The Amazon Q AI Hack: A Wake-Up Call for Developer Tool Security

Nearly 1 million developers unknowingly downloaded malicious code—and it took 6 days before anyone noticed.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin dive into the Amazon Q AI Hack, a stark reminder of how vulnerable our software development tools truly are. From GitHub misconfigurations to supply chain breaches, we’ll explore:

How a single GitHub token compromise allowed a hacker to inject destructive AI prompts
Why popular AI tools like Copilot, Gemini, and Q are not as safe as you think
Supply chain attack lessons from SolarWinds, XZ Utils, and NotPetya
Best practices to secure your build pipelines and vet third-party developers

Watch the video: https://youtu.be/qHQ4jdZ7mwI
Listen to the podcast: https://www.chatcyberside.com/e/unmasking-the-amazon-q-ai-hack-the-hidden-dangers-in-software-development

Iranian cyberattacks are ramping up—and they’re hitting critical infrastructure, defense, and businesses. From AI-generated phishing and deepfake propaganda to wiper malware targeting ICS and backups, Iranian threat actors are evolving fast.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down the latest threats, real-world incidents, and what your organization can do to prepare.

Watch the video: https://youtu.be/vC29SaWdqG4

Listen to the podcast: https://www.chatcyberside.com/e/the-title-of-cschats_308hyzz/

Leaked and Loaded: DOGE’s API Key Crisis

One leaked API key exposed 52 private LLMs and potentially sensitive systems across SpaceX, Twitter, and even the U.S. Treasury.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down the DOGE/XAI API key leak. They share how it happened, why key management is a growing threat, and what you should do to protect your organization from similar risks.

Watch the video: https://youtu.be/Lnn225XlIc4

Listen to the podcast: https://www.chatcyberside.com/e/api-key-catastrophe-when-secrets-get-leaked/

Holiday Horror Stories: Why Hackers Love Long Weekends!

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down real-life cyberattacks that hit during holiday weekends, including the infamous Kaseya ransomware attack and the MOVEit data breach.

You’ll hear:
• Why 91% of ransomware attacks happen outside business hours
• How hackers strategically time attacks around holidays—when your staff is least prepared
• Lessons from Krispy Kreme, Target, and even the Bank of Bangladesh
• Practical takeaways to harden your defenses before the next long weekend

Watch the video: https://youtu.be/pCuYx9nPXgk
Listen to the podcast: https://www.chatcyberside.com/e/cyber-attacks-on-holiday-weekends-a-growing-threat/

Plan ahead. Patch before you relax, and test your holiday response plan. Contact us if you need help with testing, policy development, or training.

Is your organization ready for Iran’s Cyberattack Surge?

Iranian cyber operations are escalating in 2025, targeting critical infrastructure, defense contractors, and global businesses with increasingly destructive tactics. Join our Live #CybersideChats episode on July 23rd at 2pm ET, and cybersecurity experts @sherridavidoff and @MDurrin will break down:

• The latest Iranian cyber campaigns
• AI-driven hack-and-leak operations
• How to prepare and defend your organization

Register now: https://www.lmgsecurity.com/event/cyberside-chats-live-irans-cyber-surge-attacks-intensify-in-2025/

Federal Cybersecurity Rollbacks: What Got Cut—And What Still Stands

In June 2025, a quiet executive order from the White House eliminated several key cybersecurity requirements for federal systems. In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down what’s changing and why it matters for your organization.

We'll share:
Which cybersecurity rules were rolled back (and which ones remain)
What the removal of secure software attestations means for vendors
Why post-quantum encryption and the FTC Cyber Trust Mark still matter
How this moment echoes past compliance gaps like PCI
What security leaders should prioritize right now

Watch the video: https://youtu.be/GIWBHKwydMA
Listen to the podcast: https://www.chatcyberside.com/e/executive-order-shockwave-the-future-of-cybersecurity-unveiled/

Ransomware without the ransomware?

In this new episode of Cyberside Chats, @sherridavidoff and @MDurrin unpack the evolving trend of data-only extortion, where threat actors skip the encryption and go straight to blackmail.

From the rebrand of Hunters International to World Leaks, and the rise of extortion-as-a-service, this episode reveals how modern cybercriminals are getting more efficient—and more ruthless.
Watch or listen for strategies to reduce your risk!

Watch the video: https://youtu.be/eCQXhhdyC-s
Listen to the podcast: https://www.chatcyberside.com/e/the-rise-of-ransomware-less-extortion-a-new-cyber-threat/

Can Your AI Be Hacked by Email Alone?

No clicks. No downloads. Just one well-crafted email, and your Microsoft 365 Copilot could start leaking sensitive data.

