Cybersecurity Headlines

Telegram Mini Apps deliver Android malware
CISA orders Federal agencies to patch cPanel bug by Sunday
British cyber agency warns of looming 'patch wave' due to speedy AI flaw discovery
Get the show notes here: https://cisoseries.com/cybersecurity-news-telegram-mini-apps-malware-cpanel-is-sorry-patch-wave-warning/
Thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

This week's Department of Know is hosted by Rich Stroffolino, with guests Janet Heins, CISO, ChenMed, and TC Niedzialkowski, Head of IT & Security, Opendoor.
Missed the live show? Check it out on YouTube.
The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.
Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/
Thanks to our episode sponsor, Guardsqaure

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.

Critical cPanel and WHM bug exploited as zero-day
Swiss police arrest suspected members of Black Axe group
HHS ponders government posture for protecting data centers
Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/
Thanks to our episode sponsor, Guardsqaure

Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com.

Hackers arrested for selling Roblox accounts
Microsoft's patch for a 0-day falls short
US & China partner on Dubai scam takedown
Get the show notes here: https://cisoseries.com/cybersecurity-news-roblox-hackers-arrested-microsoft-0-day-falls-short-dubai-scam-takedown/
Thanks to our episode sponsor, Guardsqaure

AI is speeding up development, but at what cost? While ninety-six percent of teams now use AI tools, eighty-one percent report that AI-generated code has introduced new vulnerabilities into their mobile apps. In a world with automated threats, you need multi-layered, polymorphic security to stay ahead of the curve. Learn more at Guardsquare.com.

FIDO Alliance working on securing AI agent payments
Germany suspects Russia in Signal phishing
RCE flaw in open-source robotics platform
Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/ 
Thanks to our episode sponsor, Guardsqaure

Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern secuirty risks. Learn more at Guardsquare.com.