#286 - Intel Chat: Visual Studio Code malware, Sinkholes reversal, Chinese pen-testing & FortiSIEM zero-day
Failed to add items
Sorry, we are unable to add the item because your shopping basket is already at capacity.
Add to cart failed.
Please try again later
Add to wishlist failed.
Please try again later
Remove from wishlist failed.
Please try again later
Follow podcast failed
Unfollow podcast failed
#286 - Intel Chat: Visual Studio Code malware, Sinkholes reversal, Chinese pen-testing & FortiSIEM zero-day
-
Narrated by:
-
Written by:
About this listen
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
- North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.
- Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.
- China’s pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.
- A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet’s FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
No reviews yet