The Hacker News
* SecurityWeek
Amazon Q Developer flaw — malicious repos and cloud credential theft
* Wiz — Amazon Q vulnerability
* AWS Security Bulletin
* The Hacker News
* SecurityWeek
“BadBlocker” — 11M-install ad blocker that can run code anywhere
* Island — BadBlocker research
* The Hacker News
Russian intelligence targeting Signal backup recovery keys
* FBI / IC3 Public Service Announcement
* CISA advisory
* The Hacker News
* The Record
Operation Endgame — SocGholish, Amadey and StealC takedown
* Europol
* Microsoft Security Blog
* The Hacker News
* Wired — LastPass user data stolen again
Honourable mentions & vulnerability roundup
* The Register — “Miasma” npm supply-chain campaign
* Novee Security — “Cordyceps” CI/CD weakness
* The Hacker News — Cordyceps exposes 300+ GitHub repos
* Microsoft — photo-zip campaign targeting hospitality
* The Hacker News — “Gaslight” macOS stealer with prompt injection
* BleepingComputer — CISA deadline for exploited Cisco CUCM flaw
* Dark Reading — attackers weaponise Cisco CUCM flaw
* The Hacker News — CISA adds exploited PTC Windchill RCE
* The Hacker News — “DirtyClone” Linux kernel flaw
* The Hacker News — Linux “pedit” copy-on-write exploit