This week on The Awareness Angle, trusted platforms are being abused at scale, and the damage often starts with things that look completely legitimate. From Spotify facing claims of a massive torrent based scrape to phishing emails abusing real Google services, the theme this week is misplaced trust, and how attackers keep exploiting it.

We kick off with Breach Watch, starting with claims that Anna’s Archive scraped huge volumes of Spotify audio and metadata and redistributed it via torrents. We then move to Ubisoft taking Rainbow Six Siege offline after attackers appear to gain deep backend control, triggering mass bans and in game chaos. We also cover Korean Air disclosing a passenger data exposure linked to a supplier breach, and an update on the Coupang incident where investigators recovered customer data from a laptop that had been smashed and dumped in an attempt to destroy evidence.

In What the Hack, we break down a phishing campaign abusing real Google services to send convincing emails before stealing Microsoft logins, a British security researcher who secured an Australian visa after responsibly hacking a government website, and a new ClickFix service selling fake browser glitch pages at scale. We also dig into a long running browser extension malware campaign that has quietly infected millions of users across Chrome, Edge, and Firefox, Meta’s reported internal playbook for managing scam ad scrutiny, and why Flipper Zero and Raspberry Pi devices were banned from a major public event in New York.

The wider topics look at loan scams thriving on social platforms, why scam ads keep slipping through despite reporting, and the quiet loss of one of the most important public resources for tracking AI jailbreaks in the wild.

If you want cyber news explained with clarity and zero jargon, you are in the right place.

Chapters
00:00:00 Welcome, and this week’s stories

Breach Watch
00:01:16 Spotify scrape claims and torrent distribution
00:05:25 Rainbow Six Siege hack forces Ubisoft shutdown
00:10:57 Korean Air passenger data exposed via supplier breach
00:12:59 Coupang update, smashed laptop data recovered

What the Hack
00:15:53 Google services abused for phishing Microsoft logins
00:20:47 British hacker wins Australian visa after responsible disclosure
00:23:34 ClickFix attacks sold via fake browser glitch pages
00:28:46 Browser extensions infect millions over seven years
00:34:28 NYC bans Flipper Zero and Raspberry Pi devices

Topics
00:39:02 Loan scams spreading through social platforms
00:42:10 Meta and the management of scam ad scrutiny
00:44:59 Reddit bans r slash ChatGPTJailbreak and why it matters
00:48:06 Closing thoughts

More Information
https://riskycreative.com

Listen on the go
Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6?si=1bbe58c9be6c462b
Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196

Follow us
LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
TikTok: https://www.tiktok.com/@infosecant
Instagram: https://www.instagram.com/riskycreative
YouTube: https://www.youtube.com/@riskycreative

If you found this useful, hit subscribe and share it with someone who cares about cyber but does not speak cyber.

Stay aware, stay secure.