Cybersecurity Today

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware
Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0. 
At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign. 

Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption. 
Also in this episode:

The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list

A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments

This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now.
Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security 
Suggested Chapters (for retention and SEO)
00:00 Microsoft Defender deletes trusted certificates
02:20 DigiCert breach and stolen code-signing certificates
05:20 cPanel zero-day exploited, 44,000 servers compromised
08:40 Linux Copyfail vulnerability now actively exploited
10:40 Critical flaw in open-source car software

Connected cars are no longer just vehicles — they are rolling networks of sensors, cameras, microphones, and constant data transmission.
In this Cybersecurity Today Weekend Edition, David Shipley is joined by former CSIS intelligence officer Neil Bisson and cybersecurity expert Federico Simonetti to break down what that really means.
They explain how modern vehicles:
Continuously report location, behaviour, and system data to the cloud
Contain dozens of interconnected computers controlling everything from steering to braking
Can be vulnerable to man-in-the-middle attacks, remote access, and system compromise
May expose drivers to surveillance — not just by companies, but potentially by nation states
The conversation goes beyond theory. Real-world examples are discussed, including:
Remote vehicle manipulation demonstrated by security researchers
How infotainment systems can become entry points to critical controls
Why some countries are already restricting certain vehicles from sensitive locations
The panel also tackles the bigger issue:
This is not just about one country or one manufacturer. Every connected vehicle expands the attack surface.
And while solutions exist — from better authentication to architectural changes — the challenge is no longer technical. It's political, economic, and global.
If you think your car is just transportation, this discussion may change your perspective.
00:00 Connected Cars: More Than Just Vehicles
01:20 Meet the Panel: Intelligence and Cybersecurity Perspectives
03:10 Every Car Is Now a Networked Computer
06:00 Surveillance Risks: Are Cars "Rolling Spy Vans"?
09:10 What Intelligence Agencies Can Do With Car Data
12:30 Sensors, GPS, Cameras — What Your Car Collects
16:20 Real Example: Tesla Camera Privacy Incident
19:00 Can Hackers Take Control of a Car?
22:30 Real-World Hacks: Jeep and Nissan Cases
26:40 The Regulatory Gap: No Enforced Cybersecurity Standards
30:10 Why Governments Are Struggling to Act
34:00 Cheap EVs vs National Security Risks
37:40 Can Software Fix the Problem?
41:20 Global Response: China, US, and Europe
45:10 Policy Ideas: Kill Switches, Car Bill of Rights
49:00 Prevention vs Detection in Cybersecurity
52:30 Are We Already Too Exposed?
55:10 Final Thoughts: Can Connected Cars Be Made Safe?

A U.S. federal investigation into WhatsApp encryption was shut down before reaching a conclusion — after an internal claim suggested Meta systems may access message content in ways that conflict with public descriptions.
In this episode of Cybersecurity Today, Jim Love breaks down what's known, what isn't, and why the story isn't going away.
Also in this episode:
A newly disclosed Linux vulnerability (CVE-2026-31431) allows an unprivileged local attacker to gain root permissions — using a flaw that may have existed since 2017
BlueKit, a new phishing toolkit, shows how AI is now being built directly into cybercrime platforms
More than three million Alberta voter records exposed after being posted online — not by hacking, but by alleged misuse of legally distributed data
These stories highlight a growing pattern: the biggest risks aren't always new attacks — they're often hidden in how systems are designed, used, and trusted.
Chapters:
00:00 WhatsApp encryption investigation shut down
02:15 Linux "copy fail" root vulnerability explained
04:30 BlueKit AI phishing platform
06:30 Alberta voter data leak
Cybersecurity Today delivers clear, factual reporting on the stories that matter to IT professionals, business leaders, and anyone responsible for protecting data and systems.

A major open source Python tool was hijacked in a supply chain attack, exposing developer credentials, cloud secrets, and crypto wallets. Meanwhile, the FTC says Americans lost more than $2.1 billion to scams that began on social media, with Facebook leading reported losses.
Cybersecurity Today thanks Meter for supporting this podcast. Meter delivers a complete networking stack — wired, wireless, and cellular — in one integrated solution built for performance and scale. Learn more at Meter.com/cst.
Also in today's Cyber Security Today:
Brazilian hackers return with fake Minecraft cheat downloads carrying credential-stealing malware
A new ransomware strain destroys victim files so badly even paying the ransom may not help
North Korean threat actors target crypto executives using fake Zoom and Teams meetings powered by AI deception tactics
If you work in IT, cybersecurity, finance, or simply want to stay safe online, this episode breaks down what matters and what to watch next.
Stories covered in this episode are based on reporting summarized in the show transcript.
 
#cybersecurity #ransomware #scams #python #hacking #northkorea #cryptocurrency #malware #technews

A rogue cyber weapon drove through Toronto blasting scam texts to thousands of phones. A major U.S. critical infrastructure provider confirms a cyberattack. And researchers reveal that Stuxnet may not have been the first cyber weapon after all.
In today's Cybersecurity Today with David Shipley:
• First known SMS blaster case in Canada uncovered in Toronto
• Itron, a major utility technology supplier, discloses cyber intrusion
• Researchers say a 2005 malware campaign predates Stuxnet
• Venezuela energy sector attack reveals destructive "Lotus Wiper" malware
• Why AI-powered attacks may change critical infrastructure risk forever
If you care about cybersecurity, nation-state threats, infrastructure risk, and real-world attacks, this episode is essential listening.
Hosted by David Shipley.
Cybersecurity Today thanks Meter for supporting this podcast. Meter delivers a complete networking stack — wired, wireless, and cellular — in one integrated solution built for performance and scale. Learn more at Meter.com/cst.
Chapters
00:00 Intro
00:36 Toronto SMS Cyber Weapon
05:12 Critical Infrastructure Supplier Hit
09:28 Stuxnet History Rewritten
14:32 Venezuela Energy Sector Attack
19:05 Final Thoughts
#Cybersecurity #Stuxnet #CyberAttack #Toronto #CriticalInfrastructure #Hacking #Itron #CyberNews #DavidShipley