Please enjoy our latest podcast, the weekly Security Sprint, on Spotify, Apple, as well as other locations accessible via the Spotify for Podcasters link or wherever you listen to your favorite podcasts.
During this week’s Security Sprint, Dave and Andy discussed the following topics.
Opening
- Homeland Security Funding Bill Passed, Includes Money for CISA
- Browser Extensions and Shadow AI: Unmanaged Threats to Privacy — Gate 15
- Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS’s SRMA Role for the Communications and IT Sectors — House Committee on Homeland Security
- New Cybersecurity Guide Targets Rising Threats to Food and Agriculture SMBs
- Maine Law Requires Hospitals to Enact Cybersecurity Plans
Main Topics
New FTC Data Show People Have Lost Billions to Social Media Scams – Federal Trade Commission – 23 Apr 2026 The Federal Trade Commission reported that consumers have lost billions of dollars to scams originating on social media platforms, with fraudsters leveraging impersonation, investment schemes, and romance scams to exploit user trust. The data shows that social media has become the leading channel for fraud contact, surpassing traditional methods such as phone and email. Target is consumers, social media users, financial institutions, and platform operators responsible for moderating fraudulent activity. Dig highlights the industrialization of scam operations leveraging platform reach and targeting capabilities, underscoring the need for stronger detection, user awareness, and coordinated disruption efforts across government and industry.
Take9! 9 Seconds For A Safer World. Cyber threats are everywhere. And getting sneakier. What can you do to protect yourself, your community and our nation? Take a 9-second pause and think before you click, download, share. A short pause goes a long way.
New 2026 ‘IOCTA’ highlights sophisticated tactics and emerging challenges in the digital landscape – Europol unveils comprehensive analysis of evolving cybercrime threats – Europol – 28 Apr 2026 Europol released its 2026 Internet Organised Crime Threat Assessment, warning that encryption, proxies, artificial intelligence, dark web marketplaces, cryptocurrencies, fraud ecosystems, ransomware, and child sexual exploitation are expanding the cybercrime landscape. The report says cybercriminals are using AI to scale and personalize operations while end-to-end encryption, data retention gaps, and jurisdictional barriers complicate law enforcement investigations. Target is law enforcement, cybersecurity teams, financial institutions, online service providers, and organizations exposed to cybercrime-enabled fraud and extortion. Dig highlights a widening velocity gap between criminal innovation and investigative capability, requiring stronger public-private collaboration, data access frameworks, and proactive AI-enabled defense. (Europol)
Global Encryption Coalition (GEC). The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. Gate 15 is a proud member of the GEC.
Ransomware! Weekly ransomware & data leak landscape; A seven-day view of claim activity, leak escalation, actor concentration, sector shifts, and supporting news context from eCrime.ch. — eCrime.ch — 26 Apr 2026. The eCrime weekly report provides a seven-day analysis of ransomware claim activity, data leak site postings, actor concentration, and sector targeting trends. The report highlights fluctuations in leak site volume, identifies leading ransomware groups by activity, and tracks sector-specific impacts across industries. Target is ransomware analysts, threat intelligence teams, incident response leaders, and organizations monitoring leak site exposure. Dig is that ransomware ecosystems remain highly dynamic, with rapid shifts in actor prominence and targeting that require continuous monitoring of leak sites and claim patterns to understand operational risk.
- NCC Group Monthly Threat Pulse – Review of March 2026
- Ransomware and Cyber Extortion in Q1 2026 – ReliaQuest
Presidential Message on National Hurricane Preparedness Week – The White House – 03 May 2026 This message encourages Americans in hurricane-prone areas to prepare before the season by protecting property, building emergency plans, assembling supplies, and monitoring forecasts and evacuation routes. It emphasizes local and state frontline roles while describing federal support for response and recovery. The message frames preparedness as a way to reduce damage, protect lives, and strengthen national resilience. Target is coastal communities, emergency managers, local governments, and households with Dig highlighting pre-season hurricane readiness as a core resilience action.
- Hurricane Preparedness – NOAA
- Summer forecast 2026: Heat, severe storms to shape the season as El Niño develops, strengthens – AccuWeather
- 2026 Hurricane Awareness Webinars – NOAA
Quick Hits
- Email threat landscape: Q1 2026 trends and insights — Microsoft Security Blog
- Tycoon2FA disruption impact
- QR code phishing attacks
- CAPTCHA tactics
- Malicious payloads
- Business email compromise
- Defending against email threats
- Microsoft Defender detections
- Alert – AL26-008 – Vulnerability affecting cPanel and WebHost Manager (WHM) – CVE-2026-41940 – Canadian Centre for Cyber Security
- Critrical cPanel flaw mass-exploited in “Sorry” ransomware attacks
- To recover your files kindly send 0.1 BTC to… ransom note appears on websites
- The cPanel Situation Is… –
- cPanel authentication bypass vulnerability CVE-2026-41940 exploited
- Over 40,000 Servers Compromised in Ongoing cPanel Exploitation
- Cole Allen’s journey from Caltech grad to accused gunman in D.C. attack
- Footage shows White House correspondents’ dinner suspect ‘casing’ hotel: US attorney
- Washington Hilton says it was using Secret Service protocols on night of attack
Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for Podcasters, Apple, Spotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
- Venue Security, The IAVM Podcast Series was a 2024 limited series podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosted a series of short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
- The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Bluesky, LinkedIn, via email at Gate15@gate15.global.