In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin discuss EchoLeak, a zero-click exploit that turns your AI into an unintentional insider threat. They also reveal a real-world case from LMG Security’s pen testing team where prompt injection let attackers extract hidden system prompts and override chatbot behavior in a live environment.

We’ll also share:

• How EchoLeak exposes a new class of AI vulnerabilities
• Prompt injection attacks that fooled real corporate systems
• Security strategies every organization should adopt now
• Why AI inputs need to be treated like code

Listen to the podcast: https://www.chatcyberside.com/e/unmasking-echoleak-the-hidden-ai-threat/?token=90468a6c6732e5e2477f8eaaba565624
Watch the video: https://youtu.be/sFP25yH0sf4

What Happens When AI Goes Rogue?

From blackmail to whistleblowing to strategic deception, today's AI isn't just hallucinating — it's scheming.

In our new Cyberside Chats episode, LMG Security’s @sherridavidoff and @MDurrin share new AI developments, including:

• Scheming behavior in Apollo’s LLM experiments
• Claude Opus 4 acting as a whistleblower
• AI blackmailing users to avoid shutdown
• Strategic self-preservation and resistance to being replaced
• What this means for your data integrity, confidentiality, and availability

Watch the video: https://youtu.be/k9h2-lEf9ZM
Listen to the podcast: https://www.chatcyberside.com/e/ai-gone-rogue-from-schemes-to-whistleblowing/?token=a0a79bc031829d23746df1392fa6122a

Retail breaches are back — and they’ve evolved.

It’s not just about stolen credit cards anymore. In this new episode of Cyberside Chats, @sherridavidoff and @MDurrin dig into the latest wave of retail cyberattacks — from ransomware shutting down pharmacies to credential stuffing hitting brand loyalty programs.

We'll cover:
• Why names, emails, and access tokens are now prime targets
• How third-party SaaS tools are exposing retailers
• The #1 priority for securing customer-facing systems
• What every organization can learn from the 2013 “Retailgeddon”
• Why testing your incident response plan for downtime is a must

Watch the video: https://ow.ly/C2iQ50W6ueV
Listen to the podcast: https://ow.ly/FSnI50W6ueW

Only one week left to register for our next Cyberside Chats Live event! Join us June 11th to discuss what happens when an AI refuses to shut down—or worse, starts blackmailing users to stay online?

These aren’t science fiction scenarios. We’ll dig into two real-world incidents, including a case where OpenAI’s newest model bypassed shutdown scripts and another where Anthropic’s Claude Opus 4 generated blackmail threats in an alarming display of self-preservation.

Join us as we unpack:
What “high-agency behavior” means in cutting-edge AI
How API access can expose unpredictable and dangerous model actions
Why these findings matter now for security teams
What it all means for incident response and digital trust

Stick around for a live Q&A with LMG Security’s experts @sherridavidoff and @MDurrin. This session will challenge the way you think about AI risk!

Register today: https://www.lmgsecurity.com/event/cyberside-chats-live-june2025/

How do hackers break into your network? Find out from the pros who do it every day!

In this week’s Cyberside Chats, @tompohl, head of penetration testing at LMG Security, joins @sherridavidoff to reveal how his team gains domain admin access in over 90% of tests.

From outdated Active Directory settings to risky legacy protocols, this episode is packed with real-world insights to help you reduce your organization’s risk. We’ll share:

The hidden vulnerabilities attackers love
Tips to harden your infrastructure
What penetration testers see that most defenders miss

Watch the full episode: https://youtu.be/VEeWkVBDDP8
Prefer audio? Listen to the podcast: https://www.chatcyberside.com/e/unveiling-the-secrets-of-penetration-testing/?token=6b16f323d00f32474ccfe6a7952ec47a

What happens to your digital world when you die?

In this noteworthy episode of Cyberside Chats, “Afterlife Access: Cybersecurity Planning for When You’re Gone,” we’re tackling this question that most people overlook.

Special guest @tompohl joins @sherridavidoff to explore the privacy and cybersecurity challenges of death and incapacity—from encrypted files and password managers to social media and smart devices.

Learn practical steps for protecting your digital legacy, including how to:

Create a secure digital inventory
Set up emergency access in password managers
Choose and prepare a digital executor
Plan your online presence after death
Build policies for organizational continuity

Don’t miss this timely conversation.
Video: https://youtu.be/gkFm_FowimI
Podcast: https://www.chatcyberside.com/e/navigating-your-digital-afterlife-ensuring-access-after-youre-gone/

The hackers got hacked! In an ironic twist, LockBit, the infamous ransomware-as-a-service gang, was breached. Watch the new episode of Cyberside Chats as @sherridavidoff and @MDurrin share the details and explain what it means for cyber defenders.

