Cybersecurity Headlines

A quick announcement: we're moving our Department of Know livestream to Fridays at 4pm ET/1 pm PT. The format will remain the same. We hope to see you there.

Adobe patches months-old Reader zero-day
Critical Marimo flaw now under active exploitation
Hackers claim control over Venice anti-flood pumps
Get the show notes here: https://cisoseries.com/cybersecurity-news-adobe-patches-zero-day-marimo-flaw-exploited-venice-flood-threat/
Huge thanks to our sponsor, Conveyor

Still manually filling out security questionnaires even though you have a trust center?
A starter trust center is table stakes and the best security teams have moved way past that.
Conveyor gives you an agentic trust center, AI questionnaire automation, and a self-serve layer so sales can move deals forward without pinging you every five minutes.
Companies like Atlassian and Zapier made the switch. See why at conveyor.com.

Google API keys in Android apps expose Gemini endpoints
Acrobat Reader zero-day flaw exploited since December
Cryptocurrency ATM company Bitcoin Depot reports cyberattack
Check out our show notes here: https://cisoseries.com/cybersecurity-news-android-api-exposure-acrobat-reader-zero-day-bitcoin-depot-cyberattack/
Huge thanks to our episode sponsor, Vanta
Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Ransomware knocks Dutch healthcare vendor offline
APT28 is keeping busy 
CIA quietly elevated its cyber espionage division
Check out our show notes here: https://cisoseries.com/cybersecurity-news-chipsoft-popped-apt28-updates-cia-cyber-espionage-elevation/ 
Huge thanks to our episode sponsor, Vanta
Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Anthropic announces Project Glasswing
U.S. seeks to slash CISA funding
Russia-linked hackers hijack routers for passwords
Check out our show notes here: https://cisoseries.com/cybersecurity-news-anthropics-project-glasswing-cisa-funding-in-doubt-routers-hijacked-for-passwords/
Huge thanks to our episode sponsor, Vanta

Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.