Cybersecurity Today

A breach at market intelligence platform Klue allowed attackers to steal OAuth tokens linking Clue to customers' Salesforce environments, enabling quiet API-driven data extraction from firms including Huntress, Recorded Future, Tanium, and Jamf; Clue revoked tokens, removed the legacy integration credential involved, and engaged CrowdStrike as Icarus threatens extortion, echoing earlier Salesforce token-theft campaigns affecting nearly 1,000 companies. 
Researchers also detail AriStinger, a new botnet infecting 4,000+ end-of-life D-Link routers to scan, proxy, tunnel, execute commands, and hijack DNS, with many infections in South Korea and China. The episode covers federal cyberstalking charges against Anthony Belford for allegedly using fake accounts and AI-generated nude images, and ESET's report that the "Gentleman" ransomware crew is developing modular EDR-killing tools to disable endpoint defenses.
00:00 Top Stories Teaser
00:29 Clue OAuth Token Breach
02:32 Salesforce Token Attack Trend
04:14 AryStinger Router Botnet
05:33 AI Deepfake Cyberstalking Case
07:50 Gentleman EDR Killer Arsenal
09:37 Wrap Up And Sign Off

In this special Cybersecurity Today weekend interview, host David Shipley speaks with Amy Yee about leadership, resilience, and the human side of cybersecurity.
Amy shares her remarkable journey from electrical engineering and venture capital to becoming the inaugural Chief Digital Officer at Accreditation Canada and Health Standards Organization, where she helped build the digital foundation used by hundreds of healthcare organizations across Canada.
The conversation takes a deeply personal turn as Amy recounts leading through a ransomware attack that struck her organization before tabletop exercises and incident-response planning had become routine. She describes the chaos of the first 48 hours, the emotional toll on staff, the difficult weeks that followed, and the lessons learned during a 60-day recovery effort.
Amy also discusses her popular conference talk inspired by Mitch Albom's The Five People You Meet in Heaven, reimagined for cybersecurity. She explores five people every cyber professional encounters during their career: the person they protected, the person who challenged them, the person who gave them a chance, the person they failed, and the person they inspired.
This is a conversation about cybersecurity, leadership, resilience, mentorship, and finding meaning in a profession that often works behind the scenes.
Topics covered:
Ransomware incident response
Cybersecurity leadership
Healthcare cybersecurity
Digital transformation
Executive crisis management
Building cyber resilience
Career growth in technology
Mentorship and leadership lessons
The human side of cybersecurity
Guest: Amy Yee
Host: David Shipley
Podcast: Cybersecurity Today
#Cybersecurity #Ransomware #Leadership #
Chapters
00:00 Weekend Show Intro
01:22 Amy's Career Origin
02:13 Becoming Chief Digital Officer
03:56 Ransomware Wake Up Call
06:46 Inside the First 48 Hours
08:26 The Low Point Weeks In
10:57 Finding a Path Forward
11:55 Leadership Lessons After Incidents
15:01 Five People in Cyber
17:16 Invisible Impact and Resilience
19:38 The Five Archetypes Explained
21:42 Stories From the Community
24:14 Wired for Change Podcast
27:30 Advice to Younger Amy
28:49 Closing and Off Mic Wrap

A special crossover episode of Cybersecurity Today and Hashtag Trending for June 19, 2026.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning after security researchers uncovered the FortiBleed dataset, exposing credentials tied to approximately 74,000 Fortinet firewall and SSL VPN devices across 194 countries. Researchers found the data on an exposed threat actor server containing attack tools, victim databases, logs, and thousands of verified usernames and passwords. Analysts report that tens of thousands of those credentials may still be active.
Host Jim Love breaks down:
• What FortiBleed is and how it was discovered
• Why this affects roughly half of all internet-facing Fortinet devices
• What CISA and Fortinet are telling organizations to do immediately
• The potential risks of credential reuse and lateral movement attacks
• Practical steps security teams should take right now
The episode also includes an interview with Mike Sweeney of Silent Push on major international efforts targeting Southeast Asian scam compounds and criminal infrastructure during Operation Disruption Week.
If your organization uses Fortinet firewalls, FortiGate appliances, or SSL VPNs, this is an episode you should not miss.
#Cybersecurity #Fortinet #FortiBleed #CISA #CybersecurityToday #HashtagTrending #FortiGate #ThreatIntelligence #DataBreach #InfoSec

Cybersecurity Today host David Shipley reports that the FTC says Americans lost $3.5 billion to imposter scams in 2025—nearly triple 2020—with social media tied to $2.1 billion in losses and total fraud reaching about $16 billion, while the FBI estimates cyber-enabled losses nearer $21 billion and potentially far higher. Security researchers, including Katie Moussouris, argue the U.S. government's forced Anthropic model shutdown over an alleged guardrail bypass was hasty and largely about prompt phrasing, with Axios citing personality differences as a driver. The DOJ seized deepfake pornography sites cfake.com and sock.com under the Take It Down Act after a three-country operation involving Italy and France. Finally, Varonis details "SearchLeak" (CVE-2026-42824), a now-fixed critical Copilot attack chain enabling one-click data exfiltration via prompt injection, a sanitizer race condition, and CSP bypass through Bing.
00:00 Today's Cyber Headlines
00:29 Imposter Scams Surge
01:29 Fraud on Social Platforms
02:47 Anthropic Jailbreak Debate
04:15 Export Controls Fallout
05:05 DOJ Seizes Deepfake Sites
06:44 SearchLeak Copilot Attack
07:36 How SearchLeak Works
09:18 Why Old Bugs Return
10:08 Wrap Up and Sign Off

The U.S. government orders Anthropic to shut down foreign access to its Fable 5 and Mythos 5 AI models after the Pentagon labels the company a supply-chain risk.
David Shipley examines what may be  behind the decision and what it means for countries and businesses that depend on American AI platforms.
The FBI also disrupts Outsider Enterprise, a China-based phishing-as-a-service network linked to more than 9,000 fake websites, one million fraudulent URLs, 3.8 million stolen payment-card records and an estimated $1.9 billion in losses.
Also in this episode:
A critical Splunk vulnerability could allow an unauthenticated attacker to remotely execute code through a PostgreSQL sidecar service enabled by default in some deployments.
A former Iowa school IT worker is sentenced after retaining access for 21 months and using it to delete accounts and disrupt school systems.
And FortiWatch returns with a critical FortiSandbox command-injection vulnerability that requires no authentication.
Cybersecurity Today is hosted by David Shipley.
Chapters
00:00 Cybersecurity Today headlines
00:26 U.S. government shuts down Anthropic AI models
02:59 FBI takes down Outsider Enterprise phishing network
04:47 Critical Splunk vulnerability explained
06:31 Former school IT worker sentenced for cyberattack
08:29 FortiWatch: FortiSandbox command-injection vulnerability
10:08 What's ahead this week