*[LIVE] Out of the Woods: The Threat Hunting Podcast – Guess Who Edition
November 19, 2025 | 12:00 - 1:30 PM ET
Sign Up: https://www.intel471.com/resources/podcasts/guess-who-the-adversary-edition-2
----------
Top Headlines:
Secure Annex | SleepyDuck malware invades Cursor through Open VSX: https://secureannex.com/blog/sleepyduck-malware/
Arctic Wolf | UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities: https://arcticwolf.com/resources/blog/unc6384-weaponizes-zdi-can-25373-vulnerability-to-deploy-plugx/
Unit 42 | Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild: https://unit42.paloaltonetworks.com/microsoft-cve-2025-59287/
Unit 42 | Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack:Â https://unit42.paloaltonetworks.com/new-windows-based-malware-family-airstalk/
----------
Stay in Touch!
Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/
-------- Â
41:22
--------
41:22
S3 Ep47: Common, but Deadly
*Threat Hunting Management Workshop: The Business Value of Threat Hunting
October 29, 2025 | 12:00 - 12:30 PM ET
Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting
*[LIVE] Out of the Woods: The Threat Hunting Podcast – Guess Who Edition
November 19, 2025 | 12:00 - 1:30 PM ET
Sign Up: https://www.intel471.com/resources/podcasts/guess-who-the-adversary-edition-2
----------
Top Headlines:
Koi | GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace: https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace
Cisco Talos Blog | BeaverTail and OtterCookie Evolve with a New Javascript Module: https://blog.talosintelligence.com/beavertail-and-ottercookie/
Synacktiv | LinkPro: eBPF Rootkit Analysis: https://www.synacktiv.com/en/publications/linkpro-ebpf-rootkit-analysis
BleepingComputer | American Airlines Subsidiary Envoy Confirms Oracle Data Theft Attack: https://www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/?&web_view=true
----------
Stay in Touch!
Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/
-------- Â
1:01:56
--------
1:01:56
S3 Ep46: Here We Go Again...
*Threat Hunting Management Workshop: The Business Value of Threat Hunting
October 29, 2025 | 12:00 - 12:30 PM ET
Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting
----------
Top Headlines:
Cisco Talos | Velociraptor Leveraged in Ransomware Attacks: https://blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
GBHackers Security | Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware: https://gbhackers.com/info-stealer-malware/?web_view=true
FortiGuard Labs | New Stealit Campaign Abuses Node.js Single Executable Application: https://www.fortinet.com/blog/threat-research/stealit-campaign-abuses-nodejs-single-executable-application
eSecurity Planet | AI Chatbots Used as Backdoors in New Cyberattacks: https://www.esecurityplanet.com/news/ai-exploited-prompt-injection/?&web_view=true
----------
Stay in Touch!
Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/
-------- Â
41:14
--------
41:14
S3 Ep45: Think, McFly, Think
*Threat Hunting Management Workshop: The Business Value of Threat Hunting
October 29, 2025 | 12:00 - 12:30 PM ET
Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-management-workshop-the-business-value-of-threat-hunting
----------
Top Headlines:
LastPass | Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware: https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages
Cisco Talos BlogCisco Talos Blog | How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/?&web_view=true
Trend MicroTrend Micro | AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks: https://www.trendmicro.com/en_us/research/25/i/ai-powered-app-exposes-user-data.html?&web_view=true
SentinelOne | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware: https://www.sentinelone.com/labs/prompts-as-code-embedded-keys-the-hunt-for-llm-enabled-malware/
----------
Stay in Touch!
Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/
-------- Â
42:00
--------
42:00
S3 Ep44: If You Build It... Backdoors Will Open
Top Headlines:
LastPass Labs | Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware: https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages
Cisco Talos Blog | How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/?&web_view=true
SentinelOne | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware: https://www.sentinelone.com/labs/prompts-as-code-embedded-keys-the-hunt-for-llm-enabled-malware/
Trend MicroTrend Micro | AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks: https://www.trendmicro.com/en_us/research/25/i/ai-powered-app-exposes-user-data.html?&web_view=true
----------
Stay in Touch!
Twitter: https://twitter.com/Intel471Inc
LinkedIn: https://www.linkedin.com/company/intel-471/
YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
Discord: https://discord.gg/DR4mcW4zBr
Facebook: https://www.facebook.com/Intel471Inc/
About Out of the Woods: The Threat Hunting Podcast
Intel 471's podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world!
Join a rag-tag bunch of threat hunters as they come out of the woods to explore some of the most burning issues related to cyber security. The Out of the Woods podcast is a casual talk covering the topics of threat hunting, security research, and threat intelligence, and some ranting and raving along the way, all over a cocktail or two!
The Out of the Woods cyber security podcast is filmed in front of a live studio audience, and by that we mean YOU! We're inviting folks to join us once a month for a LIVE evening of great technical discussions, where you can ask questions and give your opinion in real time on a variety of discussions about threat hunting, security research, blue teaming, and wherever else the evening takes us!
New Zealand