DiscoverCybersecurity TodayCybersecurity Threats and Breaches: Critical Updates and Insights
Cybersecurity Threats and Breaches: Critical Updates and Insights

Cybersecurity Threats and Breaches: Critical Updates and Insights

Update: 2025-05-23
Share

Digest

This podcast discusses several significant cybersecurity incidents. A critical vulnerability in Windows Server 2025, dubbed "bad successor," allows attackers to gain full domain control by manipulating DMSA attributes, bypassing standard security alerts. The TeleMessage app, used by US government officials, suffered a breach exposing sensitive data due to insufficient encryption. Microsoft dismantled the Luma Stealer malware infrastructure, impacting nearly 400,000 Windows computers, through a coordinated effort with law enforcement. A Coinbase breach exposed data from 69,461 customers due to bribed support staff, while a malicious KeyPass variant spreads ransomware by stealing credentials. These incidents highlight the importance of robust security measures, including strong encryption, insider threat protection, and careful software sourcing.

Outlines

00:00:00
Critical Vulnerabilities and Major Breaches

A critical vulnerability in Windows Server 2025 allows attackers complete domain control. The TeleMessage app breach exposed sensitive government data due to insufficient encryption. Microsoft disrupted the Luma Stealer malware operation, impacting hundreds of thousands of computers. A Coinbase breach, caused by bribed employees, and a malicious KeyPass variant spreading ransomware, further highlight significant security risks.

00:03:09
Government Data Exposure and Insider Threats

This section focuses on the impact of the TeleMessage breach on US government agencies and the Coinbase breach highlighting the dangers of insider threats and the need for robust security protocols.

00:07:30
Malicious Software and User Precautions

This section details the spread of the malicious KeyPass variant and offers advice to users on how to protect themselves from similar threats, emphasizing the importance of downloading software only from official sources.

Keywords

Windows Server 2025 Vulnerability


A critical flaw in Windows Server 2025's DMSA feature allows attackers domain admin privileges, bypassing alerts.

TeleMessage Breach


A security breach of TeleMessage exposed sensitive US government data due to insufficient encryption.

Luma Stealer Malware


Widely used malware stealing passwords and financial data; Microsoft's takedown highlights collaboration with law enforcement.

Coinbase Breach


A Coinbase breach exposed customer data due to bribed employees, highlighting insider threat risks.

Malicious KeyPass Variant


A malicious KeyPass variant spreads ransomware by stealing credentials via typo-squatted websites.

Cybersecurity Breaches


Multiple significant cybersecurity incidents highlighting vulnerabilities in software, communication apps, and insider threats.

Data Breach


Exposure of sensitive personal and financial data due to various security vulnerabilities and malicious actors.

Ransomware


Malicious software that encrypts data and demands a ransom for its release.

Insider Threat


Security risks posed by malicious or negligent employees.

Q&A

  • What is the significance of the Windows Server 2025 vulnerability?

    This vulnerability allows attackers complete domain control, bypassing standard security measures.

  • What are the implications of the TeleMessage breach?

    The breach highlights risks of using insufficiently encrypted communication apps for sensitive government information.

  • How did Microsoft respond to the Luma Stealer malware?

    Microsoft collaborated with law enforcement to take down the malware infrastructure.

  • What lessons can be learned from the Coinbase breach?

    The breach underscores the importance of robust insider threat protection and strong access controls.

  • How does the malicious KeyPass variant operate?

    This malicious variant steals passwords and deploys ransomware, distributed via lookalike websites.

Show Notes

 

In this episode of Cybersecurity today, host Jim Love reports on various critical cyber threats and data breaches. A newly discovered flaw in Windows Server 2025 allows attackers to seize full domain control, referred to by researchers as the 'bad successor' exploit. Government messaging app Telem Message, a customized version of Signal, was hacked, exposing sensitive communications of over 60 officials, leading to its shutdown. Microsoft disrupted the global Luma Stealer malware operation, which had infected nearly 400,000 computers. Coinbase suffered a major data breach affecting over 69,000 customers due to an insider compromise. Additionally, hackers distributed a malicious version of the KeyPass password manager, embedding it with malware to steal data and deploy ransomware. Jim Love encourages listeners to stay vigilant and download software only from official sources. He teases an upcoming interview with a knowledgeable guest working on open-source solutions to cybersecurity issues.

