This week on The Awareness Angle, trust keeps breaking in places people expect it to hold. From exposed AI agent infrastructure and phishing malware slipping into the Chrome Web Store, to sensitive government data being uploaded to ChatGPT, the theme this week is misplaced confidence. Tools designed to help, automate, and protect are being misused, misconfigured, or trusted too far.

We start with Breach Watch, looking at claims that ShinyHunters accessed data linked to major dating platforms, and what exposure through analytics providers and contractor access really means. We then cover reports that the acting head of the US cybersecurity agency uploaded internal government documents to ChatGPT, raising uncomfortable questions about AI use at the highest levels of security leadership.

In the news, we break down Clawdbot, also known as Moltbot, an open source AI agent that promises automation but has left hundreds of exposed gateways leaking credentials, API keys, and private conversations. We look at why autonomous AI agents expand attack surfaces, how third party add ons turn convenience into risk, and why hardening these systems is not optional. We also cover phishing capable Chrome extensions bypassing store review, Google improving ransomware protection in Drive, and France fast tracking plans to ban social media for under 15s.

In Topics, we talk about exposed admin panels in AI powered toys and what happens when children’s conversations and profiles are stored behind weak controls. We also discuss phishing awareness in the real world, misleading breach headlines, fake profiles, and why simple in store warnings on gift cards can be surprisingly effective.

If you want cyber news explained with clarity, context, and zero jargon, you are in the right place.

Episode timestamps

00:00 Intro
01:11 Breach Watch, ShinyHunters dating app data claims
06:52 US cybersecurity chief uploads documents to ChatGPT
10:28 What is Clawdbot and why it matters
13:02 Hundreds of exposed Clawdbot gateways
16:18 The AI agent craze and growing security risks
19:33 Phishing malware sold as Chrome extensions
25:20 Google Drive ransomware protection improvements
30:12 France moves to ban social media for under 15s
35:21 Exposed admin panel found in AI toy
43:31 Awareness, spotting phishing and AI content
49:45 Misleading breach headlines and fake panic
51:39 Reverse image search exposing fake profiles
53:06 Gift card scam warnings in store
54:31 Covering phone cameras as a security habit
56:12 Free WIFI on Flight QR Code Prank
57:57 TikTok Argos MacBook Retail Discount Code
01:00:36 Real world phishing and family account compromise

More Information
https://riskycreative.com

Listen on the go
Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6
Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196

Follow us
LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
TikTok: https://www.tiktok.com/@infosecant
Instagram: https://www.instagram.com/riskycreative
YouTube: https://www.youtube.com/@riskycreative

If you found this useful, hit subscribe and share it with someone who cares about cyber but does not speak cyber.

Stay aware, stay secure.

🎵 Our Intro and Outro Song (© 16 by falling forever)
https://fallingforever.bandcamp.com/track/16

License: CC BY 4.0
https://creativecommons.org/licenses/by/4.0

This week on The Awareness Angle, security failures show how quickly everyday systems can tip from background noise into real world disruption. From ransomware knocking a major IT distributor offline, to schools closing after cyber attacks, and criminals selling voice phishing kits like a product, the theme this week is scale. Small failures, trusted platforms, and familiar channels being used to create outsized impact.

We start with Breach Watch, looking at the Ingram Micro ransomware attack and what it reveals about supply chain fragility when a single distributor goes dark. We then cover a breach at Grubhub caused by access to a third party support system, exposing customer, driver, and merchant data. We also look at the Minnesota Department of Human Services breach affecting nearly 304,000 people, and a UK secondary school forced to close after cyber disruption took critical systems offline.

In the news, Microsoft releases emergency out of band Windows updates after patching issues prevent systems from shutting down properly. We look at criminals openly selling ready made voice phishing kits, making vishing easier to run at scale, and a malicious Chrome extension that deliberately crashes browsers to push fake fixes in a new ClickFix variant. We also discuss the EU launching a new vulnerability database as an alternative to CVE, a phishing campaign targeting LastPass users with fake security alerts, the UK government consulting on banning social media for under 16s, and TikTok finalising a deal to split its US operations into a new joint venture.

In Topics, we talk about password hints that are completely useless, the ongoing debate around the phrase human risk, and the Action Fraud rebrand to Report Fraud, including why its sign in experience raises some uncomfortable trust questions. We also look at how AI generated content is flooding social platforms, and share practical ways to spot fake accounts and videos before they fool you.

If you want cyber news explained with clarity, context, and zero jargon, you are in the right place.

0:00 Introduction and Overview
1:25 Ingram Micro Ransomware Attack
5:38 Grubhub Third Party Breach
9:41 Minnesota Department of Human Services Data Breach
12:39 UK School Forced to Close After Cyber Attack
18:52 Microsoft Emergency Windows Updates
20:45 Voice Phishing Kits for Sale
25:25 Malicious Chrome Extension and ClickFix Variant
30:34 EU Vulnerability Database Alternative to CVE
34:19 LastPass Phishing Campaign
39:29 UK Consultation on Social Media Ban for Under 16s
45:10 TikTok Splits US Operations
48:30 Password Hints and Human Risk Discussion
53:19 Action Fraud Rebrand and Trust Issues
1:01:26 AI Generated Content and Spotting Fakes

More Information
https://riskycreative.com

Listen on the go
Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6
Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196

Follow us
LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
TikTok: https://www.tiktok.com/@infosecant
Instagram: https://www.instagram.com/riskycreative
YouTube: https://www.youtube.com/@riskycreative

If you found this useful, hit subscribe and share it with someone who cares about cyber but does not speak cyber.

Stay aware, stay secure.

🎵 Our Intro and Outro Song (© 16 by falling forever)
https://fallingforever.bandcamp.com/track/16

License: https://creativecommons.org/licenses/by/4.0