React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach

React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach

Author: Jim Love December 17, 2025 Duration: 14:46
Cybersecurity Today
NewsTechnology

In this episode of Cybersecurity Today, host Jim Love discusses a range of pressing cybersecurity threats. The show covers the escalating React2Shell vulnerability, which has led to widespread automated exploitation campaigns involving crypto miners and back doors. Additionally, Jim reports on the Black Force phishing kit, which bypasses multifactor authentication and is gaining traction among cybercriminals. Microsoft OAuth consent attacks are also highlighted, with users being tricked into granting access to their accounts. Finally, the episode touches on PornHub's data breach involving the Shiny Hunters cybercrime group and the importance of patching vulnerabilities and being cautious during the holiday season.

00:00 Introduction and Sponsor Message
00:22 React2Shell Vulnerability Deep Dive
03:46 Black Force Phishing Toolkit
05:44 Microsoft OAuth Consent Phishing
07:29 PornHub Data Breach by Shiny Hunters
10:21 Holiday Cybersecurity Tips and Final Thoughts


Every morning, Jim Love sifts through the noise of the digital world to bring you a clear, concise briefing on what actually matters. Cybersecurity Today isn't about fearmongering; it's about practical awareness. You'll hear straightforward analysis of the most recent attacks targeting companies, from sophisticated ransomware campaigns to stealthy data theft. Jim breaks down the implications of major breach disclosures, explaining not just what was stolen, but how it happened and who is affected. The focus remains on actionable intelligence-concrete steps and strategic thinking that can help protect your organization's data and infrastructure. This daily podcast serves as an essential filter for IT professionals, business leaders, and anyone responsible for digital assets, transforming complex threats into understandable insights. Tune in for a grounded perspective on navigating an online landscape where the risks are constantly evolving, and the need for clear, timely information has never been greater.
Author: Language: English Episodes: 100

Official website RSS
linkedin
Cybersecurity Today
Podcast Episodes
AI Agent Hacks McKinsey Chatbot in 2 Hours [not-audio_url] [/not-audio_url]

Duration: 13:24
AI Agent Hacks McKinsey Chatbot in 2 Hours, NPM Phantom Raven, Router Malware & Trojaned AI Models This episode covers how researchers at CodeWall used an autonomous AI security agent to gain read/write access to McKinse…
Cybersecurity Today Month in Review: World In Turmoil [not-audio_url] [/not-audio_url]

Duration: 1:12:26
Cybersecurity Today Month in Review: Iran Conflict Cyber Spillover, IoT Cameras, AI Hacking Tools, and Resilience Planning In this weekend month-in-review episode, host Jim Love and panelists David Shipley, Laura Payne,…
AI Driven Warfare [not-audio_url] [/not-audio_url]

Duration: 17:28
AI-Driven Warfare, Open-Source Attack Tooling, CISA Shakeups, Healthcare Ransomware, and GPS Jamming Risks Host David Shipley covers reports that hacked Tehran traffic cameras and an AI-powered targeting system helped a…
CISA Leadership Shakeup, OpenClaw Hijack, Robot Vacuums and More [not-audio_url] [/not-audio_url]

Duration: 14:10
OpenClaw AI Agent Hijack, CISA Leadership Shakeup, Iran Cyber Campaign, Air-Gap Malware, and Robot Vacuum Flaw Jim Love covers multiple cybersecurity stories: Oasis Security revealed "ClawJacked," a high-severity OpenCla…

«1234567...10»