Cybersecurity Today

This week's panel dives into the cybersecurity stories that matter most for security leaders, IT teams, and anyone watching how AI is changing risk.
Jim Love is joined by David Shipley (Beauceron Security), Laura Payne (White Tuque), and Jeff Williams (Contrast Security).
Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security 

Topics include:
Anthropic's Mythos AI security research and whether large language models can realistically replace traditional vulnerability testing
Why "vibe coding" may be creating a wave of insecure software
The growing risk of autonomous AI agents making damaging decisions
The massive Instructure Canvas data breach affecting schools, students, and educators
Alberta's voter list privacy failure and what it says about public sector data protection
Microsoft's warning about the rapid surge in QR code phishing attacks bypassing traditional email security
AI is accelerating software development. It may also be accelerating software insecurity.
If your organisation is experimenting with AI coding tools, AI agents, or automated application development, this conversation is worth your time.
#Cybersecurity #AI #DataBreach #QRPhishing #ApplicationSecurity #VibeCoding #Canvas #CyberSecurityToday #JimLove
00:00 Sponsor Message
00:22 Meet the Panel
00:55 Jeff Williams Introduction
02:21 AI Bug Hunting with Mythos
05:40 Cost and Limits of AI Security Testing
10:16 The Vibe Coding Security Problem
13:24 Context Window and Data Flow Limits
16:59 Spec-Driven AI Development
18:29 Software Liability and EU Regulation
24:47 When AI Agents Go Rogue
27:05 Trust in the AI Era
28:24 Enterprise Reality Check
29:03 Critical Thinking vs AI
30:31 Testing AI Agents Safely
31:30 Canvas Data Breach Fallout
34:45 Real-World Data Harm
38:00 Liability and Attack Methods
41:39 Alberta Voter List Privacy Failure
48:56 Government Breach Lessons
51:26 QR Code Phishing Surge
55:00 Wrap Up and Sponsor

In this special edition of Cybersecurity Today, David Shipley speaks with scam-fighting expert Erin West about the global fraud crisis, the rise of AI-powered scams, and why traditional law enforcement may be falling behind.
Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security 
From David's discussion with Erin West:
The numbers are staggering.
The FBI's Internet Crime Complaint Center reported more than $21 billion in cybercrime losses, but experts say actual losses could be dramatically higher because most victims never report fraud.
Other key points of their discussion:
Why pig butchering scams continue to grow globally
How criminal operations are moving from Cambodia to Myanmar, Laos, Sri Lanka and beyond
Why AI is making scam operations faster, cheaper and harder to detect
The controversy around Meta and scam advertising revenue
Why crypto ATMs remain a major fraud tool
How cloned celebrity voices are being used in romance and impersonation scams
Why banks, law enforcement, governments and tech platforms must act together
How Operation Shamrock is trying to fight back through public education
This is not just a story about money.
It's about organized crime, industrial-scale fraud, and ordinary people being manipulated through trust, loneliness, and increasingly sophisticated technology, featuring scam-fighting prosecutor and Operation Shamrock founder Erin West.
#Cybersecurity #Scams #Meta #OnlineFraud #AI #Cybercrime #PigButchering #CryptoScams #FacebookScams #CybersecurityToday

QR-code phishing is no longer a niche attack. Microsoft says QR phishing attacks jumped from 7.6 million in January to 18.7 million in March 2026 — a 146% increase in just three months. In this episode of Cybersecurity Today, David Shipley explains why QR-based attacks are bypassing traditional corporate defences and why security teams need to rethink phishing awareness immediately.
We also cover a critical new Apache HTTP Server vulnerability with both denial-of-service and potential remote code execution impacts, a sustained DDoS and extortion campaign targeting Ubuntu developer Canonical, and a remarkable case in Taiwan where a university student allegedly used software-defined radio gear to trigger emergency braking on four high-speed trains.
Finally, CISA's new "CI Fortify" guidance urges critical infrastructure operators to prepare for scenarios where they may need to disconnect from the internet and continue operating manually during a geopolitical cyber crisis.
Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security 
Stories include:
• Microsoft reports QR phishing attacks surged 146% in Q1 2026
• Apache HTTP Server CVE-2026-23918 urgent patch warning
• Ubuntu developer Canonical hit by ongoing DDoS and extortion campaign
• Taiwanese student allegedly halts high-speed trains with fake emergency radio signal
• CISA tells critical infrastructure operators to prepare for isolation and manual operations
Chapters:
00:00 Intro
01:02 QR phishing explodes in Q1 2026
06:15 Critical Apache HTTP Server flaw patched
09:15 Ubuntu maintainer Canonical hit by extortion DDoS attack
14:25 Taiwanese student wirelessly halts high-speed trains
20:32 CISA warns critical infrastructure to prepare for isolation
26:10 Closing thoughts

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware
Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0. 
At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign. 

Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption. 
Also in this episode:

The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list

A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments

This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now.
Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security 
Suggested Chapters (for retention and SEO)
00:00 Microsoft Defender deletes trusted certificates
02:20 DigiCert breach and stolen code-signing certificates
05:20 cPanel zero-day exploited, 44,000 servers compromised
08:40 Linux Copyfail vulnerability now actively exploited
10:40 Critical flaw in open-source car software

Connected cars are no longer just vehicles — they are rolling networks of sensors, cameras, microphones, and constant data transmission.
In this Cybersecurity Today Weekend Edition, David Shipley is joined by former CSIS intelligence officer Neil Bisson and cybersecurity expert Federico Simonetti to break down what that really means.
They explain how modern vehicles:
Continuously report location, behaviour, and system data to the cloud
Contain dozens of interconnected computers controlling everything from steering to braking
Can be vulnerable to man-in-the-middle attacks, remote access, and system compromise
May expose drivers to surveillance — not just by companies, but potentially by nation states
The conversation goes beyond theory. Real-world examples are discussed, including:
Remote vehicle manipulation demonstrated by security researchers
How infotainment systems can become entry points to critical controls
Why some countries are already restricting certain vehicles from sensitive locations
The panel also tackles the bigger issue:
This is not just about one country or one manufacturer. Every connected vehicle expands the attack surface.
And while solutions exist — from better authentication to architectural changes — the challenge is no longer technical. It's political, economic, and global.
If you think your car is just transportation, this discussion may change your perspective.
00:00 Connected Cars: More Than Just Vehicles
01:20 Meet the Panel: Intelligence and Cybersecurity Perspectives
03:10 Every Car Is Now a Networked Computer
06:00 Surveillance Risks: Are Cars "Rolling Spy Vans"?
09:10 What Intelligence Agencies Can Do With Car Data
12:30 Sensors, GPS, Cameras — What Your Car Collects
16:20 Real Example: Tesla Camera Privacy Incident
19:00 Can Hackers Take Control of a Car?
22:30 Real-World Hacks: Jeep and Nissan Cases
26:40 The Regulatory Gap: No Enforced Cybersecurity Standards
30:10 Why Governments Are Struggling to Act
34:00 Cheap EVs vs National Security Risks
37:40 Can Software Fix the Problem?
41:20 Global Response: China, US, and Europe
45:10 Policy Ideas: Kill Switches, Car Bill of Rights
49:00 Prevention vs Detection in Cybersecurity
52:30 Are We Already Too Exposed?
55:10 Final Thoughts: Can Connected Cars Be Made Safe?