
Sign up to save your podcasts
Or


The Defensive Line Weekly β Episode 25 (28 June β 5 July 2026). A new CitrixBleed exploited in 24 hours; FortiBleed theft turns to ransomware; device-code phishing goes pro; AI runs ransomware end-to-end.
π€ Voices are AI-generated. Story curation and analysis is human.
A new CitrixBleed (CVE-2026-8451)
* Citrix Security Bulletin CTX696604 β fixed builds
* watchTowr Labs β CitrixBleed to Infinity and Beyond: technical analysis
* Field Effect β Citrix NetScaler memory disclosure: patch guidance
* SecurityWeek β New CitrixBleed vulnerability exploited immediately after public disclosure
FortiBleed β INC Ransom and Lynx ransomware
* SOCRadar β FortiBleed: INC / Lynx ransomware link
* Dark Reading β FortiBleed actors tied to INC and Lynx ransomware gangs
* SecurityWeek β FortiBleed campaign linked to INC, Lynx ransomware attacks
* BleepingComputer β FortiBleed credential theft campaign linked to Lynx ransomware
ARToken β device-code phishing as a service
* Cisco Talos β ARToken: inside an EvilTokens affiliate panel targeting Microsoft 365
* Sekoia β EvilTokens: AI-augmented phishing-as-a-service for automating BEC fraud
* Microsoft β AI-enabled device-code phishing campaign (April 2026)
* Microsoft Learn β Conditional Access: block authentication flows (device code)
JADEPUFFER β AI-agent-run ransomware
* Sysdig β JADEPUFFER: agentic ransomware for automated database extortion
* BleepingComputer β JADEPUFFER ransomware used AI agent to automate entire attack
* SecurityWeek β Agentic AI used to conduct ransomware attack via Langflow
Honourable mentions
* Socket β PolinRider: North Korea-linked supply chain campaign expands
* OpenSourceMalware β PolinRider rides again: North Korean attack expands across GitHub
* The Hacker News β North Korean hackers publish 108 malicious packages
* The Hacker News β New ChocoPoC RAT targets vulnerability researchers
Vulnerabilities
* MSRC β CVE-2026-45659: Microsoft SharePoint RCE
* The Hacker News β SharePoint RCE CVE-2026-45659 added to KEV
* Cisco β Unified Communications Manager security advisory
* SecurityWeek β Cisco confirms in-the-wild exploitation of Unified CM vulnerability
Subscribe
* This weekβs written edition β The Defensive Line Weekly #28
By The Defensive LineThe Defensive Line Weekly β Episode 25 (28 June β 5 July 2026). A new CitrixBleed exploited in 24 hours; FortiBleed theft turns to ransomware; device-code phishing goes pro; AI runs ransomware end-to-end.
π€ Voices are AI-generated. Story curation and analysis is human.
A new CitrixBleed (CVE-2026-8451)
* Citrix Security Bulletin CTX696604 β fixed builds
* watchTowr Labs β CitrixBleed to Infinity and Beyond: technical analysis
* Field Effect β Citrix NetScaler memory disclosure: patch guidance
* SecurityWeek β New CitrixBleed vulnerability exploited immediately after public disclosure
FortiBleed β INC Ransom and Lynx ransomware
* SOCRadar β FortiBleed: INC / Lynx ransomware link
* Dark Reading β FortiBleed actors tied to INC and Lynx ransomware gangs
* SecurityWeek β FortiBleed campaign linked to INC, Lynx ransomware attacks
* BleepingComputer β FortiBleed credential theft campaign linked to Lynx ransomware
ARToken β device-code phishing as a service
* Cisco Talos β ARToken: inside an EvilTokens affiliate panel targeting Microsoft 365
* Sekoia β EvilTokens: AI-augmented phishing-as-a-service for automating BEC fraud
* Microsoft β AI-enabled device-code phishing campaign (April 2026)
* Microsoft Learn β Conditional Access: block authentication flows (device code)
JADEPUFFER β AI-agent-run ransomware
* Sysdig β JADEPUFFER: agentic ransomware for automated database extortion
* BleepingComputer β JADEPUFFER ransomware used AI agent to automate entire attack
* SecurityWeek β Agentic AI used to conduct ransomware attack via Langflow
Honourable mentions
* Socket β PolinRider: North Korea-linked supply chain campaign expands
* OpenSourceMalware β PolinRider rides again: North Korean attack expands across GitHub
* The Hacker News β North Korean hackers publish 108 malicious packages
* The Hacker News β New ChocoPoC RAT targets vulnerability researchers
Vulnerabilities
* MSRC β CVE-2026-45659: Microsoft SharePoint RCE
* The Hacker News β SharePoint RCE CVE-2026-45659 added to KEV
* Cisco β Unified Communications Manager security advisory
* SecurityWeek β Cisco confirms in-the-wild exploitation of Unified CM vulnerability
Subscribe
* This weekβs written edition β The Defensive Line Weekly #28