00:00 Introduction to Cybersecurity News
00:36 Windows Server 2025 Vulnerability
03:09 Telem Messages Hack Scandal
05:37 Microsoft Disrupts Luma Malware
07:29 Coinbase Breach Details
08:54 Malicious Password Manager Alert
10:55 Conclusion and Upcoming Interview

Comments 
In Channel
Security Researcher Goes To War Against Microsoft

Security Researcher Goes To War Against Microsoft

2026-04-2020:47

Cybersecurity Today Month in Review of March/April 2026

Cybersecurity Today Month in Review of March/April 2026

2026-04-1801:02:21

Cisco Warns Webex Customers Of Critical SSO Problem

Cisco Warns Webex Customers Of Critical SSO Problem

2026-04-1712:41

North Korean Spies DM You On Facebook

North Korean Spies DM You On Facebook

2026-04-1519:55

Banks Panic As Anthropic Mythos Exposes Software Vulnerabilties

Banks Panic As Anthropic Mythos Exposes Software Vulnerabilties

2026-04-1319:13

Jeff Williams CTO Cofounder of Contrast Security and OWASP co-founder on Mythos and AI Security

Jeff Williams CTO Cofounder of Contrast Security and OWASP co-founder on Mythos and AI Security

2026-04-1135:43

Fortinet EMS Zero-Day, Anthropic's AI Finds Thousands of Bugs, Iranian Hackers Target US ICS

Fortinet EMS Zero-Day, Anthropic's AI Finds Thousands of Bugs, Iranian Hackers Target US ICS

2026-04-0915:59

North Korea's $285M Crypto Heist, China Breaches FBI System, Delve Faces New Allegations

North Korea's $285M Crypto Heist, China Breaches FBI System, Delve Faces New Allegations

2026-04-0716:12

Electric Vehicles and EV Security - Steve Visconti CEO of Xiid Corporation with David Shipley

Electric Vehicles and EV Security - Steve Visconti CEO of Xiid Corporation with David Shipley

2026-04-0326:38

Cisco Breached: Source Code Stolen - Cybersecurity Today

Cisco Breached: Source Code Stolen - Cybersecurity Today

2026-04-0115:03

Russian State Hackers Go After IoS Devices

Russian State Hackers Go After IoS Devices

2026-03-3019:42

RSAC Recap: Agentic AI and Interview With Commvault CISO Bill O'Connell

RSAC Recap: Agentic AI and Interview With Commvault CISO Bill O'Connell

2026-03-2841:18

Anonymous Tip System Breach May Expose Tipsters

Anonymous Tip System Breach May Expose Tipsters

2026-03-2711:28

RSAC Presenter Says "Time to Kill One of Cybersecurity's Most Overworked Terms"

RSAC Presenter Says "Time to Kill One of Cybersecurity's Most Overworked Terms"

2026-03-2514:36

Startup Accused Of Helping Fake Privacy and Security Audits

Startup Accused Of Helping Fake Privacy and Security Audits

2026-03-2312:41

The Fundamental Mistake in Cybersecurity Risk Management

The Fundamental Mistake in Cybersecurity Risk Management

2026-03-2149:39

FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity Today

FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity Today

2026-03-2009:26

Another Medical Device Firm Hit

Another Medical Device Firm Hit

2026-03-1814:24

Notorious Hacker Group "The Comm," Operation Synergia Takedown, Stryker Cyberattack Update & More

Notorious Hacker Group "The Comm," Operation Synergia Takedown, Stryker Cyberattack Update & More

2026-03-1617:44

AI Anxiety: Cybersecurity Today with Special Guest Krish Banerjee, Managing Director (Partner) & Canada Lead - Data & AI - Accenture

AI Anxiety: Cybersecurity Today with Special Guest Krish Banerjee, Managing Director (Partner) & Canada Lead - Data & AI - Accenture

2026-03-1458:17

loading

Table of contents

Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Cybersecurity Threats and Breaches: Critical Updates and Insights

Cybersecurity Threats and Breaches: Critical Updates and Insights

Jim Love