⬇️ See below for timestamps/summaries/references for each topic

00:00 Highlight/theme

00:28 Intro

02:15 Unicorn startup allegedly cultivated spy to steal trade secrets from competitor

18:19 Google Strikes $32 Billion Deal for Cybersecurity Startup Wiz

33:35 Trump Administration accidentally sends war plans to reporter via Signal

47:20 GitHub action supply chain attack

53:55 Oracle under fire for its handling of security incidents

Rippling Alleges Deel Cultivated Spy, Orchestrated Trade-Secret Theft Against Competitor

Rippling has filed a lawsuit alleging that $12 billion HR-tech company Deel orchestrated a months-long corporate espionage campaign involving a planted spy within Rippling.

Reference: https://www.rippling.com/blog/lawsuit-alleges-12-billion-unicorn-deel-cultivated-spy-orchestrated-long-running-trade-secret-theft-corporate-espionage-against-competitor

Google Strikes $32 Billion Deal for Cybersecurity Startup Wiz

Google has agreed to acquire cybersecurity startup Wiz for $32 billion in cash, marking its largest acquisition ever and the biggest tech deal of 2025 so far.

Reference: https://www.wsj.com/business/deals/alphabet-back-in-deal-talks-for-cybersecurity-startup-wiz-41cd3090?st=uQ8bmN&reflink=article_copyURL_share

The Trump Administration Accidentally Texted Me Its War Plans

In the article, journalist Jeffrey Goldberg reveals that he was accidentally included in a Signal group chat by senior members of the Trump administration—specifically Pete Hegseth, the Secretary of Defense—who shared detailed plans for a military strike on Houthi targets in Yemen.

Reference: https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/

Supply Chain Attack on GitHub Action

Wiz discovered a supply chain attack on the GitHub Action reviewdog/action-setup@v1, likely leading to the compromise of tj-actions/changed-files, resulting in widespread CI secret leakage and highlighting the risks of unpinned actions.

Reference: https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup

Oracle hacked

Oracle has informed clients of a second recent cybersecurity breach in which a hacker accessed an old system and stole customer log-in credentials, some of which date back to 2024, according to Bloomberg News.

Latest: https://www.reuters.com/technology/cybersecurity/oracle-tells-clients-second-recent-hack-log-in-data-stolen-bloomberg-news-2025-04-02/

⬇️ See below for timestamps/summaries/references for each topic

00:00 Highlight/theme

00:37 Intro

01:37 Malvertising campaign leads to info stealers hosted on GitHub

11:59 Wall Street is worried it can't keep up with AI-powered cybercriminals

24:02 What Really Happened With the DDoS Attacks That Took Down X

28:34 Bring-your-own-laptop policies

40:41 Are WAFs useful or are they just another TPRM box to check?

46:59 Is the CISO job market warming up?

Malvertising campaign leads to info stealers hosted on GitHub

Microsoft Threat Intelligence uncovered a large-scale malvertising campaign in December 2024, affecting nearly one million devices globally. The attack originated from illegal streaming sites embedding malvertising redirectors, which funneled users to GitHub-hosted malware, with additional payloads delivered via Discord and Dropbox. This multi-stage attack leveraged info stealers like Lumma and Doenerium, along with remote monitoring tools, using advanced evasion techniques to steal system and browser data while maintaining persistence on compromised devices.

📖 References: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/

Wall Street is worried it can't keep up with AI-powered cybercriminals

A survey by Accenture found that 80% of bank cybersecurity executives believe generative AI is enabling cybercriminals faster than banks can respond. While banks invest billions in cybersecurity, they struggle to keep pace due to strict regulations and the rapid advancement of AI-powered scams that target customers, employees, and vendors. Cybercriminals exploit generative AI to craft sophisticated attacks, infiltrate supply chains, and identify vulnerabilities, making third-party risk a major concern for financial institutions.

📖 References: https://www.businessinsider.com/banks-ai-cybersecurity-threats-hackers-generative-ai-2025-3

What Really Happened With the DDoS Attacks That Took Down X

X experienced intermittent outages due to a series of DDoS attacks, which Elon Musk attributed to Ukrainian IP addresses, though cybersecurity experts argue that IP attribution alone is unreliable. Analysts suggest the attacks targeted improperly secured X origin servers, allowing a botnet of compromised cameras and DVRs to bypass Cloudflare protection. While a pro-Palestinian group claimed responsibility, experts emphasize that the attack’s true origin remains unclear due to the decentralized nature of botnets and the use of obfuscation techniques.

📖 References: https://www.wired.com/story/x-ddos-attack-march-2025/

00:00 Highlight

00:28 Intro

3:41 What's getting cut at CISA?

19:01 USCYBERCOM told to stop planning offensive attacks against Russia

27:54 ByBit hacked for $1.5B in cryptocurrency

40:01 CISO discussion: How to regain trust after a cyber breach

49:17 CISO discussion: Data security for GenAI tools

58:43 How to get the most out of RSA Conference

💰 Budget cuts hit CISA, and election security programs might be first on the chopping block. The team debates whether these cuts were expected, what they mean for cybersecurity, and whether some programs were outside CISA’s core mission in the first place.

Reference: https://www.scworld.com/perspective/a-sober-look-at-the-recent-cuts-at-cisa

⚔️ A sudden shift in cyber warfare strategy—USCYBERCOM has reportedly been asked to halt offensive cyber operations against Russia. The guys discuss what this means for national security, cyber deterrence, and whether it signals a political deal in the making.

Reference: https://www.nbcnews.com/politics/trump-administration/defense-secretary-pete-hegseth-orders-halt-offensive-cyber-operations-rcna194435

💸 A massive crypto heist exposes software supply chain vulnerabilities. North Korean attackers allegedly compromised a JavaScript library to drain $1.5 billion. The team breaks down what happened, what it means for the future of crypto security, and whether cybercriminals will use the same techniques elsewhere.

Reference: https://docsend.com/view/s/rmdi832mpt8u93s7

🔄 When a company gets hacked, how do CISOs rebuild trust? The conversation explores the difference between trust and transparency, why some companies handle breaches better than others, and what lessons CISOs can learn from past incidents.

Reference: https://www.csoonline.com/article/3825447/how-cisos-can-rebuild-trust-after-a-security-incident.html

🤖 GenAI tools want access to everything—but should security teams allow it? The team debates whether CISOs should fight the inevitable, or if they should negotiate smarter ways to control AI access while still allowing business teams to benefit.

🎟️ RSA Conference survival guide! How do you maximize networking, avoid vendor overload, and make sure the week is productive?