00:00 Intro

02:49 Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals

14:29 Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom

26:24 Fake OpenAI MCP Integration

32:25 Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

36:03 Destructive malware available in NPM repo went unnoticed for 2 years

48:10 Sam & Jony introduce io

58:23 Discussion: how risky are local admin rights?

Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals

In May 2025, an international coalition led by Microsoft, the U.S. Department of Justice, Europol, and Japan's Cybercrime Control Center dismantled the Lumma Stealer malware operation.

https://www.wired.com/story/lumma-stealer-takedown-disrupted/

Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom

Hackers bribed overseas Coinbase customer support agents to steal sensitive user data, leading to a breach prompting a $20M ransom, which Coinbase refused, instead offering a $20M bounty for information leading to the attackers' arrest.

https://www.cnbc.com/2025/05/15/coinbase-says-hackers-bribed-staff-to-steal-customer-data-and-are-demanding-20-million-ransom.html

Fake OpenAI MCP Integration

A fake OpenAI MCP integration was found by a security researcher, showing the importance of security in emerging technologies.

https://www.linkedin.com/feed/update/urn:li:activity:7331118878384615424/

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Three malicious npm packages targeting macOS users of the AI-powered code editor Cursor have infected over 3,200 developers by harvesting credentials.

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html

Destructive malware available in NPM repo went unnoticed for 2 years

A destructive malware campaign infiltrated the npm ecosystem for over two years, with malicious packages disguised as legitimate tools targeting popular JavaScript frameworks.

https://arstechnica.com/information-technology/2025/05/destructive-malware-available-in-npm-repo-went-unnoticed-for-2-years/

Sam & Jony introduce io

OpenAI has announced the acquisition of Jony Ive's AI hardware startup, io.

https://openai.com/sam-and-jony/

Hosts:

• Jerry Perullo (Founder, https://adversarial.com/)
• Sounil Yu (Founder, https://www.knostic.ai/)
• Mario Duarte (Founder, stealth startup)

Producer: Tillson Galloway (https://tillsongalloway.com)

00:00 Intro

00:44 Sounil's RSA Innovation Sandbox experience

5:00 5% staffing cuts at Crowdstrike, AI cited as a factor

16:00 Trump picks private sector veteran as Pentagon CIO

32:41 Messaging app used by Trump official suspends operations after reported hack

49:52 An open letter to third-party suppliers

59:32 Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

1:04:42 Discussion: delivering secret keys stored in PDFs for password managers

Hosts:

Jerry Perullo (Founder, https://adversarial.com/)

Sounil Yu (Founder, https://www.knostic.ai/)

Mario Duarte (CISO, https://www.aembit.io/)

Stories

5% staffing cuts at Crowdstrike, AI cited as a factor

CrowdStrike is laying off 5% of its workforce, citing AI-driven changes in industry operations as a driving factor.

https://www.cnbc.com/2025/05/07/crowdstrike-announces-5percent-job-cuts-says-ai-reshaping-every-industry.html

Trump picks private sector veteran as Pentagon CIO

Former President Trump has nominated a private-sector executive to serve as the new Chief Information Officer for the Department of Defense.

https://therecord.media/trump-picks-private-sector-veteran-for-dod-cio-position

Messaging app used by Trump official suspends operations after reported hack

A secure messaging app used by a Trump official has suspended service following a reported cyberattack.

https://www.cnbc.com/2025/05/05/signal-telemessage-hack-trump-waltz.html

An open letter to third-party suppliers

JPMorgan has issued an open letter urging its third-party suppliers to prioritize stronger cybersecurity and operational resilience.

https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliers

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

Microsoft is now enabling passkeys by default for new accounts, expanding passwordless access to over 15 billion users.

https://thehackernews.com/2025/05/microsoft-sets-passkeys-default-for-new.html

00:00 Intro

00:31 RSA conference

14:38 Verizon's 2025 DBIR report

37:55 Security of "Sign in with Google/Microsoft"

1:02:50 China accuses US of launching 'advanced' cyberattacks, names alleged NSA agents

RSA Links:

Innovation Sandbox: https://www.rsaconference.com/usa/programs/innovation-sandbox

Professional Association of CISOs: https://theciso.org/

Pitch for Charity: https://www.okta.com/newsroom/press-releases/pitch-for-charity/

Verizon's 2025 Data Breach Investigations Report

This year's Verizon DBIR (Data Breach Investigations Report) has been released, which covers the latest techniques that lead to incidents and breaches.

Reference: https://www.verizon.com/business/resources/reports/dbir

China accuses US of launching 'advanced' cyberattacks, names alleged NSA agents

"China accused the United States National Security Agency (NSA) on Tuesday of launching 'advanced' cyberattacks during the Asian Winter Games in February, targeting essential industries."

Reference: https://www.reuters.com/technology/cybersecurity/chinas-harbin-says-us-launched-advanced-cyber-attacks-winter-games-2025-04-15/