We explore what was leaked, why it matters, and how this incident compares to past takedowns like Conti. You'll also get the latest insights into the 2025 ransomware landscape, from victim stats to best practices for defending your organization.

Watch or listen now and get practical takeaways to strengthen your ransomware response playbook.

Watch: https://youtu.be/xr-8GhazgME
Listen: https://www.chatcyberside.com/e/lockbits-own-medicine-when-hackers-get-hacked/?token=914ee622fe9d4797c7a87bfedd0294f0

The FBI has issued an alert about cybercriminals hijacking outdated routers to power massive proxy-for-hire networks—masking malware, fraud, and credential theft right under your nose.

Watch the full Cyberside Chats episode to hear @sherridavidoff and @MDurrin 's insights on:

The FBI’s May 2025 alert
TheMoon malware and the Faceless proxy service
What these botnets mean for your enterprise
What you need to do now to stay protected

Watch the video: https://youtu.be/x_40BlvWsHk
Listen to the podcast: https://www.chatcyberside.com/e/outdated-routers-a-hidden-threat-in-your-neighborhood/?token=b0b648ff9ddf79f7cb1099945c74f7f0

Think your network is locked down? Think again.

Register for our May 28th Cyberside Chats Live episode featuring special guest @tompohl, LMG Security’s Head of Penetration Testing, and discover the most common security gaps attackers exploit.

Tom will share how his team routinely gains domain admin access in over 90% of their engagements—and how you can stop real attackers from doing the same. He’ll break down the weak points they target, from insecure default Active Directory settings to overlooked misconfigurations—even in mature environments.

Register now: https://www.lmgsecurity.com/event/cyberside-chats-live-may-2025/

Quantum computing is poised to break some of today's popular encryption standards. Is your organization ready?

From e-commerce transactions to email security, quantum advancements threaten to upend how organizations secure information. In this episode of Cyberside Chats, Sherri Davidoff and Matt Durrin cut through the hype and explain what your organization needs to do now to prepare.

Learn:
• What encryption standards will be broken
• How post-quantum cryptography (PQC) is evolving
• Key steps to protect long-term confidential data
• How to future-proof your encryption strategy

Watch the full episode: https://youtu.be/MnhAm4f7Bqk

Listen to the podcast: https://www.chatcyberside.com/e/quantum-apocalypse-navigating-cybersecurity-in-the-quantum-era/

Red Alert: CISA’s Budget Cuts & What They Mean for Cyber Defenders

In this week’s episode of Cyberside Chats, @sherridavidoff and @MDurrin break down the real-world impact of CISA’s dramatic budget cuts—including ISAC support reductions, the near-shutdown of the CVE program and its implications, and layoffs that could weaken the front lines of U.S. cyber defense.

What does this mean for your organization? Watch this week’s episode to find out and get expert advice on what to do next.

Video: https://youtu.be/xEKVdxlCUw0
Podcast: https://www.chatcyberside.com/e/cisa-funding-cuts-what-does-it-mean-for-our-cybersecurity/

Listen now to learn how to adapt your strategy, map your dependencies, and stay resilient—even as federal support scales back.

Register for Cyberside Chats: Live! Quantum Shift: How Cybersecurity Must Evolve Now!

Quantum computing is on the horizon, and it has the potential to revolutionize the way we think about cybersecurity. Join our April 23rd live session where cybersecurity experts @sherridavidoff and @MDurrin will dive into the implications of quantum technology on encryption and data security. Learn what steps security leaders should take today to prepare for this disruptive shift.

Don’t miss out on this opportunity to ask questions and stay ahead of emerging threats. Register now!

https://www.lmgsecurity.com/event/cyberside-chats-live-april25/

Are Shadow Channels Like Signal Putting Your Organization at Risk?

Unauthorized communication platforms—aka shadow channels—are creating compliance and security nightmares for enterprise and government environments. Recent controversies involving tools like Signal and Gmail in sensitive governmental contexts underscore the extent of these risks.

In this week’s Cyberside Chats, special guest @grl_geek joins @MDurrin to break down:

What platforms like Signal offer—and their limitations in enterprise settings.
Why users bypass official channels, leading to compliance failures.
Real-world implications from recent incidents, including U.S. officials using unsecured communication tools.
The broader shadow IT landscape and why it’s a pressing issue for security leaders.

Watch the full video: https://youtu.be/XKvY5uxJwJY
Listen to the podcast: https://www.chatcyberside.com/e/unmasking-shadow-it-navigating-unauthorized-communication-tools/